BACKPOCKIT AI PRIVACY POLICY

Effective Date: 8/20/2025

Last Updated: 9/2/2025

1. Applicability

This Policy applies to Users of Backpockit AI, LLC’s (“Backpockit AI”) services anywhere in the world, including Users of our apps, websites, features, or other services.

1.1. This Policy describes how Backpockit (“we,” “our,” or “us”) collects and uses personal data. This Policy applies to all Users of our apps, websites, features, or other services anywhere in the world, unless covered by a separate privacy policy. This notice specifically applies to:

• Clients: This refers to property management companies and their authorized personnel (e.g., employees, contractors, agents) who create an account and use our voice AI services to handle tenant and prospect communication, including but not limited to call answering, tour booking, and maintenance request intake.

1.2. This Policy also governs the personal data we collect from:

• Our Clients and their authorized Users;

• Tenants and prospects whose data we process on behalf of our Clientsl;

• Other individuals in connection with our business operations, including:

  • Prospective Clients: Information collected from individuals who request information, a demo, or a trial of our services but who do not become paying clients.
  • Website Visitors: Data collected through cookies and similar technologies on our public websites and marketing pages (as detailed in our Cookie Policy).
  • Job Applicants: Information submitted by individuals applying for a position at Backpockit, which is used solely for recruitment purposes.
  • Vendors and Partners: Business contact information from representatives of companies we partner with or purchase services from.
  • Unsuccessful Sign-ups: Data from individuals who start but do not complete the account creation process.
  • Publicly Available Sources: Information we may collect from public databases or social media platforms for lead generation or market research, in compliance with applicable laws.

1.3. All those subject to this Policy are referred to as “Users” in this Policy.

1.4. Our data practices are subject to applicable laws in the places in which we operate.

2. Data Control and Transfer

Backpockit is the data controller for the personal data collected in connection with use of our services anywhere in the world.

2.1. We primarily operate and process data within the United States. However, we may transfer data to other countries outside of where our Users reside or access our services. Such transfers are made to fulfill our agreements with Users (including our Terms of Use) or are based on Users’ consent, adequacy determinations for the destination country, or other lawful transfer mechanisms available under applicable law.

3. Data We Collect

3.1. Data Provided by Users to Us. Backpockit AI collects personal data to provide and improve our voice AI services. We collect the following categories of data:

• Account Information: Data provided during sign-up, registration, or administration of your account. This includes:

  • Contact Information: Full name, business email address, business telephone number, company name, and office address.
  • Profile Information: Job title, profile picture (if uploaded), and user preferences.
  • Credentials: Username and password for account access.

• Billing Information: Payment information required for processing payment, which is handled directly by our secure third-party payment processors (e.g., Stripe, PayPal).

• Content and Communications: Information you provide when contacting customer support, including chat logs, and call recordings (if support calls are recorded), or feedback, survey responses, or comments you submit.

• Training Materials: Content you intentionally provide to train your specific AI model, such as property website URLs, PDFs of property manuals, FAQs, or other documentation you upload to customize the service.

3.2 Data Created During Use of Our Services. This information is generated automatically as you use our services.

• Call Interaction Data

  • Call Recordings: Full audio recordings of all calls handled by our AI.
  • Call Transcripts: Machine-generated text transcripts of all call audio.
  • Call Metadata: Details about the call, including caller phone number, date, time, duration, call outcome (e.g., "tour booked," "maintenance request logged"), and unique call identifiers.

• Integrated Service Data

  • Calendar Data: Information synced from integrated calendars (like Google Calendar), including scheduled tour dates, times, property addresses, and event titles/descriptions.
  • Email & Maintenance Data: Details from integrated email accounts related to maintenance requests, including requester name, unit number, issue description, and email metadata.

3.3 Data from Other Sources. We receive information from third parties that help us provide support and improve our services.

• Integrated Third-Party Services: We receive data from services you connect to our platform, as authorized by you. This includes the calendar and email data described in section 3.2.
• Service Providers: Our vendors and partners who perform services on our behalf may provide us with data, such as payment processers, AI infrastructure providers, and cloud storage providers.

We may combine the data collected from these sources with other data in its possession.

4. How We Use Personal Data

Backpockit AI collects and uses data to enable reliable and convenient voice AI services for property management. We use the data we collect for the following purposes:

4.1. Providing services and features. We use the data we collect to provide, personalize, maintain, and improve our products and services. This includes using the data to:

• Create and update Users’ accounts.
• Provide our core AI voice services, including answering calls, booking property tours, and processing maintenance requests.
• Monitor usage for billing purposes (e.g., tracking call minutes used).
• Train and improve our AI models
• Analyze performance and usage patterns
• Perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems; to conduct data analysis, testing, and research; and to monitor and analyze usage and activity trends.

4.2. Safety, Security, and Compliance. We use personal data to help maintain the safety, security, and integrity of our services and to ensure compliance with legal obligations.

• Using data to prevent, detect, and combat fraud or unsafe activities.
• Using data for regulatory, safety, and security purposes.

