AYYES, LLC — GLOBAL PRIVACY POLICY
Effective Date: January 2026
Last Updated: January 2026
1. Introduction
This Privacy Policy describes how AYYES, LLC (“AYYES,” “we,” “us,” or “our”) collects, uses, discloses, transfers, and protects Personal Data when individuals access or use our websites, SaaS platforms, applications, software, APIs, and related services (collectively, the “Services”).
This Policy applies globally, including users located in the United States, European Union, United Kingdom, Canada, Brazil, APAC, LATAM, and any other jurisdiction in which AYYES operates.
Where required by law, AYYES provides jurisdiction‑specific rights, notices, and mechanisms for consent, opt‑out, and data subject requests.
2. Scope of This Policy
This Policy applies to:
- Website visitors
- Account holders
- SaaS platform users
- Mobile app users
- API users
- Business customers and their authorized users
- Prospective customers
- Advertising audiences
- Individuals interacting with AYYES support or sales teams
This Policy does not apply to:
- Third‑party websites or services not controlled by AYYES
- Customer‑controlled data where AYYES acts solely as a Processor under a Data Processing Agreement (DPA)
3. Definitions
“Personal Data” means any information relating to an identified or identifiable individual.
“Processing” means any operation performed on Personal Data.
“Controller” means the entity determining the purposes and means of Processing.
“Processor” means the entity processing Personal Data on behalf of a Controller.
“Sensitive Personal Data” includes data defined as sensitive under GDPR, CPRA, TDPSA, LGPD, and other global laws.
“Sale” or “Share” refers to disclosures for cross‑context behavioral advertising or monetary/other valuable consideration, as defined under CPRA and TDPSA.
4. Categories of Personal Data We Collect
AYYES collects all categories of data listed below, depending on your interactions with the Services:
4.1 Account & Identity Information
- Name
- Email address
- Phone number
- Username and credentials
- Business information
4.2 Billing & Financial Information
- Payment method details (processed by Stripe, PayPal, or other PCI‑compliant processors)
- Subscription information
- Transaction history
4.3 Usage & Interaction Data
- Log files
- Clickstream data
- Session activity
- Feature usage metrics
- API usage
4.4 Device & Technical Data
- IP address
- Browser type
- Device identifiers
- Operating system
- Network information
- Error logs
4.5 Cookies & Tracking Technologies
- Analytics
- Advertising identifiers
- Cross‑site tracking
- Behavioral advertising data
4.6 Uploaded Content & Files
- Documents, images, data, or content uploaded by users
- Metadata associated with uploaded content
4.7 Communications
- Support tickets
- Chat transcripts
- Email correspondence
4.8 Location Data
- Approximate geolocation
- Region or country inferred from IP
4.9 AI/ML Processing Data
- Inputs submitted to AI features
- Outputs generated
- Telemetry used for model improvement
- Data processed by internal and third‑party AI systems (OpenAI, Azure AI, etc.)
4.10 Employee Monitoring Data (If Applicable)
For customers using monitoring features:
- Screenshots
- Activity logs
- Application usage
- Productivity metrics
4.11 Sensitive Personal Data
Collected only where required or voluntarily provided:
- Government identifiers (for identity verification)
- Health‑related data (if provided in communications)
- Biometric identifiers (if used for authentication)
5. How We Collect Personal Data
AYYES collects data through:
- Direct user submissions
- Account creation
- SaaS platform usage
- Cookies and tracking technologies
- API interactions
- Customer support
- Third‑party integrations
- Advertising partners
- AI/ML systems
- Sub‑processors
6. Purposes of Processing
AYYES processes Personal Data for the following purposes:
6.1 Service Delivery & Account Management
- Provide, maintain, and improve the Services
- Authenticate users
- Manage subscriptions and billing
6.2 Platform Operations
- Monitor system performance
- Detect and prevent fraud
- Ensure security and integrity
6.3 Analytics & Product Improvement
- Analyze usage patterns
- Develop new features
- Optimize performance
6.4 Advertising & Marketing
- Deliver personalized ads
- Conduct retargeting
- Measure campaign performance
- Build advertising audiences
AYYES sells/shares Personal Data for cross‑context behavioral advertising where permitted by law.
