Privacy & Terms

We respect user privacy and comply with all applicable data‐protection laws (e.g. GDPR in the EU/UK, CCPA in California) when handling personal data. Personal data is defined broadly as any information related to an identified or identifiable person. For example, GDPR explicitly cites names, addresses and phone numbers as personal data. Consequently, our service only collects the minimal information needed for each function (the principle of data minimisation). In a restaurant-order bot scenario we may collect a customer's name, address, and phone number; in a clinic appointment bot we would also collect age and insurance details (the latter being health-related "sensitive" data); and in an e-commerce support bot we might additionally collect order numbers or purchase details. We collect these details only as required to perform the service (e.g. to book a table, schedule an appointment, or process an order) and we do not harvest or store any data outside the scope of providing the service.

Data Minimisation

We follow GDPR's mandate that data be "adequate, relevant and limited to what is necessary" for the purpose. We do not keep unnecessary fields just in case. For instance, if a clinic partner requires your insurance to book an appointment, we collect it; if not, we do not request it.

Use and Sharing

We use personal data only to provide the service and (when requested) to share with our client companies (e.g. the restaurant, clinic, or retailer). We do not sell user data. Any sharing with third parties is strictly on an as-needed basis. Our contracts with service providers (e.g. OpenAI for language processing, DeepGram for transcription, Twilio for SMS, Calendly for scheduling, or Google Sheets for data logging) specify that those providers act only as processors under our instruction. For example, DeepGram's privacy policy notes that customer data is processed only on the controller's instructions. Likewise, Twilio states it uses binding corporate rules to protect data "regardless of [its] origin or destination". We recommend users also review the privacy terms of these providers, as they each maintain robust security and confidentiality measures.

Data Retention

We retain personal data only as long as needed for the service. In accordance with GDPR's "storage limitation" principle, we keep data no longer than necessary. For example, if you place a restaurant order, we hold your details to communicate with the restaurant and, if authorized, for possible future re-orders; once your order is complete (or after any retention period set by the restaurant), we delete or anonymize the data. Similarly, booking or appointment data is deleted after the appointment or as required by the client company.

Security

We implement appropriate technical and organizational safeguards to protect data. Under GDPR Article 32, a controller must apply "appropriate technical and organisational measures to ensure a level of security appropriate to the risk". We follow this by using industry-standard encryption for data in transit and at rest, access controls, secure servers, regular security audits, and staff training. Only authorized personnel and contracted processors can access personal data, and we train them to handle data confidentially.

User Rights

We honor user rights under all applicable laws. Under EU/UK GDPR, individuals have rights to access their data, receive information about how it is used, correct errors, erase data ("right to be forgotten"), restrict or object to processing, and obtain a copy of their data (data portability). Under the UK GDPR and Data Protection Act, the same rights apply. Under the California Privacy Rights Act (CPRA, amending CCPA), Californians additionally have rights to know what categories of personal information we collect and why, to delete their information, to correct inaccuracies, to opt out of any sale/sharing of their data, and to limit use of sensitive information. We will respond promptly to any verified request to exercise these rights (e.g. providing or deleting your data) as required by law. We will also give notice of any privacy practices at the time of data collection, and we will not discriminate against you for exercising your rights.

Global Compliance

Because we operate internationally (US, UK, EU), our policy is written as a global privacy policy covering all jurisdictions. It includes our lawful basis for processing, the types of personal data collected, purposes of processing, sharing practices, security measures, and user rights in clear language. We comply with GDPR (EU/UK), CCPA/CPRA (California), and any other relevant regional laws. For California residents, note that their rights under CCPA supplement the above. For EU/UK residents, GDPR grants extensive protections (personal data must be processed transparently, for a specific purpose, and with security safeguards). We are not formally licensed or regulated as a medical or legal entity, so if our service is used in a healthcare or legal context, we will make clear we do not provide professional advice (see Terms below).

Children's Privacy

We do not knowingly collect personal data from children under 16 (or any higher age threshold required by local law). If a minor uses our service, it must be with parental consent. Any discovered children's data will be deleted if not legally permitted.

