Privacy Policy

Last updated: March 24, 2026

Welcome to VINSI AI, LLC ("we" or "us"). This Privacy Policy is designed to help you understand how we collect, use, disclose, and safeguard your personal information when you use our website and related services. By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Interpretation and Definitions

1.1 Interpretation

Words with capitalized first letters have meanings defined under the following conditions. These definitions apply whether the terms appear in singular or plural form.

1.2 Definitions

Account: A unique account created for You to access our Service or parts of our Service.

Affiliate: An entity that controls, is controlled by, or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest, or other securities entitled to vote for election of directors or other managing authority.

Business (CCPA): VINSI AI, LLC as the legal entity that collects consumers' personal information and determines the purposes and means of the processing of consumers' personal information, as defined under the California Consumer Privacy Act.

Company: "VINSI AI, LLC," also referred to as "we," "us," or "our" in this policy. For purposes of GDPR, the Company is the Data Controller when collecting data directly from individuals.

Cookies: Small files placed on your computer, mobile device, or other device by a website, containing details of your browsing history and preferences.

Data Controller: For GDPR purposes, the legal person that alone or jointly with others determines the purposes and means of the processing of Personal Data.

Data Processor: For GDPR purposes, a natural or legal person that processes Personal Data on behalf of and under the instructions of a Data Controller.

Data Subject: For GDPR purposes, any identified or identifiable natural person whose Personal Data is processed.

Device: Any device that can access the Service, such as a computer, cellphone, or digital tablet.

Do Not Track (DNT): A concept promoted by U.S. regulatory authorities allowing internet users to control the tracking of their online activities across websites.

Personal Data: Any information that relates to an identified or identifiable individual. Under GDPR, this includes name, identification number, location data, or online identifier. Under CCPA, this includes any information that identifies, relates to, or could reasonably be linked with you.

Sale (CCPA): Selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating a consumer's personal information to another business or third party for monetary or other valuable consideration.

Service: The VINSI AI website, platform, and related services offered by VINSI AI, LLC.

Service Provider: Any natural or legal person who processes data on behalf of the Company. For GDPR purposes, Service Providers are considered Data Processors.

Usage Data: Data collected automatically, either generated by use of the Service or from the Service infrastructure itself (e.g., duration of a page visit, IP address, browser type).

You / User: The individual accessing or using the Service, or the company or legal entity on whose behalf such individual accesses the Service. Under GDPR, You may also be referred to as the Data Subject.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information when you voluntarily provide it through account registration, appointment scheduling, contact or inquiry forms, demo or consultation requests, sales inquiries, waitlist sign-ups, or newsletter subscriptions:

Full name
Email address
Mobile phone number
Company name and job title
Appointment and service history
SMS opt-in/opt-out status and consent records (including timestamp, method, and IP address)
Any other information you choose to provide when contacting us

2.2 Usage Information

We automatically collect information about your use of the website, including your IP address, browser type and version, device information, pages visited, time and date of your visit, time spent on pages, and unique device identifiers. When you access the Service via a mobile device, we may also collect your mobile device type, unique device ID, mobile operating system, and mobile browser type.

2.3 SMS and Text Messaging Information

When you provide your phone number and consent to receive text messages, we collect and store your mobile phone number, SMS communication preferences, opt-in/opt-out status, and proof of consent including timestamp, method, and IP address.

Mobile phone numbers and SMS consent information collected for text messaging purposes will not be shared with third parties or affiliates for their own marketing or promotional purposes.

2.4 Client Customer Data

When subscribers (clients) use the VINSI AI platform to communicate with their own customers, we may process personal data belonging to those end users solely to deliver the requested services. This data is used exclusively for service delivery and is never used for VINSI AI's own marketing or shared with unrelated third parties. Retention of client customer data is governed by the applicable Data Processing Agreement or deleted within 90 days of account termination, whichever comes first.

3. How We Use Your Information

We use the collected information for purposes including providing and maintaining the website, communicating about your account and services, sending requested newsletters and promotional materials, responding to inquiries, scheduling demos and consultations, managing waitlist registrations, sending transactional and promotional text messages (where consent is obtained), providing Platform services to Clients including facilitating SMS, voice, and other communications to their End Users on their behalf strictly as directed by the Client, and analyzing website usage to improve our services.

