Privacy Policy

Effective Date: April 25, 2026

1. Introduction

We value the privacy and security of our users. This Privacy Policy outlines how Ruzaani ("we," "us," or "our") collects, uses, and protects your information when you use our website, platform, AI business intelligence tools, and related services (collectively, the "Services").

Data Controllers and Processors

In relation to personal data collected via our services, our clients (the businesses and agencies using Ruzaani) act as the data controllers, while Ruzaani acts as the data processor. We process personal data on behalf of our clients in accordance with their instructions.

Legal Basis for Processing

We process personal data based on the following legal grounds:

• Consent: When users provide explicit consent to share their data.
• Contract: To perform services as agreed upon with our clients.
• Legitimate Interest: For our legitimate business interests in improving our services, personalizing user experience, and ensuring compliance with applicable regulations.

If you have any questions or concerns regarding our privacy practices, or if you wish to exercise your rights regarding your personal data, please do not hesitate to contact us using the information provided in Section 12. We are committed to protecting your privacy and ensuring that your experience with our services is secure and transparent.

2. Information Collection

When you interact with our services, we may collect certain types of information to enhance your experience. The information collected includes the following:

• Client Data: Account information, billing details, API keys, and webhook configurations.
• End-User Data (via Integrations): Messages, chat logs, metadata, and sender information from connected platforms like Meta (WhatsApp, Instagram DMs, Messenger), Telegram, and Email.
• End-User Data (via Web Tracker): Behavioral data (pages viewed, custom events), device information (IP address, browser type), and identifiers (click IDs, persistent anonymous browser fingerprints) to facilitate Identity Stitching.
• Cookies and Tracking Technologies: Our website and Web Tracker use cookies and tracking technologies to analyze traffic and correlate browsing sessions. Clients must ensure they obtain necessary end-user consent before deploying the tracker.

3. Use of Information

The information we collect is used for various purposes aimed at improving the quality of our services:

• Providing the Services: Operating our AI agents, CRM, and dashboard.
• AI Processing & Intelligence: Using AI models to score leads, optimize ad ROI, and personalize interactions. (Note: We do not use proprietary customer data to train our foundational models).
• Identity Stitching: Correlating disparate browsing sessions into a single "Golden Record" for each contact.
• Service Improvement: Analyzing data to refine chatbot performance, troubleshoot, and enhance our platform.

4. Data Sharing and Disclosure

We do not sell, rent, or trade personal data. We may share information in the following circumstances:

• Service Providers: With trusted third-party providers who assist us (e.g., hosting, databases, AI models). These sub-processors are contractually obligated to safeguard data and use it solely for providing services to us.
• Integrated Platforms: To facilitate messaging and bookings through the APIs of platforms you connect.
• Legal Compliance: If required by law or to protect rights and safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, data may be transferred to the acquiring entity.

5. Data Security

We implement technical and organizational measures to protect data from unauthorized access, loss, or misuse:

• Encryption: Secure transmission and encryption of sensitive tokens.
• Secure Servers: Data is stored with restricted access and firewall protection.
• Access Controls: Multi-tenant architecture and strict internal access protocols.

Data Breach Procedures: In the event of a security breach compromising personal data, we will notify affected Clients within 72 hours so they can take appropriate action and notify their end-users.

6. User Rights and Choices

As a user or data subject, you have certain rights regarding the information we collect:

• Access to Your Data: You may request access to the personal data we hold about you.
• Correction of Your Data: You may request correction of inaccurate data.
• Deletion of Your Data: You have the right to request the deletion of your personal data.
• Opting Out: You can opt out of certain data collection activities by adjusting your browser settings.
• Data Portability: You may request a copy of your personal data in a structured format.

Note: If you are an end-user of one of our Clients, please direct your privacy requests directly to the Client (the data controller).

7. Retention of Data

We retain personal data only for as long as necessary:

• Account Data: Retained as long as your account is active.
• Conversation and Behavioral Data: Retained as long as necessary to provide the Services and improve AI performance, subject to your configuration and deletion requests.

8. International Transfers

Our systems are deployed on global infrastructure. Your personal data may be transferred to, stored, and processed in countries other than the country in which it was collected. In such cases, we ensure that adequate safeguards are in place (such as Standard Contractual Clauses or Data Processing Agreements) to protect your information.

9. Third-Party Services

Our services integrate with third-party platforms that have their own privacy policies. We encourage you to review them:

• AI Platforms: OpenAI, Google (Gemini), Anthropic.
• Social Media Integrations: Meta (Facebook, Instagram, WhatsApp), Telegram.

10. Children's Privacy

Our Services are not intended for children under the age of 13, and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected such information, we will take appropriate steps to delete it.

If you believe that a child has provided us with personal data, please contact us immediately using the information provided in Section 12, and we will take appropriate steps to delete such data from our records.

11. Changes to the Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page. The updated policy becomes valid and effective immediately upon its publication.

12. Legal Entity & Contact Information

"Ruzaani" is a commercial brand and service operated by Fernando Alberto Ocampo Romay. For the purposes of data protection compliance, Fernando Alberto Ocampo Romay is the legally responsible entity providing the Ruzaani platform.

If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or to exercise your privacy rights, please contact us at:

Responsible Entity: Fernando Alberto Ocampo Romay
Email: [email protected]