PRIVACY POLICY

Last Updated: [Insert Date]
Jurisdiction: Ireland / EU GDPR

This Privacy Policy describes how Surff-AI ("we," "us," or "our") collects, uses, and discloses information in connection with the Surff-AI ecosystem, including our websites, chatbots, and the "Review Funnel" (collectively, the "Service").

Under the General Data Protection Regulation (GDPR), Surff-AI acts as a Data Processor for the information provided by our Clients’ customers, and as a Data Controller for the information provided directly by our Clients.

1. INFORMATION WE COLLECT

1.1 From Our Clients (The Business Owner)

When you sign up for a Surff-AI demo or subscription, we collect:

Business Contact Information: Name, email address, phone number, and business address.

Asset Data: Domain details, Google Business Profile credentials (via secure API), and social media page access for integration.

1.2 From End-Customers (Your Customers)

Through the use of our chatbots and review funnels, we process:

Communication Data: Phone numbers (specifically for WhatsApp/SMS communication), names, and the content of chat messages.

Feedback Data: Review content, star ratings, and internal feedback submitted through the "Customer Resolution Portal."

2. HOW WE USE DATA

Service Delivery: To build and host the Client website and facilitate AI-driven communication.

The Review Funnel: To send automated review requests via WhatsApp on behalf of the Client.

Communication Triage: We utilize a filtering system to process customer feedback. This allows the Client to address negative experiences privately through a "Customer Resolution Portal" while directing positive experiences to public review platforms (e.g., Google Business Profile). This is conducted to improve customer service outcomes.

3. THIRD-PARTY DATA PROCESSORS

To provide our enterprise-grade service, data is shared with the following sub-processors:

• LeadConnector / GoHighLevel (GHL): Our core CRM and communication infrastructure.
• Meta Platforms, Inc. (WhatsApp/Facebook/Instagram): For delivery of WhatsApp messages and social media DM management.
• Google LLC: For Google Business Profile integration and Map tracking.
• Twilio / Mailgun: For the delivery of SMS and email notifications.

4. DATA SECURITY & STORAGE

All data is stored using industry-standard encryption. We utilize enterprise-grade hosting environments (Google Cloud/Cloudflare) to ensure the integrity and availability of your information.

Data Retention during Demo: If the 30-day demo is not converted to a permanent subscription, all personal data associated with that sub-account will be queued for deletion in accordance with our data retention schedule, unless required to be kept by law.

5. YOUR RIGHTS (GDPR)

Under the GDPR, individuals in Ireland and the EU have the following rights:

• The Right to Access: You can request copies of your personal data.
• The Right to Rectification: You can request that we correct any information you believe is inaccurate.
• The Right to Erasure: You can request that we erase your personal data under certain conditions.
• The Right to Data Portability: You can request that we transfer the data that we have collected to another organization.

To exercise these rights, please contact our Data Protection Officer at [Insert Support Email].

6. COOKIES

The websites we build utilize essential cookies to ensure the functionality of the AI chatbot and to track the success of lead generation forms.

7. CONTACT US

If you have any questions about this Privacy Policy or our data practices, please contact:
Surff-AI Data Protection
Kildare, Ireland
support@surff-ai.com

Back to Home