```

Ai Flaire LLC – Privacy Policy

Ultra‑Robust Global Version
Last Updated: December 2025

This Policy explains how Ai Flaire LLC, a Wyoming limited liability company, collects, uses, stores, and processes personal data worldwide in compliance with U.S. federal privacy laws, Wyoming statutes, GDPR, UK GDPR, CPRA, and other global frameworks.

1. Controller vs. Processor Roles

• Ai Flaire acts as Controller for account, billing, support, compliance, and operational data.
• Ai Flaire acts as Processor for contact data, communications, CRM data, and all Sub‑Account information.

2. Categories of Data Collected

• Identifiers (name, email, phone, IP, device)
• Billing/transaction data
• Message content, attachments, AI outputs
• Contact lists and consent logs
• Cookies, device metadata, usage logs
• HIPAA‑protected information only if configured

3. Purpose of Processing

• Account creation and authentication
• Messaging and communication delivery
• AI‑powered features
• Fraud prevention and abuse detection
• Compliance with A2P, GDPR, CPRA, TCPA, and global laws
• Analytics, improvements, service optimization

4. Legal Basis (GDPR)

• Contractual necessity
• Legitimate interests
• Consent (where required)
• Legal obligations
• Vital interests (security)

5. Consent Requirements

You must obtain and store valid opt‑in for all messages sent through the Platform.

6. Data Sharing

Ai Flaire shares personal data only with:

• HighLevel CRM infrastructure
• Messaging carriers (SMS/email)
• Hosting and cloud infrastructure
• Payment processors
• Security and compliance frameworks

7. Mobile Information Sharing Policy

Ai Flaire does not sell, rent, or share your mobile phone number or text messaging information with third parties for marketing purposes. Your mobile information is used solely for the purposes outlined in this Privacy Policy, including transactional communications, service notifications, and platform functionality. We will not disclose your mobile information to any third party without your express written consent, except:

• As required to deliver messages through telecommunications carriers;
• As necessary to comply with legal obligations or valid legal process;
• To protect the safety, rights, or property of Ai Flaire, our users, or the public;
• In connection with a business transfer, merger, or acquisition (with advance notice).

8. International Transfers

All transfers comply with SCCs, UK IDTA, and global data transfer requirements.

9. Retention

• Billing data: 7 years
• Logs: 90 days (unless required longer)
• Backups: 180 days
• User data: until account deletion

10. Security Practices

Measures include encryption, MFA support, access controls, monitoring, and incident response.

11. Global Data Subject Rights

Under GDPR, UK GDPR, CPRA, and global privacy laws, individuals may request:

• access, correction, deletion
• restriction or objection
• portability
• withdrawal of consent

12. Cookies

Used for authentication, analytics, and platform functionality.

13. Children's Privacy

The Platform is not intended for children under 18.

14. SMS & Text Messaging Consent

By providing your mobile phone number, you consent to receive non-marketing text messages from Ai Flaire LLC about your order updates, appointment reminders, service notifications, and other transactional communications. Message and data rates may apply. Text HELP for assistance or reply STOP to opt out at any time.

15. Contact

Email: [email protected]