Privacy Policy

DataBillity, Inc. · doing business as Billity AI

Effective date: April 1, 2026 · Last updated: May 9, 2026 · Version 2.3

1. Introduction

DataBillity, Inc., doing business as Billity AI (“Billity AI,” “we,” “us,” or “our”), is committed to protecting the privacy and security of personal information entrusted to us by our subscribing businesses and their customers. This Privacy Policy describes how we collect, use, share, and protect personal data in connection with the Billity AI platform (the “Platform”), which provides AI-powered customer data analytics, hyper-personalized marketing engagement, consent management, SMS and text messaging services, and cross-network loyalty services.
This Privacy Policy applies to all users of the Platform, including subscribing businesses (“Subscribers”), the customers of those businesses (“End Customers”), and visitors to our website and applications. It is designed to comply with the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”), applicable provincial privacy laws including Québec’s Act respecting the protection of personal information in the private sector (“Québec Act”), Alberta’s Personal Information Protection Act (“Alberta PIPA”), and British Columbia’s Personal Information Protection Act (“BC PIPA”), and is guided by the principles of the EU General Data Protection Regulation (“GDPR”).
We adhere to the Fair Information Practice Principles (“FIPPs”) as reflected in the OECD Privacy Guidelines, which serve as the foundational principles for privacy frameworks worldwide, including PIPEDA, the GDPR, and Privacy by Design principles.
Related Agreements: This Privacy Policy is incorporated by reference into the Billity AI Terms of Service (“ToS”). Disputes relating to this Privacy Policy are subject to the governing law and dispute resolution provisions of the ToS (laws of the State of Delaware; binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules in Seattle, Washington, USA). Cross-network data sharing between Subscribers within the Billity AI Network is governed by the separate, voluntary Third-Party Data Sharing Network Participation Agreement (“Network Agreement”). SMS and text messaging services are governed by Section 9 of the ToS, which includes additional consent, content, and compliance requirements under the Telephone Consumer Protection Act (“TCPA”), CTIA Messaging Principles and Best Practices, 10DLC registration requirements, and Canada’s Anti-Spam Legislation (“CASL”).

2. Scope and Applicability

2.1 What This Policy Covers

This Privacy Policy governs the collection, use, disclosure, retention, and protection of personal data processed through the Billity AI Platform, including data received from Subscriber systems such as Enterprise Resource Planning (“ERP”) platforms, Customer Relationship Management (“CRM”) systems, online payment gateways, e-commerce checkouts, in-store point-of-sale (“POS”) systems, and SMS/text messaging channels (collectively, “Channels”).

2.2 What This Policy Does Not Cover

This Privacy Policy does not address:

Laws applicable to specific industry sectors or types of data, such as those governing children’s data (COPPA), financial institutions (GLBA), or healthcare providers (HIPAA).
Direct marketing and advertising laws, cookie and tracking technology regulations, or other sector-specific rules that may independently apply to Subscriber activities.
The sale, rental, or licensing of identifiable personal data to unrelated third parties outside the Billity AI Network.

2.3 Jurisdictional Application

This Privacy Policy applies to data processing activities conducted in the United States and Canada. For U.S.-based Subscribers and their End Customers, the CCPA/CPRA is the controlling data protection law. For Canadian Subscribers and End Customers, PIPEDA and applicable provincial privacy legislation are controlling. GDPR principles are incorporated as a best-practice framework to ensure maximum regulatory preparedness and to support Subscribers who may have EU-based customers or operations.

