PRIVACY POLICY

Last updated: November 2025

1. Overview

Politek LLC d/b/a RedVoice AI (“Politek,” “RedVoice AI,” “we,” “us,” or “our”) respects your privacy and is committed to protecting it through this Privacy Policy.

This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our websites and applications at redvoice.ai, demo.redvoice.ai, sales.redvoice.ai, growscale.win, or any related subdomains, portals, or services (collectively, the “Platform”).

The Platform includes web pages, hosted demos, HighLevel pages, Replit-hosted apps, and voice/telephony services such as inbound and outbound calls, call recordings, transcripts, and AI-powered analytics.

By using the Platform, you agree to this Privacy Policy and our Terms of Service. If you do not agree, do not access or use the Platform.

We may update this Privacy Policy periodically. The date at the top reflects the latest revision. Your continued use of the Platform after an update constitutes acceptance of the revised Policy.

2. The Information We Collect

We collect both Personal Information (data that identifies or relates to an identifiable individual) and Non-Personal Information (aggregated or de-identified data that cannot reasonably identify you).

A. Information You Provide Directly

- Identifiers: name, email, phone number, address, job title, organization, account credentials, or similar details.

- Communications: messages, inquiries, survey responses, or other correspondence.

- Payment and account data: if you purchase or subscribe, we collect billing and transaction details through secure processors.

- Support or demo interactions: information you voluntarily provide when scheduling demos, using chat features, or speaking with our AI or staff.

B. Information Collected Automatically

When you use the Platform, we may automatically collect:

- Device and browser information, IP address, operating system, and access times.

- Cookies, pixels, SDKs, and similar technologies for authentication, analytics, and personalization.

- Interaction data such as pages viewed, clicks, and referring URLs.

You can control cookies via your browser or our cookie-consent banner. Essential cookies are required for core functionality.

C. Voice, Audio, and AI-Generated Data

When you engage with our AI voice features or demo lines, we may process:

- Audio recordings and transcriptions of calls.

- Metadata (caller number, time, duration, call routing).

- AI-generated inferences such as detected topics, emotions, positions, sentiment, or likelihood indicators (e.g., donor or volunteer interest).

- Limited special categories (e.g., political opinions) only when voluntarily shared by you.

These data are processed solely to provide and improve Platform services. Customers may delete call recordings and transcripts at any time; otherwise, they are retained until deleted by the customer or until a customer requests that we delete such information.

D. Information from Third Parties

We use trusted third-party providers for hosting, data storage, communications infrastructure, analytics, and AI processing. These include categories such as:

- Cloud infrastructure and database services

- Voice and telephony providers

- AI processing and analytics tools

- CRM and marketing automation platforms

We require each provider to implement appropriate security and privacy safeguards and to process Personal Information only as instructed by us. A current list of sub-processors engaged by RedVoice AI to process customer data on our behalf may be available upon request by contacting our Legal Team.

All such third parties are bound by written agreements requiring confidentiality, data protection, and compliance with applicable privacy laws.

3. Our Roles as Controller and Processor

We act as a Controller for data we collect and use for our own business operations (e.g., marketing, analytics, billing).
We act as a Processor when processing call data, transcriptions, or analytics on behalf of our customers.
When acting as Processor, our Data Processing Addendum (“DPA”) governs that processing and lists approved sub-processors.

Customers may request the DPA and sub-processor list by contacting our Legal Team. All such third parties are bound by written agreements requiring confidentiality, data protection, and compliance with applicable privacy laws.

4. How We Use Personal Information

We use Personal Information for the following purposes:

- Service Delivery & Operations – to provide, operate, and improve the Platform, including transcribing and analyzing calls, managing user accounts, and ensuring system security.

- Customer Support – to respond to inquiries, troubleshoot issues, and verify eligibility for features or promotions.

- Product Improvement & Research – to analyze performance, develop new features, and maintain quality.

- Communications – to send operational notices, product updates, or marketing materials consistent with your preferences.

- Security & Legal Compliance – to prevent fraud, enforce agreements, and comply with applicable law.

- Advertising & Analytics – to measure engagement, personalize content, and assess campaign performance (only if permitted under law and your cookie settings).

Automated Analysis and Profiling

Our AI systems may generate inferences (e.g., sentiment, topic, position classification). These are used to enhance dashboards and reports but are not used for decisions that produce legal or similarly significant effects. You may object to such profiling where applicable law provides that right.