6.5 AI/ML Processing
- Provide AI‑powered features
- Improve model accuracy
- Detect anomalies
- Support automated decision‑making
6.6 Legal & Compliance
- Comply with laws
- Respond to lawful requests
- Enforce Terms of Service
7. Legal Bases for Processing (GDPR/UK GDPR)
AYYES relies on:
- Consent — analytics, advertising, AI/ML processing
- Contractual Necessity — account creation, service delivery
- Legitimate Interests — security, fraud prevention, product improvement
- Legal Obligation — compliance, recordkeeping
- Public Interest — where applicable
8. Sale/Sharing of Personal Data (CPRA, TDPSA, Global Laws)
AYYES engages in:
- Sharing with advertising partners
- Cross‑context behavioral advertising
- Data disclosures to third‑party networks
Users may opt out at any time via:
- “Do Not Sell or Share My Personal Information” link
- Global Privacy Control (GPC) signals
- Universal opt‑out mechanisms (Colorado CPA)
9. Automated Decision‑Making & AI Disclosures
AYYES uses automated systems for:
- Fraud detection
- Personalization
- Productivity scoring (if monitoring features are used)
- AI‑generated outputs
- Model optimization
Where required, users may request:
- Human review
- Explanation of logic
- Correction of inaccurate data
- Opt‑out of certain automated processing
10. How We Share Personal Data
AYYES shares Personal Data with:
10.1 Sub‑Processors
Including but not limited to:
- AWS / Azure / GCP / Wasabi
- Cloudflare
- Stripe / PayPal
- Twilio
- SendGrid
- Google Analytics / Google Ads
- OpenAI / Azure AI
10.2 Advertising Partners
- Meta
- TikTok
- Other ad networks
10.3 Business Partners
For integrations, APIs, and enterprise deployments.
10.4 Legal & Compliance
- Law enforcement
- Regulators
- Courts
10.5 Corporate Transactions
- Mergers
- Acquisitions
- Asset transfers
11. International Data Transfers
AYYES transfers data globally, including to:
- United States
- EU/EEA
- United Kingdom
- Canada
- Brazil
- APAC
- LATAM
Transfers rely on:
- EU Standard Contractual Clauses (SCCs)
- UK IDTA / Addendum
- Adequacy decisions
- Contractual safeguards
12. Data Retention
AYYES retains Personal Data based on:
- Legal requirements
- Contractual obligations
- Business needs
- Model training cycles (for AI/ML data)
Typical retention periods:
- Account data: duration of account + 3 years
- Analytics: 1–24 months
- Advertising data: 1–24 months
- AI/ML telemetry: 1–36 months
- Monitoring data: configurable by customer
13. Your Rights
Depending on your jurisdiction, you may have rights to:
- Access
- Correction
- Deletion
- Portability
- Restrict processing
- Object to processing
- Opt‑out of sale/share
- Opt‑out of targeted advertising
- Opt‑out of automated decision‑making
- Withdraw consent
AYYES honors:
- GPC signals
- Universal opt‑out mechanisms
- EU/UK GDPR rights
- CPRA rights
- TDPSA rights
- LGPD rights
- PIPEDA rights
Requests may be submitted to: [email protected]
14. Children’s Privacy
AYYES does not knowingly collect data from children under:
- 16 (EU/UK)
- 13 (U.S.)
If discovered, data will be deleted promptly.
15. Security Measures
AYYES implements:
- Encryption in transit and at rest
- Access controls
- Network security
- Monitoring and logging
- Incident response procedures
- Regular audits
No system is completely secure, but AYYES maintains industry‑standard safeguards.
16. Changes to This Privacy Policy
AYYES may update this Policy to reflect:
- Legal changes
- Operational changes
- Technological changes
- New features or integrations
Updates will be posted with a revised “Last Updated” date.
17. Contact Information
AYYES, LLC
Legal & Compliance Department
Spring, Texas, USA
Email: privacy @ ayyes.com