Privacy Policy

August 14, 2025

Privacy & Data Protection Policy

Cloud Botics Consultancy

Last Updated: September 2025

1. Introduction

Cloud Botics Consultancy is committed to protecting the privacy, confidentiality, and security of

personal information in our care. This policy explains how we collect, process, store, and protect

data in compliance with applicable U.S. privacy laws and best practices.

Our commitment extends to all personal data from clients, employees, contractors, partners, and

other individuals whose information we process.

2. Purpose of This Policy

This policy ensures that Cloud Botics Consultancy:

• Complies with relevant U.S. privacy and data protection laws.
• Protects the rights and privacy of clients, employees, and partners.
• Maintains transparency in how personal data is used and safeguarded.
• Reduces risks associated with data breaches and misuse of information.

3. Scope

This policy applies to:

• Cloud Botics Consultancy’s headquarters and all operational sites.
• All employees, contractors, volunteers, suppliers, and third parties working on behalf of

the company.

1 It covers all personal data related to identifiable individuals, including but not limited to:

• Names
• Postal addresses
• Email addresses
• Telephone numbers
• Any other information that can be used to identify a person

4. Applicable U.S. Data Privacy Laws

Cloud Botics Consultancy complies with federal and state-level data privacy laws, including:

• California Consumer Privacy Act (CCPA) & California Privacy Rights Act (CPRA)
• Gramm–Leach–Bliley Act (GLBA) for financial information
• Health Insurance Portability and Accountability Act (HIPAA) where applicable
• Children’s Online Privacy Protection Act (COPPA) for children’s data
• Federal Trade Commission (FTC) Act prohibiting unfair or deceptive privacy practices.
• Other state-specific privacy laws in Virginia, Colorado, Utah, and additional jurisdictions

where applicable.

5. Core Data Protection Principles

In alignment with U.S. privacy best practices, Cloud Botics Consultancy ensures that personal

data is:

1. Collected only for legitimate, clearly defined purposes.
2. Relevant, accurate, and limited to what is necessary.
3. Processed lawfully and fairly.
4. Stored securely with appropriate safeguards.
5. Retained only as long as needed or required by law.
6. Accessible to individuals who have rights to review, correct, or request deletion of their

data where required by law.

26. 2 Data Protection Risks

This policy helps mitigate risks such as:

• Confidentiality breaches – e.g., unauthorized disclosure of personal information.
• Failure to offer choice – ensuring individuals can decide how their data is used.
• Reputational harm – protecting the company’s credibility in case of attempted breaches

7. General Staff Guidelines

• Access to personal data is granted only to those who need it for their role.
• Data should not be shared informally — formal requests should go through a manager.
• All employees will receive training on data protection responsibilities.
• Strong, unique passwords must be used and never shared.
• Personal data must not be disclosed to unauthorized persons.
• Data should be reviewed, kept accurate, and securely deleted when no longer required.
• Information you provide to us.
• When you interact with Cloud Botics Consultancy—whether you browse our website,

request a demo, sign up for a newsletter, attend an event, or use our AI email support—

you may share personal details so we can serve you better. This information can include:

– Contact Details: Your name, email address, phone number, and mailing address.

– Professional Details: Company name, job title, department, and role.

– Marketing Preferences: How and when you’d like to hear from us.

– Login & Security Data: Usernames, passwords, API keys, or other authentication

tokens.

– Payment Information: Credit/debit card or bank account details and billing address

(when you purchase services).

– Job Applicant Info: If you apply to join Cloud Botics Consultancy, we collect your

resume, work history, education, desired salary, visa status—and, if you choose,

information like gender, ethnicity, veteran or disability status, and links to your

portfolio or LinkedIn profile.

– User-Generated Content: Anything you post in surveys, chat features, forums, or other

interactive areas.

– If you email, call, or message us directly, we’ll keep a record of those communications

to ensure timely and accurate responses.

38. 3 Your Privacy Rights

Depending on your location, you may have the right to:

• Request access to the personal data we hold about you.
• Request corrections to inaccurate or outdated data.
• Request deletion of your personal information.
• Opt out of certain data uses, including marketing communications.

9. Cookies and Tracking Technologies

Our website employs essential cookies to preserve your session, remember preferences, and

enable core functionality. We also use performance cookies and third party analytics tools

(Google Analytics) to understand how visitors use our site and to optimize performance. While

you may disable non-essential cookies in your browser settings, doing so could affect certain

features or impair your experience.

10. Data Retention and Security

We retain personal information only as long as necessary to fulfill the purposes for which it was

collected or to comply with legal or regulatory requirements, typically no longer than 24 months

after your last interaction. We protect your data with industry standard measures, including

encryption both in transit and at rest, strict access controls.

“If a data breach affecting your personal data occurs, we will notify you and any relevant

regulators as required by law.”