4. Data Processing Roles

4.1 Data Controller

VINSI AI acts as a Data Controller when it directly collects and determines the purpose and means of processing personal information — for example, when individuals register on our website, request a demo, or subscribe to communications.

4.2 Data Processor

VINSI AI acts as a Data Processor when it processes personal data on behalf of a subscriber (client) to facilitate that subscriber's communications with their own customers. In this capacity, VINSI AI follows the subscriber's instructions and processes data only as necessary to deliver the service. The subscriber remains the Data Controller for their customers' data and is solely responsible for ensuring all required legal bases and consents are in place.

When acting as a Data Processor on behalf of Clients, VINSI AI:

Acts only on documented instructions from the Client
Does not use End User data for its own marketing or independent purposes
Implements appropriate technical and organizational security measures
Assists Clients in responding to End User rights requests to the extent required by applicable law
Deletes or returns End User data upon termination of the Client relationship, as directed

4.3 Client Responsibility for End-User Consent

When clients use VINSI AI to send messages to their own customers, the client is the sender of record and bears sole responsibility for obtaining proper TCPA, CAN-SPAM, and applicable state law consent from their end users prior to initiating any communications through the platform. VINSI AI's role is limited to technology facilitation.

4.4 Data Processing Agreement (DPA)

Clients who use the VINSI AI Platform to process End User personal data must enter into a Data Processing Agreement (DPA) with VINSI AI, LLC prior to use. To request a DPA, contact support@vinsi.ai.

4.5 Limitation of Liability for Client-Directed Communications

VINSI AI, LLC is not liable for a Client's failure to obtain proper consent, honor opt-out requests, or otherwise comply with applicable law. Clients agree to indemnify and hold VINSI AI, LLC harmless against any claims, penalties, or damages arising from the Client's own non-compliance with applicable law.

5. SMS and Text Message Communications

5.1 Types of SMS Communications

Transactional Messages include appointment confirmations, reminders, scheduling changes, and messages directly related to services you requested. Promotional Messages include follow-up offers, service promotions, and marketing communications sent only with prior express written consent.

5.2 Written Consent (Promotional Messages)

For promotional SMS messages sent via automated technology, we obtain prior express written consent as required by the TCPA. Consent may be provided by checking the SMS consent box on any of our forms, replying YES to a confirmation text, or clicking a consent confirmation link sent via email.

"By checking this box, I provide my prior express written consent to VINSI AI, LLC to contact me via email and SMS text messages using automated technology at the number and email address provided, including for marketing and promotional purposes. Message and data rates may apply. Message frequency may vary. Reply STOP to opt out or HELP for assistance. Consent is not a condition of any purchase."

5.3 Verbal Consent (Transactional Only)

Verbal consent is sufficient for transactional SMS messages only and is not sufficient for promotional messages under TCPA. When verbal consent is obtained, we log the date, time, and nature of consent; send a follow-up confirmation requesting written consent before any promotional messages; and limit SMS to transactional messages until written consent is confirmed.

5.4 Consent Through Expressed Interest

Expressed interest alone does not constitute consent to receive promotional SMS. VINSI AI will follow a separate consent confirmation process before sending promotional texts. Expressed interest may support a single opt-in invitation message that clearly identifies VINSI AI and includes opt-out instructions.

5.5 Message Frequency & Rates

Appointment-related texts are sent as needed. Promotional texts are sent no more than 5 times per month unless otherwise stated at consent. Standard message and data rates may apply.

5.6 Opt-Out

Reply STOP to any message to opt out. One final confirmation message will be sent. Reply START to re-subscribe. For help, reply HELP or contact support@vinsi.ai.

5.7 A2P 10DLC Compliance

SMS campaigns conducted through our platform may be subject to A2P 10DLC registration requirements imposed by mobile carriers. Clients are responsible for ensuring their messaging use cases are properly registered with applicable carriers prior to launching campaigns. VINSI AI reserves the right to suspend messaging services for campaigns that do not meet carrier registration requirements.

