Privacy Policy

Effective Date: December 5, 2025

1. Introduction

Realee.ai ("we," "us," or "our") is committed to protecting the privacy of your information. This Privacy Policy explains how we collect, use, and share your information when you use our services, including our Operational Intelligence Platform, AI Automation, and Consulting Services (collectively, the "Service").

2. Roles and Responsibilities

To ensure clarity regarding data ownership and liability:

  • The Client is the Data Controller: You retain full ownership of all business data, lead lists, and proprietary workflows you input into the Service. You are responsible for obtaining necessary consents (including CASL/GDPR) before providing data to us.
  • Realee.ai is the Data Processor: We process your data solely on your behalf to provide the Service. We do not own your data, nor do we sell it to third parties.

3. Information We Collect

We collect information from you when you use our services, including:

  • Client Data: Information about your leads, workflows, and internal processes that you provide to us, such as names, email addresses, phone numbers, and CRM data.
  • Usage Data: Metrics on how you use our services, such as automations triggered, call durations, and agent interactions. This data is anonymized and aggregated for system optimization.
  • Technical Data: Information about your device and connection, including IP address, browser type, and operating system. We may use cookies, beacons, and session replay tools (e.g., Vercel Analytics) to analyze performance and improve the user experience.

4. AI & Data Usage (Foundation Models)

We respect the sanctity of your proprietary data. Client Data processed by our AI models is used solely for the purpose of delivering the Service to you. We do not use your proprietary business data or lead lists to train public foundation models (e.g., ChatGPT, Claude) for general public use.

5. How We Use Your Information

We use your information for the following purposes:

  • Providing and Improving Services: To deliver our AI-powered operational layer, including automated outbound/inbound handling, lead qualification, and workflow orchestration.
  • Communication: To contact you with service-related updates, notifications, or marketing materials (only if you have opted in). You can withdraw consent at any time.
  • Legal Compliance: To comply with applicable laws, regulations, and requests from law enforcement.

6. Data Protection

Data Encryption: All Client Data is encrypted using industry-standard protocols, including TLS 1.2+ for data in transit and AES-256 for data at rest. This ensures sensitive information is securely stored and transmitted.

Data Storage: Client Data is stored in secure databases hosted on servers located in North America. These facilities are protected by robust access controls, firewalls, and intrusion detection systems.

Access Control: Access to Client Data is restricted to authorized personnel only. We implement Multi-Factor Authentication (MFA) and Role-Based Access Controls (RBAC) to ensure least-privilege access.

Data Retention: We retain Client Data for the duration of your agreement plus three (3) years, or as required by law. Upon request for deletion, data is removed from active systems within thirty (30) days.

7. Compliance with Canadian Laws

Our system is designed to comply with Canadian data protection laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and Canada’s Anti-Spam Legislation (CASL).

Clients represent and warrant that they have obtained express, informed consent from their leads before inputting data into the Realee.ai platform. Our platform provides tools to track consent, but the obligation to obtain consent rests with the Client (Data Controller).

8. Third-Party Data Sharing

We may share Client Data with the following trusted sub-processors:

  • Cloud Service Providers: For secure hosting and storage (e.g., AWS, Supabase, Vercel).
  • AI Model Providers: For processing natural language tasks (data is ephemeral and opted-out of training where applicable).
  • Communication Platforms: For delivering notifications and emails (e.g., MailerSend).
  • Legal Authorities: When required by law.

These third parties are contractually obligated to maintain the confidentiality and security of Client Data and are authorized to use it only for specific purposes.

9. Incident Response

In the event of a confirmed data breach, we will:

  • Immediately investigate and contain the breach.
  • Notify the Client and relevant authorities within 72 hours, as required by law.
  • Implement corrective measures to prevent recurrence.

10. Your Rights

Under PIPEDA, you have the right to request access to, correction of, or deletion of your personal data. To make a request, please contact us at info@realee.ai with the subject line "Data Request." We will respond within three (3) business days.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Realee.ai
230 Runstedler Dr
La Salle, ON N9J 3T1
info@realee.ai