3. Key Definitions

“Personal Data” (or “Personal Information”) means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an identified or identifiable natural person or household. This includes names, identification numbers, location data, online identifiers, transactional data, and mobile phone numbers.
“Anonymized Data” means data that has been permanently and irreversibly modified so that it cannot reasonably be used to identify, relate to, describe, be associated with, or be linked to any individual, directly or indirectly, by any party.
“De-Identified Data” means data that has been modified so that it cannot reasonably identify, relate to, describe, or be linked to a particular individual, provided that the organization maintaining it: (a) takes reasonable measures to ensure the data cannot be re-associated with an individual; (b) publicly commits to maintaining the data in de-identified form; and (c) contractually obligates any recipients to comply with de-identification requirements.
“Pseudonymized Data” means data that has been processed so that it can no longer be attributed to a specific individual without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures to prevent re-identification. Pseudonymized data remains Personal Data under the GDPR.
“Persona” means an anonymized or aggregated customer archetype generated by the Platform from transactional and behavioral data. A Persona does not contain Personal Data and cannot be used to identify or re-identify any individual.
“Subscriber” means a business that has licensed the Billity AI Platform to capture, manage, and analyze customer data for marketing engagement and business intelligence purposes.
“End Customer” means an individual whose Personal Data is processed through the Platform as a result of their interactions with a Subscriber’s Channels.
“Network” means the collective group of Subscribers participating in the Billity AI Third-Party Data Sharing Network who may, subject to the Network Agreement and Cross-Network Consent, share data for the purpose of improving customer experiences.
“Network Agreement” means the separate, voluntary Third-Party Data Sharing Network Participation Agreement that governs a Subscriber’s participation in the Network.
“Cross-Network Consent” means the separate, specific, informed, and freely given consent obtained from an End Customer authorizing the sharing of their Personal Data between Participating Subscribers within the Network, as described in Section 7.1 (Layer 4) of this Privacy Policy and Section 5 of the Network Agreement.
“Processing” means any operation performed on Personal Data, whether automated or not, including collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, combination, restriction, erasure, or destruction.

4. Information We Collect

4.1 Information Collected Through Subscriber Channels

When Subscribers integrate the Platform with their Channels, we may receive the following categories of Personal Data about End Customers:

Transaction and billing data, including purchase history, payment amounts, frequency, product or service categories, and billing identifiers.
Contact information, including name, email address, phone number, mobile phone number, and mailing address.
Account identifiers and loyalty program enrollment data.
Device and channel identifiers, including POS terminal identifiers, e-commerce session data, and online payment gateway references.
Preferences and behavioral data derived from purchasing patterns across Subscriber Channels.
SMS and text messaging data, including mobile phone numbers, message content, message metadata (timestamps, delivery status), opt-in and opt-out records, consent language presented, and interaction history collected through the Platform’s Messaging Services (as described in Section 9 of the ToS).

4.2 Information Collected Directly

We may also collect information directly from End Customers who enroll in a Billity AI network loyalty program or interact with Billity AI-powered features, including:

Registration information provided during loyalty program enrollment.
Communication preferences and consent records, including SMS opt-in preferences.
Feedback, inquiries, and support requests.

4.3 Sensitive Personal Information

We do not intentionally collect sensitive personal information, including financial account credentials, government-issued identification numbers, precise geolocation data, biometric data, health information, or data revealing racial or ethnic origin, religious beliefs, sexual orientation, or similar categories. If sensitive personal information is inadvertently received through a Channel integration, we will take reasonable steps to delete or de-identify it promptly.

4.4 Information Collected About Subscriber Personnel

When a Subscriber invites its employees, contractors, agents, or authorized representatives (“Subscriber Personnel”) to participate in the Platform’s SMS notification program for customer and lead support purposes (as described in Section 9.13 of the ToS), we may collect the following categories of Personal Data about Subscriber Personnel:

Name, role or title, and organizational affiliation with the Subscriber.
Mobile phone number (personal or business device).
Opt-in and opt-out records, including consent language presented, timestamp, and method of consent.
Message interaction metadata (delivery status, timestamps, response indicators).
Subscriber Personnel data is collected solely through the Subscriber’s invitation-based opt-in mechanism and is used exclusively for delivering operational Personnel Notifications. Subscriber Personnel data is stored separately from End Customer data and is never used for Persona generation, LTV scoring, cross-network enrichment, AI model training, or any marketing or promotional purpose. Subscriber Personnel phone numbers and opt-in data are not shared with End Customers, other Subscribers, the Network, or any third party.

5. How We Collect Information

Personal Data is collected through the following mechanisms:

Through Subscriber Channels: When an End Customer completes a transaction, enrolls in a loyalty program, or otherwise interacts with a Subscriber’s integrated systems (ERP, CRM, payment gateway, e-commerce checkout, or POS), data flows to the Platform via authenticated, encrypted API connections.
Through SMS and Text Messaging: When an End Customer sends or receives text messages through the Platform’s Messaging Services (powered by Billity AI’s designated third-party SMS/MMS connectivity provider), including inbound SMS conversations with Billity Bots, outbound notifications, and opt-in/opt-out interactions. SMS data collection is subject to the consent requirements described in Section 7.5 of this Privacy Policy and Section 9.3 of the ToS.
Through Direct Interaction: When an End Customer engages directly with the Billity AI loyalty program, a consent interface, a check-in application, or a Subscriber-branded engagement tool powered by the Platform.
From Subscriber Submissions: Subscribers may upload or transmit customer data sets to the Platform for analysis, segmentation, and personalization services.
Through Subscriber Personnel Invitations: When a Subscriber invites its employees, contractors, or agents to receive operational SMS notifications through the Platform’s Personnel Notification program (Section 9.13 of the ToS), Subscriber Personnel data is collected through the invitation-based opt-in mechanism. Consent is obtained directly from the individual via affirmative opt-in, and participation is voluntary.

6. Legal Bases for Processing

We process Personal Data only where we have a lawful basis to do so. The applicable legal basis depends on the jurisdiction, the nature of the data, and the specific processing activity.

6.1 United States (CCPA/CPRA)

Under the CCPA/CPRA, we process Personal Data for disclosed business purposes and commercial purposes, subject to the notice, consent, and purpose limitation requirements described in this Policy. End Customers have the right to know, delete, correct, opt out of sale or sharing, and limit the use of sensitive personal information, as further described in Section 11.

6.2 Canada (PIPEDA and Provincial Laws)

Under PIPEDA and applicable provincial privacy legislation, we process Personal Data based on informed, meaningful consent obtained from End Customers at or before the time of collection. Consent may be express or implied depending on the sensitivity of the data and the reasonable expectations of the End Customer, as described in Section 7 below. Under the Québec Act, consent must be express (implied or opt-out consent is not recognized).

6.3 GDPR-Aligned Principles

Although the GDPR is not the controlling law for U.S. and Canadian operations, Billity AI incorporates GDPR principles as a best-practice framework. Where applicable, processing is grounded in one or more of the following bases: consent of the data subject; performance of a contract; compliance with a legal obligation; or legitimate interests pursued by the controller, except where overridden by the data subject’s fundamental rights and freedoms.

7. Consent Framework

Billity AI employs a layered consent model to ensure that End Customers are informed of, and consent to, each distinct purpose for which their Personal Data is processed. This approach reflects the principle of purpose limitation and ensures that consent is granular, specific, and freely given.

7.1 Layered Consent Model

Consent is obtained at the following layers, each requiring separate and specific authorization:
Layer 1 — Transaction Completion. The Subscriber collects and processes End Customer data as necessary to complete the sales transaction. Under Canadian law, implied consent may apply at this layer given the reasonable expectations of the End Customer in a transactional context.
Layer 2 — Sharing with Billity AI for Analysis. The Subscriber obtains the End Customer’s consent to share transaction data with Billity AI for the purpose of providing business analytics, customer segmentation, and personalized engagement services back to the Subscriber.
Layer 3 — Persona Creation and Behavioral Modeling. Consent is obtained for Billity AI to use End Customer data to create and refine anonymized Personas and customer archetypes. Once a Persona is created, it does not contain Personal Data and may be used without further consent.
Layer 4 — Cross-Network Data Sharing. A separate, specific consent (“Cross-Network Consent”) is required before an End Customer’s Personal Data may be shared between Subscribers within the Billity AI Network. This consent is governed by the separate, voluntary Third-Party Data Sharing Network Participation Agreement (“Network Agreement”) between the Subscriber and Billity AI. Cross-Network Consent must be obtained independently of Layers 1–3 and must not be bundled with, or conditioned on, completing a transaction, accessing a service, or enrolling in a loyalty program. Cross-Network Consent may be obtained through enrollment in a loyalty program (as a separate opt-in), a standalone opt-in at the point of sale, or through follow-up communication.
Layer 5 — Anonymization for Aggregate Analytics. Consent is obtained (where required, such as under GDPR principles) for Billity AI to anonymize or de-identify End Customer data for the purpose of creating aggregate data sets that may be used for broad analytics and shared with Subscribers.

