Logo

Privacy Policy

Last updated: October 6, 2025

1) Who we are & scope

This Privacy Policy explains how Rules of AI (“we”, “us”, “our”) collects, uses, and protects information when you use our platform and services — including the Rules Engine, The A.R.K., MailPilot, VoiceUp, our websites, and any related apps, integrations, or advisory services (collectively, the “Services”).

2) Information we collect

  • Account & contact data. Name, email, company, role, phone, and authentication credentials.
  • Billing. Plan selections, invoices, and transaction metadata processed via third-party payment providers (we do not store full card numbers).
  • Service usage. Log data (IP, device, browser), event telemetry, and diagnostics to maintain security and reliability.
  • Customer Data you provide or connect. Emails, files, messages, prompts, call audio and transcripts, calendar items, knowledge base content, and integration data ingested into The A.R.K., MailPilot, VoiceUp, or automations you configure.
  • Support & feedback. Content you send to our support channels, forms, or user research.
  • Cookies & similar tech. To keep you signed in, remember preferences, measure usage, and improve experiences. See “Cookies” below.

3) How we use information

  • Provide, operate, secure, and improve the Services.
  • Run automations you configure in the Rules Engine and products (e.g., email routing, knowledge queries, voice handling).
  • Personalize experiences and recommend features.
  • Communicate about service updates, security alerts, and administrative messages.
  • Comply with law, prevent fraud/abuse, and protect our users and platform.

4) AI processing

  • Our Services may use third-party AI models and APIs to analyze provided content (for example, summarizing calls, routing emails, or answering questions over your knowledge).
  • Outputs can be probabilistic and may contain errors; use human review for high-stakes decisions.
  • Unless we agree otherwise in writing, we do not use your Customer Data to train foundation models for unrelated customers.
  • We may use de-identified, aggregated telemetry to improve safety, accuracy, and performance.

5) Product-specific notes

  • The A.R.K. Ingests knowledge from connected sources you authorize. Access is role-based; you control which team members can view which sources.
  • MailPilot. Processes email headers, bodies, and attachments to classify, extract, and take actions you define (e.g., route, reply template, escalate, tag).
  • VoiceUp. May record and transcribe calls where legally permissible and configured by you. Obtain any required consents for call recording and analytics in your jurisdiction.
  • Rules Engine. Executes instructions you define; logs may include inputs, outputs, and actions for auditability and troubleshooting.

6) How we share information

We share information only as needed to provide the Services, comply with law, or with your direction:

  • Vendors & subprocessors. Trusted providers for hosting, compute, email/voice, storage, analytics, payments, and support.
  • Integrations you enable. If you connect third-party tools (e.g., email, calendars, storage, CRM), we exchange data as instructed by you and subject to each provider’s terms.
  • Legal & safety. To comply with applicable laws or lawful requests, enforce terms, or protect rights, security, and safety.
  • Business transfers. In connection with mergers, financing, acquisitions, or similar events, subject to appropriate safeguards.

We do not sell personal information.

7) Security

We apply administrative, technical, and physical safeguards appropriate to the nature of the data we process. No method of transmission or storage is 100% secure; you should implement appropriate security within your own systems and integrations.

8) Data retention

We retain information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. You can request export or deletion of Customer Data, subject to legal or contractual restrictions and technical feasibility.

9) International transfers

We operate in Canada and may process data in other countries where we or our providers have operations. When transferring data internationally, we use appropriate safeguards consistent with applicable law.

10) Your choices & rights

  • Access & correction. Request a copy of your personal information or ask us to correct inaccuracies.
  • Deletion. Request deletion of personal information, subject to legal obligations and our need to maintain the platform’s integrity and security.
  • Consent. Where we rely on consent, you may withdraw it at any time; this does not affect prior processing.
  • Marketing. You can opt out of non-essential emails using the unsubscribe link or by contacting us.

Depending on where you live (e.g., Canada’s PIPEDA and provincial privacy laws), you may have additional rights. We will honor applicable legal rights requests after verifying identity.

11) Cookies & similar technologies

We use cookies, local storage, and similar technologies to:

  • Authenticate sessions and keep you signed in,
  • Remember preferences,
  • Measure performance and improve features,
  • Support diagnostics and security.

You can control cookies through your browser settings. Blocking essential cookies may limit functionality.

12) Children’s privacy

Our Services are not directed to children and we do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us to request deletion.

13) Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email. Your continued use after changes take effect indicates acceptance of the updated policy.

14) Contact us

Rules of AI — 167 Lombard Ave, Winnipeg, MB R3B 0V3, Canada • info@aiofrules.com • +1 (888) 276-2525 • +1 (204) 977-0181