11. Data Accuracy

• Personal data must be accurate, relevant, and kept up to date.
• Data should be stored in as few locations as necessary to reduce duplication.
• Staff should confirm data accuracy when interacting with clients or partners.
• The company will provide an easy process for individuals to update their personal data.
• Outdated or incorrect data must be corrected or deleted promptly.
• Marketing databases will be reviewed regularly against opt-out and suppression lists.

412. 4 Individual Data Rights (U.S. Privacy Requests)

Individuals whose data is held by Cloud Botics Consultancy have the right to:

• Request access to their personal data.
• Request corrections to inaccurate or outdated data.
• Request deletion of their personal data, subject to legal or contractual retention

requirements.

• Opt out of the sale or sharing of personal data (as applicable under state laws).

How to Submit a Privacy Request

• Requests should be sent via email to info@cloudboticsconsultancy.com.
• We will verify the requester’s identity before releasing any information.
• We aim to respond within the legally required time frame (e.g., 45 days under CCPA).
• Requests will be handled free of charge unless excessive or repetitive.

13. Disclosures to Third Parties

• Personal data may be shared with law enforcement or regulatory agencies when required

by law.

• Such disclosures will be reviewed by the Data Protection Officer (DPO) and legal

counsel to confirm legitimacy before release.

• Third-party vendors processing personal data on our behalf must sign a Data Processing

Agreement (DPA) and meet our security standards.

14. Information Transparency

We aim to ensure that individuals understand:

• The identity and contact details of our company.
• The contact details of our Data Protection Officer.
• The lawful basis for processing their data (consent, contract, legal obligation, legitimate

interest, etc.).

• The categories of third parties with whom data may be shared.

5• How long will their data be retained or the criteria for determining retention.

• Their rights to request correction, deletion, restriction, or objection to processing.
• How to lodge a complaint with their state’s consumer protection authority or the Federal

Trade Commission (FTC).

• Data Protection Officer (DPO): privacy@cloudboticsconsultancy.com

15. Our Commitment

Cloud Botics Consultancy is dedicated to maintaining trust and transparency in all aspects of

data privacy. We regularly review and update our data protection practices to ensure compliance

with evolving U.S. regulations and industry standards.

16. Governing Law

These Terms are governed by the laws of the United States of America, without regard to

conflict of law principles.

Cloud Botics Consultancy Sub-Processor Repository

Welcome to Cloud Botics Consultancy’s Sub-processor Repository. This page outlines the

third-party vendors (“Sub-Processors”) we engage to support the delivery of our AI-driven

services such as voice agents, chatbot integrations, and intelligent automation.

Sub-Processors may access certain service data strictly as needed to fulfill their responsibilities.

Each vendor listed below is carefully vetted for security, privacy, and compliance standards.

Note: Terms used in this document but not defined have the meanings set forth in the Master

Service Agreement (MSA) between you (the “Customer”) and Cloud Botics Consultancy.

Third-Party Engagement

To enhance platform reliability, scalability, and user experience, Cloud Botics Consultancy

engages with a select group of third-party sub-processors. Each is evaluated for:

• Security posture
• Data handling and storage practices
• Confidentiality and contractual controls

67

• Regulatory compliance (e.g., GDPR, CCPA, SOC 2)

Sub-Processors are only permitted to process data necessary for their function and are bound by

strict contractual obligations.

Core Sub-processors

These Sub-Processors are critical to Cloud Botics’s core infrastructure and AI service delivery.

Sub-Processor Name Purpose

Location

Amazon Web Services Cloud Hosting & Infrastructure United States

Google Cloud Platform Cloud Hosting & ML Services United States

OpenAI

LLM AI Model Support

United States

Groq

AI Acceleration Platform

United States

Mistral

AI Model Inference

United States

Application-Specific Sub-Processors

These vendors support specific features like dashboards, orchestration, and visualization tools.

They may process customer data depending on feature usage.

Sub-Processor Name Purpose

Location

MongoDB

Dashboard Data Storage & Retrieval

United States

n8n

Workflow Automation & Data Orchestration Germany / EU

Service-Specific Sub-Processors

These Sub-Processors are used only when specific services (e.g., voice agents, TTS/ASR tools,

chatbot integrations) are activated by the customer.

Sub-Processor Name Purpose

Location

Assembly AI

Speech-to-Text (ASR)

United States

Gladia

Automated Speech Recognition

United States8

Sub-Processor Name Purpose

Location

ElevenLabs

Text-to-Speech (TTS) Generation United States

Twilio

Voice Communication Infrastructure United States

Updates

The list of Sub-Processors may evolve as we improve our platform. Any material additions or

removals will be reflected on this page. Customers will be notified of significant changes where

required by the MSA or applicable data protection laws.

Requests can be made by contacting us at info@cloudboticsconsultancy.com.

Email: info@cloudboticsconsultancy.com

Phone: 346-504-8502

Address:

1880 S Dairy Ashford Rd, Suite 207

Houston, TX 77077