4.5 – Jurisdiction and Intended Use

The RedVoice AI Platform is designed for use by organizations operating in the United States, such as U.S. political campaigns, advocacy groups, and related entities.
It is not intended for or marketed to individuals located outside the United States, including residents of the European Economic Area (EEA), the United Kingdom, or other jurisdictions that impose differing data-protection regimes.

All Platform infrastructure and processing occur primarily within the United States in accordance with U.S. law.

If a non-U.S. individual nonetheless interacts with the Platform, their Personal Information will be processed and stored in the United States, and applicable rights and protections will be governed by U.S. law.

Where foreign data-protection laws require additional safeguards (for example, under the EU or UK GDPR), those measures are applied as described below.

5. Legal Bases for Processing (EEA and UK Only)

Where required by the EU or UK GDPR, processing is based on one or more of the following:

- Contract necessity (to provide requested services).

- Legitimate interests (security, analytics, product improvement, B2B marketing).

- Consent or explicit consent (cookies, analytics, special-category data).

- Legal obligation (compliance with applicable laws).

6. Retention of Personal Information

We retain Personal Information only for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by applicable law. The specific retention period depends on the nature of the information and the context in which it was collected.

Customers have full control over the retention of their call data and transcripts; these items remain on the Platform until deleted by the customer.

- Account and billing records are kept for the duration of the customer’s account and for up to seven years thereafter to meet legal, tax, and accounting obligations.

- Call audio recordings and transcripts are stored until the customer deletes them or closes the account, whichever occurs first.

- Inferences and analytics data, such as AI-generated tags or sentiment scores, are retained for the same period as the associated call data. Aggregated or de-identified analytics that no longer identify an individual may be kept indefinitely for research and statistical purposes.

- Marketing contact information is retained until a recipient opts out of communications or for up to twenty-four months of inactivity.

- Security and system logs, including IP addresses and device information, are typically retained for twelve to twenty-four months, though we may preserve them longer if necessary for security investigations or legal compliance.

When Personal Information is no longer needed, we securely delete or anonymize it in accordance with our data-retention and disposal procedures.

7. How We Protect Information

We maintain administrative, technical, and organizational measures designed to protect Personal Information, including:

- Encryption in transit and at rest;

- Access controls;

- Vendor due-diligence reviews; and

- Incident response procedures.

No system is completely secure, but if you believe your account or data has been compromised, immediately contact your account executive.

8. How We Share Information

We share Personal Information only as described below and with appropriate contractual safeguards.

- Affiliates and Subsidiaries – for operational, administrative, and support purposes consistent with this Policy.

- Vendors and Sub-Processors – to provide hosting, analytics, AI processing, voice infrastructure, and similar services (e.g., OpenAI, Twilio, HighLevel, Replit, AWS, Google Cloud, AI Growth System).

- Partners – for co-branded initiatives, marketing, or research (with notice and lawful basis).

- Corporate Transactions – as part of mergers, acquisitions, or similar events.

- Legal and Safety – to comply with law, respond to lawful requests, or protect rights and safety.

- With Consent – when you direct us to share information.

- Aggregated/De-identified Data – shared for research or statistical purposes without identifying you.

We do not sell Personal Information for monetary consideration in the ordinary course of our business. However, in certain cases we may license or provide access to datasets or analytical insights derived from information lawfully obtained from third parties or through our Platform, in accordance with applicable data protection laws and customer agreements. Where such activity meets the legal definition of a “sale” or “sharing” under applicable state privacy laws, we honor all related opt-out rights and provide the ability to exercise those rights by submitting a request here.

We may engage in cross-context behavioral advertising (“sharing”); you can opt-out as described below.

9. Your Choices and Rights

A. General

You may access, correct, or delete your Personal Information by contacting our Legal Team. We may retain limited data as required by law or to complete transactions initiated before your request.

B. U.S. State Privacy Rights

Residents of California, Colorado, Connecticut, Virginia, and Utah have specific rights regarding their Personal Information, including:

- Right to know/access, correct, delete, or obtain a copy of your data.

- Right to opt-out of sale, sharing, or targeted advertising.

- Right to limit use/disclosure of Sensitive Personal Information (as defined by CPRA).

- Right to non-discrimination for exercising these rights.

To exercise these rights, contact our Legal Team.

We honor Global Privacy Control (GPC) and Universal Opt-Out signals as required by law.

