At ZiaFlows, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered automation platform and services. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site or use our services.
Information We Collect
Personal Information
We collect information that you provide directly to us, including:
Account Information: Name, email address, phone number, business name, and practice details
Payment Information: Billing address and payment method details (processed securely through third-party payment processors)
Business Data: Information about your practice, services, pricing, and business hours
Communication Data: Messages, feedback, and support requests you send to us
Customer Data
When you use our AI agents, we process data on your behalf, including:
Lead Information: Names, contact details, and service inquiries from your website visitors
Appointment Data: Scheduling information and appointment reminders
Conversation Data: Chat transcripts between AI agents and your customers
Review Data: Customer feedback and review responses
Automatically Collected Information
Usage Data: How you interact with our platform, features used, and performance metrics
Device Information: Browser type, IP address, operating system, and device identifiers
Cookies: We use cookies and similar technologies to enhance your experience
How We Use Your Information
We use the information we collect to:
Provide, operate, and maintain our AI automation services
Process your transactions and manage your account
Send you technical notices, updates, and support messages
Respond to your comments, questions, and customer service requests
Improve and optimize our AI agents and platform features
Monitor and analyze usage patterns and trends
Detect, prevent, and address technical issues and security threats
Comply with legal obligations and enforce our terms
Send you marketing communications (with your consent)
HIPAA Compliance
For healthcare practices, ZiaFlows is designed to be HIPAA compliant:
We execute Business Associate Agreements (BAAs) with healthcare customers
Protected Health Information (PHI) is encrypted in transit and at rest
Access to PHI is strictly controlled and logged
Our systems undergo regular security audits and assessments
Staff receive HIPAA training and sign confidentiality agreements
We maintain comprehensive incident response procedures
Data Security
We implement industry-standard security measures to protect your information:
Encryption: All data is encrypted using TLS 1.3 in transit and AES-256 at rest
Access Controls: Role-based access with multi-factor authentication
Infrastructure: Hosted on secure, SOC 2 compliant cloud infrastructure
Monitoring: 24/7 security monitoring and intrusion detection
Regular Audits: Third-party security assessments and penetration testing
Data Backups: Regular encrypted backups with disaster recovery procedures
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.
How We Share Your Information
We do not sell your personal information. We may share your information in the following circumstances:
Service Providers
We work with third-party service providers who perform services on our behalf:
Cloud hosting providers (AWS, Google Cloud)
Payment processors (Stripe)
Email service providers (Resend)
AI/ML providers (OpenAI, Anthropic)
Analytics services
These providers are contractually obligated to protect your data and use it only for the services they provide to us.
Legal Requirements
We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.
Business Transfers
If ZiaFlows is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
Data Retention
We retain your information for as long as necessary to:
Provide our services to you
Comply with legal obligations
Resolve disputes and enforce our agreements
Maintain business records
When you close your account, we will delete or anonymize your personal information within 90 days, unless we are required to retain it for legal or regulatory purposes.
Your Privacy Rights
Depending on your location, you may have the following rights:
Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information
Portability: Request transfer of your data to another service
Opt-Out: Unsubscribe from marketing communications
Restrict Processing: Request limitation on how we use your data
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.
International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes.
Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us: