Privacy Policy
A.I. Machines Inc (“we,” “our,” or “us”) provides software-as-a-service (SaaS) solutions to automotive dealers (“Dealers”). This Privacy Policy explains how we collect, use, disclose, and safeguard personal information—including nonpublic personal information (NPI)—in compliance with the Gramm-Leach-Bliley Act (GLBA) and other applicable privacy laws. This policy applies to our website and to our services offered to Dealers.
1) Information We Collect
We may collect the following categories of information from Dealers and their customers:
a) Dealer & Customer Data (Imported from Legacy Systems)
- Customer contact information (e.g., name, phone number, email, address).
- Vehicle information (e.g., VIN, make, model, year, service history).
b) Information You Provide
- Dealer account details (dealer representative name, dealership name, email, phone, login credentials).
- Billing and payment information.
c) Automatically Collected Information
- Log data (IP address, browser type, operating system, access times).
- Usage data (features accessed, pages visited, actions taken).
- Cookies and similar technologies for functionality, security, and analytics.
2) How We Use Information
- Provide, operate, and improve our SaaS product and related services.
- Import, process, and maintain accurate dealership customer records.
- Facilitate secure data migration from legacy systems.
- Provide customer support and respond to inquiries.
- Process payments and manage subscriptions.
- Monitor usage, detect and prevent fraud, and ensure system security and integrity.
- Comply with legal, regulatory, and contractual obligations (including GLBA).
3) GLBA Notice: Collection & Disclosure of Nonpublic Personal Information (NPI)
Under the Gramm-Leach-Bliley Act (GLBA), we are required to protect the confidentiality and security of nonpublic personal information (“NPI”) that we process as a service provider to financial institutions (which may include Dealers offering or arranging financing).
- We do not sell NPI.
- We disclose NPI only as permitted by law and as described in this policy.
Limited Sharing
- With Dealers: Customer data imported into our system is accessible only to the Dealer that owns or controls that data.
- For Legal Reasons: When required to comply with applicable law, regulation, or valid legal process, or to protect rights, safety, and security.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to continued protections consistent with this policy.
Dealer Responsibilities: Dealers remain responsible for providing any required GLBA consumer privacy notices and honoring applicable opt-out rights related to their own sharing practices. We support Dealers’ compliance by processing data solely as instructed, implementing safeguards, and assisting with consumer requests directed to the Dealer.
4) Data Retention
- Dealer customer data is retained for as long as the Dealer maintains an active account or as required by law or contract.
- Dealers may request deletion or export of customer data by contacting us at [contact email].
- Website visitor and system usage data is retained for a limited period for analytics, security, and troubleshooting.
5) Data Security (GLBA Safeguards Rule)
We implement administrative, technical, and physical safeguards designed to protect information, including:
- Encryption of Data, where appropriate.
- Role-based access controls and multi-factor authentication.
- Vendor due diligence and contractual confidentiality requirements.
- Risk assessments, logging/monitoring, and incident response procedures.
- Employee training on data security and confidentiality.
While we take reasonable steps to protect information, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
6) Your Privacy Rights
Depending on applicable laws, individuals may have rights to access, correct, or delete personal information, or to restrict/opt out of certain processing. Dealers are primarily responsible for handling their customers’ requests. We will support Dealers in fulfilling verified requests that relate to data we process on their behalf.
8) Children’s Privacy
Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children.
9) Updates to This Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised “Last Updated” date. Material changes will be communicated as required by law.
10) Contact Us
A.I. MachinesEmail: support@aimachine.zendesk.com