4.3. Customer Support. We use the information we collect to provide customer support, including to:

• Investigate and address User concerns.
• Monitor and improve our customer support responses and processes.

4.4. Research and Development. We may use the data we collect for testing, research, analysis, product development, and machine learning to improve the User experience, but only to the extent permitted by your consent settings.

4.5. Communications. We may use the data we collect to communicate with you about service updates, support, billing, and administrative messages.

4.6. Marketing. We may use the data we collect to market our services to our Users. This includes sending Users communications about our services, features, promotions, studies, surveys, news, updates, and events.

4.7. Legal Proceedings and Requirements. We may use the personal data we collect to investigate or address claims or disputes relating to use of our services, or as otherwise allowed by applicable law, or as requested by regulators, government entities, and official inquiries.

5. Cookies and Third-Party Technologies

We and our partners use cookies and other identification technologies on our apps, websites, emails, and online ads for purposes described in this Policy. We use cookies and similar technologies for purposes such as: authenticating Users; remembering User preferences and settings; determining the popularity of content; delivering and measuring the effectiveness of advertising campaigns; analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our services.

6. Data Sharing and Disclosure

We do not sell your personal information to anyone and we never will.

We may share the data we collect, but we require those third parties to follow our policies on how they can or cannot use and disclose the information we share. We share:

6.1. With Service Providers and Business Partners. We provide data to vendors, consultants, and service providers strictly to perform services on our behalf. These include:

• Payment processors and facilitators.
• AI infrastructure and model providers (e.g., OpenAI, ElevenLabs).
• Cloud storage providers.
• Google, in connection with the use of Google Calendar integrations (see Google’s privacy policy).
• Communication and email service providers.
• Data analytics providers.
• Vendors that assist us to enhance the safety and security of our services.
• Consultants, lawyers, accountants, and other professional service providers.

6.2. For Legal Reasons or in the Event of a Dispute. We may share Users’ personal data if we believe it’s required by applicable law, regulation, legal process, or governmental request. This includes sharing personal data with law enforcement officials, other government authorities, or other third parties as necessary to enforce our Terms of Service, User agreements, or other policies; to protect our rights or property or the rights, safety, or property of others; or in the event of a claim or dispute.

This also includes sharing personal data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.

6.3. With Consent. We may share a User’s personal data other than as described in this notice if we notify the User and they consent to the sharing.

7. Data Retention and Deletion

7.1. General Retention Principle. We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention period for different categories of data is determined on a case-by-case basis, considering the following criteria:

7.2. Criteria for Determining Retention Periods. When deciding how long to retain information, we consider:

• Service Provision Necessity: Whether we need the data to operate and provide our services to you. For example, we retain your account information for as long as your account is active to maintain your service history and preferences.

• Feature Functionality: The nature of the feature for which the data is used. For example, temporary cache files are retained for only a few minutes, while call recordings and transcripts are retained for the duration of your active subscription to allow for review and customer support.

• Legal and Regulatory Obligations: Whether we are subject to legal, tax, or regulatory requirements that mandate a specific retention period. For example, laws may require us to retain business and transaction records for several years after an account is closed.

• Legitimate Business Interests: Whether we need the data for other legitimate business purposes, such as:

  • Preventing harm, fraud, and abuse.
  • Investigating potential violations of our Terms of Service.
  • Ensuring the security and integrity of our services.
  • Exercising or defending our legal rights.

7.3 Deletion Upon Request. Upon termination of your services or receipt of a valid deletion request, we will initiate the deletion of your personal data within 30 days, unless a longer retention period is required or permitted by law, as outlined in Section 7.2.

7.4 Examples of Retention Practices.

• Account Data: We will retain your core account data for as long as your account is active and for a period thereafter to comply with legal obligations and for legitimate business purposes.
• Call Recordings & Service Data: We retain call recordings, transcripts, and related service data for the duration of your active subscription. You may request earlier deletion of specific records.
• Marketing Data: If you opt-out of marketing communications, we will retain a record of your choice to ensure we do not contact you again.
• Anonymized Data: We may retain anonymized data indefinitely, as it can no longer be used to identify an individual and is used for analytics and product improvement.

8. Your Rights and Choices.

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request corrections to your data
• Request deletion of your data
• Restrict or object to our use of your data
• Request a copy of your data in a portable format
• Withdraw consent for data processing where reliance is on consent

To exercise these rights, contact us at affaan@backpockit.ai.

9. Updates to this Policy

We may occasionally update this notice. Use of our services after an update constitutes consent to the updated notice to the extent permitted by law. If we make significant changes, we will notify Users in advance of the changes through our apps or through other means, such as email. We encourage Users to periodically review this notice for the latest information on our privacy practices. The “Last Updated” date at the top of this page will reflect the latest changes.

10. Data Security. We implement and maintain administrative, technical, and physical security measures designed to protect your personal data from unauthorized access, destruction, use, modification, or disclosure. While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, contact us at:

Backpockit AI LLC

Email: affaan@backpockit.ai

Address: 49130 Woodson Way, Canton, MI 48187