Last Updated: June 5, 2025

1. Scope and Applicability

This Policy applies to all data that N,AI Works processes in the course of providing lead reactivation services to business clients in the United States. The data pertains to individual leads submitted by our clients and is processed solely for the purpose of re-engagement via automated communication workflows.

This Policy does not apply to information collected directly by client businesses from their own customers. Our clients remain responsible for ensuring that they have obtained all necessary rights, permissions, and lawful bases to share such data with us.

2. Information We Process

We act as as data processors on behalf of our clients. The categories of information we may process include, but are not limited to: full names, mobile phone numbers, interaction history or lead notes, appointment status or engagement metadata, any other information voluntarily

supplied by the client in connection with a lead record

We do not collect data directly from end users, nor do we knowingly process sensitive personal information such as Social Security numbers, financial account details, or medical records.

3. Use of Information

We use client-provided data exclusively to: Initiate SMS-based lead reactivation workflows, personalize automated communications via AI, schedule or manage appointment requests on behalf of our clients, log engagement data for client performance tracking

We do not sell, rent, or license any data to third parties. All data processing activities are limited to the scope of service provision as agreed with our clients.

4. Legal Basis for Processing

To the extent applicable, we process personal information in accordance with U.S. federal and state privacy laws, including the California Consumer Privacy Act (CCPA), and act as a service provider as defined therein. We rely on our clients to establish a lawful basis for providing us with lead data and for initiating communications through our system.

5. Third-Party Service Providers

We utilize third-party platforms and subprocessors to deliver our services. These may include:

Twilio Inc. – for SMS communication services

GoHighLevel – for CRM-based lead and appointment management

Supabase – for cloud database and vector storage

N8N – for workflow automation

These service providers may have access to personal data only to the extent necessary for performing their contracted functions. We ensure that such third parties are contractually bound to maintain confidentiality and implement appropriate data protection measures.

6. Data Subject Rights and Opt-Out

End users (i.e., the leads contacted via SMS) have the right to: Opt out of receiving further text messages by replying with “STOP” or other standard keywords recognized by our systems

At this time, we do not maintain direct channels for lead data access, correction, or deletion requests. All such inquiries should be directed to the originating client who submitted the data.

7. Data Retention and Security

Data processed on behalf of clients is retained only for as long as necessary to fulfill the purpose for which it was provided, or as otherwise directed by the client.

We employ reasonable technical and organizational safeguards provided through our subprocessors (e.g., encryption at rest, role-based access control, secure HTTPS transmission). However, no system can guarantee absolute security.

8. Data Transfers and Storage

All data processed by N.AI Works is stored and transmitted through infrastructure located within the United States unless otherwise noted by our subprocessors’ policies.

9. Changes to This Policy

We reserve the right to update or amend this Privacy Policy at any time to reflect changes in our practices or applicable law. Updates will be posted to our website with a revised “Last Updated” date. Your continued use of our services after such changes constitutes acceptance.