AIUSA ("Company," "we," "us," or "our") operates the Feedback by AIUSA platform and related services (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our Service, or interact with us in any way.
Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.
1. Information We Collect
1.1 Information You Provide Directly
We collect information you provide when you:
- Create an Account: Name, email address, password, business name, and other registration information
- Set Up Your Profile: Business information, logo, brand colors, Google Business Profile URL, and customization preferences
- Subscribe to Paid Plans: Billing information, payment card details (processed securely by our payment provider, Stripe)
- Contact Us: Any information you include in your communications with us
1.2 Information Collected from End Users
When End Users submit feedback through a Subscriber's feedback form, we may collect:
- Feedback Content: Star ratings, comments, and answers to questions
- Contact Information (Optional): Name, email address, and phone number (if voluntarily provided)
- Technical Information: IP address, browser type, device information, and user agent string
1.3 Automatically Collected Information
When you access the Service, we automatically collect:
- Device Information: Device type, operating system, and browser type
- Log Data: IP address, access times, pages viewed, referring URL, and actions taken on the Service
- Cookies and Similar Technologies: Session cookies for authentication, preferences, and analytics
2. How We Use Your Information
We use the information we collect for the following purposes:
- Provide and Operate the Service: Process feedback submissions, display analytics, and deliver the features you request
- Account Management: Create and manage your account, process subscriptions, and provide customer support
- Communication: Send service-related notifications, respond to inquiries, and provide updates about the Service
- Security and Fraud Prevention: Detect, prevent, and address technical issues, fraud, abuse, and security threats
- Rate Limiting: Use IP addresses to prevent abuse and ensure fair usage
- Analytics and Improvement: Analyze usage patterns to improve the Service and develop new features
- Legal Compliance: Comply with applicable laws, regulations, and legal processes
3. How We Share Your Information
We may share your information in the following circumstances:
3.1 With Subscribers (for End User Data)
When End Users submit feedback, that information is shared with the Subscriber who operates the feedback form. Subscribers are data controllers for the feedback they collect and are responsible for their own privacy practices.
3.2 Service Providers
We share information with third-party service providers who assist us in operating the Service:
- Payment Processing: Stripe processes payment information securely
- Hosting and Infrastructure: Cloud hosting providers store and process data
- Analytics: Analytics services help us understand Service usage
3.3 Legal Requirements and Law Enforcement
We may disclose your information to law enforcement, government authorities, or other third parties without prior notice to you if we believe in good faith that such disclosure is necessary or appropriate to:
- Comply with any applicable law, regulation, legal process, or governmental request
- Enforce our Terms of Service, including investigation of potential violations
- Detect, prevent, or address fraud, security, or technical issues
- Protect against harm to the rights, property, or safety of AIUSA, our users, or the public
- Investigate or assist in investigating any criminal or civil matter
- Respond to claims that any content violates the rights of third parties
- Protect the safety of any person, including in emergencies
We reserve the right to fully cooperate with any law enforcement authorities or court orders requesting or directing us to disclose the identity, behavior, or data of any user. Unless prohibited by law, we will attempt to notify you of such requests, but we are not obligated to do so.
3.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.
4. Data Controller Relationships
For Subscriber Data: We act as the data controller for information collected directly from Subscribers (account information, billing, etc.).
For End User Feedback Data: Subscribers are the data controllers for feedback submitted through their forms. We act as a data processor on their behalf. Subscribers are responsible for ensuring they have appropriate legal bases for collecting End User data and for their own privacy notices.
End Users with questions about how a Subscriber uses their data should contact the Subscriber directly.
5. Cookies and Tracking Technologies
We use cookies and similar technologies to operate the Service:
- Essential Cookies: Required for authentication, security, and basic functionality. These cannot be disabled.
- Session Cookies: Maintain your login session and remember your preferences during your visit.
You can control cookies through your browser settings. However, disabling essential cookies may prevent you from using certain features of the Service.
6. Data Retention
We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
- Account Data: Retained while your account is active and for a reasonable period thereafter for legal and business purposes
- Feedback Data: Retained according to the Subscriber's preferences and our data retention policies
- Log Data: Generally retained for up to 12 months for security and analytics
- Payment Records: Retained as required by tax and financial regulations
Account Deletion and Data Removal
When you request to delete your account:
- 30-Day Retention Period: Your account and data will be held in a deactivated state for 30 days. During this period, you may contact us to restore your account.
- Permanent Deletion: After 30 days, your account and all associated data will be permanently and irreversibly deleted from our active systems.
- Backup Retention: Some data may persist in encrypted backups for up to 90 days after permanent deletion, after which it will be purged.
- Legal Holds: If your account is subject to a legal hold, investigation, or dispute, we may retain data longer as required by law.
Subscribers are responsible for exporting any data they wish to retain before requesting account deletion.
7. Data Security
We implement appropriate technical and organizational measures to protect your information, including:
- Encryption of data in transit (HTTPS/TLS)
- Secure password hashing
- Access controls and authentication
- Regular security assessments
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
8. Your Rights and Choices
Depending on your location, you may have certain rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information, subject to certain exceptions
- Data Portability: Request a copy of your data in a structured, machine-readable format
- Opt-Out: Unsubscribe from marketing communications at any time
To exercise these rights, please contact us using the information provided below. We may need to verify your identity before processing your request.
9. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information we collect, use, and disclose
- Right to request deletion of your personal information
- Right to opt-out of the sale of personal information (we do not sell personal information)
- Right to non-discrimination for exercising your privacy rights
To make a request, contact us at the information below. You may designate an authorized agent to make requests on your behalf.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws different from your jurisdiction. By using the Service, you consent to such transfers. We take appropriate safeguards to ensure your information remains protected in accordance with this Privacy Policy.
11. Children's Privacy
The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe a child has provided us with personal information, please contact us.
12. Third-Party Links
The Service may contain links to third-party websites, including Google Business Profiles and other external review platforms. We are not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies before providing any personal information.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on the Service prior to the changes taking effect. The "Effective Date" at the top indicates when this Privacy Policy was last revised. Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
15. Notice to Subscribers: Your Privacy Responsibilities
As a Subscriber who collects customer feedback through the Service, you have important privacy responsibilities:
- You are the data controller for feedback collected through your forms
- You must have a lawful basis for collecting End User data (e.g., consent, legitimate interest)
- You should provide your own privacy notice to End Users explaining how you use their data
- You are responsible for responding to data subject requests from your End Users
- You must comply with all applicable data protection laws in your jurisdiction
- You should not use collected data for purposes other than those disclosed to End Users
Last updated: January 10, 2026