7.2 Consent Requirements

All consent obtained through the Platform must meet the following requirements:

Identify a complete description of the Personal Data being collected.
Identify all parties with whom the data will be shared, including Billity AI and, where applicable, other Subscribers in the Network (with a link to the current Network Directory).
Clearly state each purpose for which data will be used.
Provide notice if data will be anonymized or de-identified.
Be opt-in where required by law (including under the Québec Act and for processing sensitive data). At minimum, consent mechanisms must provide a clear and easy opt-out.
Allow for withdrawal of consent at any time, with withdrawal applied across all parties with whom data was shared for the consented purpose.
Not be bundled with unrelated terms or conditioned on completing a transaction, except for consent necessary to fulfill the transaction itself.

7.3 Implied Consent (Canada)

Under PIPEDA and substantially similar provincial legislation (excluding Québec), implied consent may be relied upon where the following conditions are met:

The End Customer is made aware of the purpose of the data collection in a clear and understandable manner at or before the time of collection.
Information about all parties involved in processing (including Billity AI) is provided clearly and is not buried in a privacy policy.
The End Customer is given an easy, immediate, and persistent opt-out mechanism.
The data collected is limited to non-sensitive information.
The data is destroyed or effectively de-identified as soon as practicable after use.

7.4 Withdrawal of Consent

End Customers may withdraw their consent at any time. Upon withdrawal:

The Subscriber must cease the flow of that End Customer’s data to Billity AI and notify Billity AI of the withdrawal.
Billity AI will cease processing of that End Customer’s Personal Data and delete it from its systems, except where retention is required by law.
Anonymized data or Personas derived from that End Customer’s data prior to withdrawal may continue to be used, as they do not constitute Personal Data.
The Subscriber must inform the End Customer of any consequences of withdrawal, such as the inability to provide personalized services.
Follow-up communication confirming the withdrawal, with a copy of the applicable privacy notice and instructions for exercising additional rights, should be sent to the End Customer.
Withdrawal of Cross-Network Consent (Layer 4) is subject to the propagation procedures described in Section 6 of the Network Agreement, including cascade notification to all Participating Subscribers within twenty-four (24) hours.

7.5 SMS-Specific Consent

SMS and text messaging consent is channel-specific and independent of all other consent layers. Consent obtained for email, web, or other channels does not constitute consent for SMS. The following requirements apply in addition to the general consent framework:

United States (TCPA/CTIA): Prior express consent is required for informational messages. Prior express written consent is required for promotional or marketing messages. All opt-in disclosures must include brand identification, message type, frequency, data rate notice, opt-out instructions, and a statement that consent is not a condition of purchase. Detailed requirements are set forth in Section 9.3 of the ToS.
Canada (CASL): Express consent is required for all commercial electronic messages, including SMS. Under the Québec Act, implied consent is not recognized. All commercial SMS must include sender identification, contact information, and a functioning unsubscribe mechanism. Detailed requirements are set forth in Section 9.3.3 of the ToS.
Consent Records: SMS consent records (timestamp, method of opt-in, consent language, End Customer identity) must be retained for a minimum of four (4) years and produced upon request by Billity AI, The Campaign Registry (TCR), carriers, or regulatory authorities. SMS consent records are maintained as part of the Platform’s immutable consent audit trail.
Mobile Information Sharing Prohibition: Mobile subscriber information, including phone numbers, SMS opt-in data, and text messaging consent records, will not be shared with third parties or affiliates for marketing or promotional purposes. This prohibition applies to all categories of data sharing described in this Privacy Policy, including cross-network sharing under the Network Agreement.
Subscriber Personnel Notifications: Where Subscribers invite their employees, contractors, or agents to receive operational SMS notifications through the Platform (as described in Section 9.13 of the ToS), consent is obtained through an invitation-based, affirmative opt-in mechanism. Participation is voluntary and must not be conditioned on employment or engagement. Subscriber Personnel may opt out at any time by replying STOP. Subscriber Personnel phone numbers and opt-in data are stored separately from End Customer data and are never used for Persona generation, cross-network enrichment, AI model training, or marketing purposes.

8. Purposes of Processing

We process Personal Data only for the purposes disclosed to End Customers at or before the time of collection, or for purposes that are compatible with the original collection context. Our processing purposes include:

Completing and facilitating transactions between End Customers and Subscribers.
Providing analytics, business intelligence, and customer segmentation to Subscribers.
Generating anonymized Personas and customer archetypes for use by Subscribers.
Enabling hyper-personalized product and service recommendations to End Customers.
Managing and operating the Billity AI loyalty program and cross-network engagement tools (subject to the Network Agreement).
Facilitating cross-network data sharing between consenting Subscribers regarding common End Customers (subject to the Network Agreement and Cross-Network Consent).
Delivering SMS and text messages to End Customers on behalf of Subscribers, including Billity Bot interactions, notifications, offers, and transactional messages (subject to SMS-specific consent described in Section 7.5 and Section 9 of the ToS).
Conducting aggregated and anonymized trend analysis for Platform improvement.
Fulfilling legal obligations, including responding to data subject access requests.
Ensuring the security and integrity of the Platform.