5.8 SMS Service Providers

We use Twilio to facilitate text message delivery. Twilio may receive your phone number and message content solely to deliver messages on our behalf and is contractually prohibited from using your information for any other purpose. A current list of sub-processors used in Platform delivery is available upon request by contacting support@vinsi.ai.

5.9 No Sharing of Mobile Information

Mobile information (including mobile phone numbers) collected through our SMS programs will not be shared with third parties or affiliates for marketing or promotional purposes. This information is used solely to deliver the SMS communications you have requested or consented to receive. All other categories of personal information may be shared with third parties only as described elsewhere in this Privacy Policy.

6. Email Communications and CAN-SPAM Compliance

6.1 Commercial vs. Transactional Email

Transactional emails include account confirmations, service notifications, and appointment-related communications. Commercial/promotional emails include marketing offers and newsletters and are only sent to recipients who have opted in.

6.2 CAN-SPAM Requirements

All commercial emails sent by VINSI AI comply with the CAN-SPAM Act, including:

Accurate sender identification in the 'From' field
Honest and non-deceptive subject lines
Clear identification of the message as an advertisement where applicable
Inclusion of our valid physical mailing address
A clear and conspicuous opt-out/unsubscribe mechanism in every email
Prompt honoring of unsubscribe requests within 10 business days

6.3 Email Opt-Out

You may unsubscribe from commercial emails at any time using the unsubscribe link in any email. Transactional emails related to active service agreements may continue until the relevant service relationship ends.

6.4 Client Email Campaigns

When clients use the VINSI AI platform to send emails to their own customers, the client is responsible for CAN-SPAM and applicable state law compliance, including maintaining valid opt-in records and honoring opt-out requests.

7. HIPAA and PCI DSS Compliance

7.1 HIPAA — Business Associate Agreement

For Clients operating in healthcare or transmitting Protected Health Information (PHI) through the VINSI AI Platform, VINSI AI, LLC supports compliance with HIPAA. Clients subject to HIPAA must execute a Business Associate Agreement (BAA) with VINSI AI, LLC before transmitting any PHI. To request a BAA, contact support@vinsi.ai.

7.2 PCI DSS — Payment Card Data

VINSI AI, LLC does not store, collect, or process payment card details directly. Payment transactions are handled by third-party processors (such as Stripe) whose use of your information is governed by their own privacy policies. Clients subject to PCI DSS requirements should contact support@vinsi.ai to confirm applicable scope and controls.

8. Sharing Your Information

We do not sell, trade, rent, or otherwise share your personal information — including mobile phone numbers — with third parties or affiliates for their own marketing or promotional purposes.

We may share information with trusted service providers who assist us in operating our website, delivering SMS/email communications, or conducting our business. All providers are bound by confidentiality obligations and prohibited from using your data for independent purposes.

When acting as a data processor for Clients, we may share End User data with sub-processors (such as Twilio) solely as necessary to deliver the Client-directed services. A current list of sub-processors is available upon request at support@vinsi.ai.

8.1 Business Transactions

If VINSI AI, LLC is involved in a merger, acquisition, or asset sale, your personal information may be transferred as part of that transaction. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy, and we will take reasonable steps to ensure that any acquiring entity honors the commitments made in this policy.

8.2 Law Enforcement and Legal Requirements

Under certain circumstances, VINSI AI may be required to disclose your personal information if required to do so by law or in response to valid requests by public authorities. VINSI AI may also disclose personal information in the good-faith belief that such action is necessary to:

Comply with a legal obligation
Protect and defend the rights or property of VINSI AI, LLC
Prevent or investigate possible wrongdoing in connection with the Service
Protect the personal safety of users of the Service or the public
Protect against legal liability

9. Transfer of Personal Data

Your information, including Personal Data, is processed at VINSI AI's operating offices and in any other locations where the parties involved in the processing are located. This means your information may be transferred to — and maintained on — computers located outside your state, province, country, or other governmental jurisdiction where data protection laws may differ.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. VINSI AI will take all steps reasonably necessary to ensure your data is treated securely and in accordance with this Privacy Policy, and no transfer of your Personal Data will take place to an organization or country unless adequate controls are in place.