If we deny your request, you may appeal by replying to our decision notice.

C. EEA and UK Residents

You may request access, correction, deletion, restriction, portability, or objection to processing. Where processing is based on consent, you may withdraw it at any time without affecting prior lawful processing. You also have the right to lodge a complaint with your local supervisory authority.

D. Marketing Preferences

You can unsubscribe from marketing emails via the link in each message or by contacting us. We may still send essential service or transactional communications.

10. Cookies and Similar Technologies

We use cookies and related tools for essential functionality, analytics, and (with consent) personalized advertising. Manage your preferences through your browser settings.

11. Children’s Privacy

The Platform is not directed to children. We do not knowingly collect Personal Information from children under 16 (or under 13 in the U.S. per COPPA). If you believe a child has provided data, contact us, and we will delete it promptly.

12. International Data Transfers

RedVoice AI is headquartered and operates primarily in the United States, and our systems are designed to store and process information within the United States.
We do not knowingly transfer Personal Information outside the United States, and all core Platform infrastructure is located domestically.

However, certain third-party service providers—such as cloud-hosting, telecommunications, or analytics vendors—may process or route limited data through facilities located in other countries as part of their global operations.

When those providers handle data on our behalf, they are contractually required to protect it in accordance with this Privacy Policy and applicable U.S. privacy laws.

If any data originating from outside the United States is processed through such providers, we ensure that appropriate contractual and technical safeguards (such as the Standard Contractual Clauses or equivalent mechanisms) are in place to maintain a lawful level of protection consistent with applicable law.

Questions regarding cross-border processing or applicable safeguards may be directed to our Legal Team.

13. Security Incidents

If we become aware of a data incident affecting your Personal Information, we will notify you and relevant authorities in accordance with applicable law and our contractual obligations.

14. Communications and Marketing Compliance

Email/SMS: We comply with the U.S. CAN-SPAM Act, and TCPA. You may opt out of marketing communications at any time.

Voice calls: Outbound calls or texts made through RedVoice AI comply with all applicable consent and record-keeping requirements. Customers using these features must ensure they have proper consent from their contacts.

Customers are solely responsible for ensuring their call lists and outreach comply with the TCPA, state analogs, and all applicable campaign-related contact laws.

15. Links to Other Websites

Our Platform may contain links to third-party websites or apps. We are not responsible for their privacy practices. Review their policies before providing Personal Information.

16. Do Not Track and Global Privacy Control

We do not respond to legacy browser Do Not Track (DNT) signals. However, we honor Global Privacy Control (GPC) and similar legally recognized opt-out signals for residents of California and other applicable states.

17. Contact Us

For questions, concerns, or to exercise your privacy rights, contact:

Politek LLC d/b/a RedVoice AI™
Attn: Legal Team
1201 6th Ave W, Suite 100, Unit #730
Bradenton, FL 34205

18. Notice at Collection (California)

We collect several categories of Personal Information, each used for specific purposes and retained for the periods described in Section 6 of this Policy.

- Identifiers such as your name, email address, and IP address are collected to operate the Platform, manage accounts, and support marketing communications. These identifiers are not sold, but may be shared with advertising or analytics partners for limited purposes such as measuring campaign effectiveness.

- Commercial information—for example, records of products or services purchased or considered and related usage data—is collected to provide and improve our services. This information is not sold or shared.

- Internet or network activity information, including browsing history, cookie data, and interactions with our websites or advertisements, is collected for analytics and personalization. While we do not sell this information, it may be shared with advertising partners when you consent to such cookies.

- Audio and transcription data—including call recordings and their associated transcripts—are collected to deliver RedVoice AI services. These materials are retained until deleted by the customer and are not sold or shared with third parties for advertising purposes.

- Inferences that our systems generate, such as sentiment, engagement scores, or topic tags, are used internally for analytics and performance reporting. They are retained for the same period as the associated call data and are not sold or shared.

- Sensitive information, such as voice recordings or political opinions voluntarily shared during interactions with the Platform, is processed only with explicit consent and solely to provide the requested services. This information is retained until deleted by the customer and is never sold or shared.

We do not sell Personal Information for monetary value. Where an activity meets the legal definition of “sharing” under the California Privacy Rights Act, we honor all related opt-out rights and provide a “Do Not Sell or Share My Personal Information” link for that purpose.

Privacy Policy (Updated Nov 2025)

DO NOT SELL MY PERSONAL INFORMATION