8.1 Purpose Limitation

We do not process Personal Data for purposes that are materially different from or incompatible with those disclosed at the time of collection, unless we obtain new, specific consent from the End Customer.

8.2 Data Minimization

We collect, use, retain, and share only the Personal Data that is reasonably necessary and proportionate to achieve the processing purposes described above.

9. Data Sharing and Disclosure

9.1 Sharing with Subscribers

We share analytics, insights, Personas, and, where consent has been obtained, End Customer data with Subscribers for the purposes described in this Policy. Subscribers are contractually obligated to process data in accordance with applicable data protection laws, this Privacy Policy, and the Terms of Service.

9.2 Cross-Network Sharing

Where an End Customer is common to multiple Subscribers within the Billity AI Network, we may share data about that End Customer across those Subscribers, but only where:

The Subscriber has executed the separate, voluntary Third-Party Data Sharing Network Participation Agreement (“Network Agreement”).
The End Customer has provided separate, specific, and informed Cross-Network Consent for such sharing (Layer 4), obtained independently of all other consent layers and not conditioned on any transaction, service, or loyalty enrollment.
The identity of the Subscribers with whom data may be shared has been disclosed (or a link to the current Network Directory has been provided).
The purpose of the sharing has been clearly communicated.
Cross-network data sharing is governed exclusively by the Network Agreement and is not a feature of or obligation under the core Platform subscription. The consent gate is enforced at the data query layer, not only at the application layer. Detailed data flow architecture, permitted uses, prohibited uses, and data governance controls are described in Sections 4 and 7 of the Network Agreement.

Manage consent and privacy rights →

(Routing note — May 2026: the canonical Billity-hosted End Customer entry for privacy and consent management is /manage-consent on the Billity admin application host (e.g. https://app.billity.ai/manage-consent); Next rewrites internally to app/privacy/*. Legacy /privacy 302s to /manage-consent. The former bare /consent marketing landing 302s to /manage-consent. Subscriber-specific magic-link flows are unchanged and continue to use /consent/manage, /consent/verify, and /consent/{public_organization_code} — those paths are not redirected.)

9.3 Anonymized and Pseudonymized Data

We may share anonymized or aggregated data with Subscribers and other parties without restriction, as such data does not constitute Personal Data. Where we employ pseudonymization techniques (such as tokenization or zero-knowledge proof technology), we ensure that:

Billity AI does not possess the key or supplementary information necessary to re-identify the data subject.
Each Subscriber generates a consistent token for its customers, enabling Billity AI to correlate data across Subscribers without accessing identifiable information.
When analysis is returned to a Subscriber, only that Subscriber can re-identify the data using its own key.

9.4 Third-Party Disclosures

We do not sell, rent, or license identifiable Personal Data to third parties outside the Billity AI Network. We may disclose Personal Data to:

Service providers and processors who perform services on our behalf (including SMS/MMS delivery infrastructure), subject to contractual data protection obligations.
Law enforcement, regulatory authorities, or courts where required by law or to protect our legal rights.
Parties involved in a merger, acquisition, or asset sale, subject to appropriate data protection safeguards and notice requirements.
SMS Opt-In Data Exclusion: Notwithstanding any other provision of this Section 9, mobile subscriber information, SMS opt-in data, and text messaging consent records will never be shared with, sold to, or disclosed to any third party (including other Network participants) for marketing or promotional purposes. This exclusion applies to all categories of sharing described in this Privacy Policy and the Network Agreement.

10. Anonymization, De-Identification, and Pseudonymization

10.1 Anonymization Standard

Consistent with GDPR guidance and the recommendations of the European Data Protection Board, anonymization means the permanent and irreversible modification of data so that re-identification is not reasonably possible by any party, using any means.