10. Data Retention

Contact and account data: retained while account is active and up to 3 years after closure
SMS consent records: minimum 4 years (TCPA requirement)
Appointment and service history: up to 3 years
Marketing and promotional data: until opt-out or deletion request
Usage Data: generally retained for a shorter period unless used to improve service security or functionality, or legally required to be retained longer
Client customer / End User data: per applicable DPA or deleted within 90 days of account termination

Upon expiration of the applicable retention period, VINSI AI will securely delete or anonymize your personal information.

11. Cookies and Tracking Technologies

11.1 Types of Cookies

We use Cookies and similar tracking technologies to track activity on our Service and store certain information. Tracking technologies used include beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on your device when you go offline, while Session Cookies are deleted as soon as you close your browser. We use both types for purposes including authentication, preference storage, analytics, and security.

11.2 Your Cookie Choices

You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if you do not accept Cookies, you may not be able to use some parts of our Service.

11.3 Do Not Track (DNT)

Because there is currently no uniform standard for recognizing and implementing DNT signals, our website does not currently respond to DNT browser signals. We will revisit this position if an industry-wide standard is established.

11.4 Behavioral Remarketing

We may use remarketing services to display advertisements to you on third-party websites after you have visited our Service. These services may include:

Google Ads (AdWords) — governed by Google's Privacy Policy at policies.google.com/privacy
Meta (Facebook/Instagram) Ads — governed by Meta's Data Policy at facebook.com/policy
Other third-party advertising partners as engaged from time to time

You may opt out of interest-based advertising by visiting optout.aboutads.info or optout.networkadvertising.org.

12. Google API Services

VINSI AI's use and transfer to any other application of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

13. Your Choices and Privacy Rights

You may manage preferences by unsubscribing from emails, replying STOP to texts, adjusting account settings, or contacting us to update or delete your information.

13.1 California (CCPA / CPRA)

California residents have the right to know what personal information we collect, use, disclose, and sell; the right to delete personal information; the right to opt out of the sale of personal information (we do not sell personal data); the right to correct inaccurate personal information; the right to limit use of sensitive personal information; and the right to non-discrimination for exercising these rights.

13.2 Virginia, Colorado, Texas, and Other U.S. States

Residents of Virginia, Colorado, Texas, and other states with applicable privacy laws have the right to access, correct, delete, and obtain a portable copy of their personal data, and to opt out of targeted advertising and profiling.

13.3 GDPR — European Economic Area (EEA) Residents

If you are located in the EEA or United Kingdom, you have the following rights under GDPR:

Right of Access — request a copy of the personal data we hold about you
Right to Rectification — request correction of inaccurate or incomplete personal data
Right to Erasure ('Right to be Forgotten') — request deletion of your personal data
Right to Restriction of Processing — request that we restrict processing in certain circumstances
Right to Data Portability — receive your personal data in a structured, machine-readable format
Right to Object — object to processing for direct marketing or where we rely on legitimate interests
Rights related to automated decision-making and profiling

To exercise any GDPR rights, contact support@vinsi.ai. You also have the right to lodge a complaint with your local data protection supervisory authority.

13.4 How to Submit a Request

To exercise any of the above rights, contact support@vinsi.ai. We respond to verified requests within 45 days.

14. Data Breach Notification

In the event of a breach affecting your personal information, VINSI AI will notify you and applicable regulatory authorities as required by law. Contact support@vinsi.ai immediately if you believe your information has been compromised.

15. Security

We take reasonable measures including encryption in transit and at rest, access controls, and secure storage to protect your information. No method of internet transmission is completely secure, so we cannot guarantee absolute security.

16. Children's Privacy

Our website is not directed to individuals under 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us personal information, contact us and we will remove it promptly.

17. Changes to This Privacy Policy

We may update this policy periodically. Changes will be posted on this page with an updated effective date. For material changes, we will provide more prominent notice. Continued use of the website after modifications constitutes acknowledgment of the updated policy.

18. Contact Us

VINSI AI, LLC

For general privacy inquiries: support@vinsi.ai

For Data Processing Agreement (DPA) requests: support@vinsi.ai

For Business Associate Agreement (BAA) requests: support@vinsi.ai

For sub-processor inquiries: support@vinsi.ai

For PCI DSS scope inquiries: support@vinsi.ai

For GDPR / EEA data subject requests: support@vinsi.ai