Contact and Updates

We may update this Privacy Policy as laws or our practices change. All changes will be posted here with an updated date. For any privacy questions or to exercise your rights, please contact us at xyntra.ai@gmail.com. We are committed to safeguarding your privacy and resolving any concerns promptly.

By using our service (website, app, or chatbot), you agree to these Terms of Service. These terms constitute a legally binding agreement between you and us. If you do not agree, please do not use the service. These terms may be updated from time to time; continued use after changes indicates acceptance.

1. Service Use

We grant you a limited, non-exclusive, non-transferable license to use our services for their intended purpose. You must be at least the legal age in your jurisdiction to use the service. You agree to use the service only in compliance with all laws and these terms. You will not (a) impersonate others or provide false information, (b) harass, threaten, or harm other users, or (c) misuse the service (for example, by attempting to gain unauthorized access, disrupting the service, or violating third-party rights). You understand that our service provides automated assistance (for orders, appointments, support, etc.) and is not a human agent.

2. Content and Ownership

All content and software provided on this service (text, code, designs, trademarks, images, etc.) are owned by us or our licensors and are protected by intellectual property laws. You may not copy, reproduce, distribute, modify, create derivative works, or publicly display our content without our express permission. Any content you submit (e.g. name, address, questions) remains your information, but you grant us a worldwide license to use that content for providing the service and improving our systems. If you contribute user-generated content (e.g. feedback), you grant us a non-exclusive, royalty-free, perpetual license to use it.

3. No Professional Advice

If the service is used for healthcare or legal support, it is provided only for informational or facilitation purposes. We are not doctors, lawyers, or licensed professionals. Any information or recommendations are not substitutes for professional advice. For example, our Terms will clarify that "the service is general in nature and not intended to be a substitute for professional medical or legal advice" and that reliance on the service's information is "solely at your own risk". Always consult qualified professionals for personalized advice.

4. Third-Party Services

The service may rely on third-party providers (e.g. OpenAI, DeepGram, Twilio, Calendly). Your use of our service may involve their products. Those providers have their own terms and privacy policies; by using the service, you acknowledge they process your data on our behalf. We assume no responsibility for the content or policies of these third parties beyond our contractual obligations.

5. Disclaimers and Limitation of Liability

Except where prohibited by law, the service is provided "as is" without any warranties, either express or implied. We do not guarantee that the service will be uninterrupted, error-free, or secure. We expressly disclaim any warranty of accuracy or fitness for a particular purpose. For example, legal advice sources recommend stating clearly that the service is provided "as is" and no guarantees are made. To the maximum extent permitted by law, we will not be liable for any indirect, incidental, special or consequential damages, lost profits, or loss of data arising from your use of the service. Our total liability (if any) for direct damages is limited to the amount you have paid us (if applicable) or USD $100, whichever is greater. In California and other jurisdictions, these disclaimers and liability limits will not apply to the extent they conflict with mandatory consumer protection laws.

6. User Indemnification

You agree to defend, indemnify, and hold us harmless from any claims, damages or expenses (including reasonable attorneys' fees) arising from your violation of these Terms or any third-party rights.

7. Governing Law and Dispute Resolution

These Terms are governed by the laws of the jurisdiction where our company is established (or, if we have no formal domicile, by a neutral law such as English law). We recommend including a clear governing law clause. Any disputes arising under these Terms will be resolved by negotiation or, if necessary, in the courts or arbitration of the agreed jurisdiction. For example, experts advise specifying a dispute process and jurisdiction in the Terms.

8. Termination

We may suspend or terminate your access if you breach these Terms or engage in misconduct. You may also stop using the service at any time. Termination will not limit any rights or obligations that accrued prior to termination.

9. Changes to Terms

We reserve the right to modify these Terms. We will notify you of significant changes (e.g. via email or a notice on the site) at least 30 days before they take effect. Continued use of the service after changes signifies your acceptance of the new Terms.