10.2 De-Identification (CCPA/CPRA)

Under the CCPA/CPRA, de-identified data is data that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer. We maintain de-identified data in compliance with CCPA/CPRA requirements by: (a) taking reasonable measures to ensure the data cannot be associated with a consumer or household; (b) publicly committing to maintain and use the data in de-identified form; and (c) contractually obligating all recipients to comply with de-identification provisions.

10.3 Pseudonymization and Tokenization

Where full anonymization is not practicable, we may employ pseudonymization techniques, including tokenization and privacy-enhancing technologies (such as zero-knowledge proof protocols), to protect End Customer identities while enabling cross-network analytics. Pseudonymized data remains Personal Data and is processed in accordance with this Privacy Policy and applicable law.

10.4 Personas

Personas generated by the Platform are anonymized, aggregate customer archetypes. They do not contain Personal Data that identifies or could reasonably be linked to any individual. Personas may be freely shared with Subscribers within the Network without additional consent.

11. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights with respect to your Personal Data. To exercise any of these rights, please contact us using the information provided in Section 16.

11.1 Rights Under CCPA/CPRA (U.S.

— California Residents)

Right to Know what Personal Data we have collected about you.
Right to Delete Personal Data we have collected about you, subject to legal exceptions.
Right to Correct inaccurate Personal Data.
Right to Opt-Out of Sale or Sharing. Billity AI does not sell Personal Data. Cross-network sharing under the Network Agreement may constitute “sharing” under CCPA/CPRA and is subject to opt-out rights.
Right to Limit Sensitive Personal Information use and disclosure.
Right to Non-Discrimination for exercising any CCPA/CPRA rights.

Exercise your privacy rights →

11.2 Rights Under PIPEDA and Provincial Laws (Canada)

Right of Access to your Personal Data within a reasonable timeframe.
Right to Correction of inaccurate or incomplete Personal Data.
Right to Withdraw Consent at any time, subject to legal or contractual restrictions.
Right to Complain to the Office of the Privacy Commissioner of Canada, or the relevant provincial privacy commissioner.

11.3 GDPR-Aligned Rights

Billity AI extends the following GDPR-aligned rights to all End Customers as a matter of best practice:

Right to be Informed about how your data is processed.
Right to Erasure where data is no longer necessary or consent is withdrawn.
Right to Restriction of Processing in certain circumstances.
Right to Data Portability in a structured, machine-readable format.
Right to Object to automated decision-making, including profiling.

11.4 SMS-Specific Rights

In addition to the rights described above, End Customers and Subscriber Personnel receiving SMS messages through the Platform have the right to:

Opt out of SMS messaging at any time by replying STOP (or STOPALL, UNSUBSCRIBE, CANCEL, END, or QUIT) to any message, or by contacting the Subscriber or Billity AI at privacy@billity.ai.
Request information about what SMS consent has been recorded and the basis on which messages are being sent.
Under CASL, opt-out requests must be processed within ten (10) business days. Under TCPA and CTIA guidelines, opt-out must be honored immediately.
Subscriber Personnel-Specific Rights: Subscriber Personnel who have opted in to receive Personnel Notifications have the right to opt out at any time without adverse employment or contractual consequences. Upon opt-out or departure from the Subscriber’s organization, the individual’s phone number and notification preferences will be deleted from the Platform within thirty (30) days, subject to compliance record retention requirements. Subscriber Personnel may also request access to, correction of, or deletion of their Personal Data held by the Platform by contacting the Subscriber or Billity AI at privacy@billity.ai.

12. Automated Decision-Making, Profiling, and AI Governance

12.1 Transparency

The Billity AI Platform uses AI-powered analytics (powered by Google Gemini as primary and Anthropic Claude as secondary AI models) to analyze transactional data, generate Personas, and deliver personalized recommendations. Where the Platform engages in automated processing that produces legal or similarly significant effects, we will disclose the existence of such processing, provide a meaningful explanation of the logic involved, and identify the categories of Personal Data used.

12.2 Fairness and Accuracy

We are committed to ensuring that our AI algorithms are fair, unbiased, and empirically sound. We use appropriate mathematical and statistical procedures, implement measures to correct inaccuracies, take steps to prevent discriminatory effects, and regularly audit our algorithms for accuracy, fairness, and bias. Bias audits assess for disparate impact across protected characteristics including race, ethnicity, gender, age, disability, and national origin.

12.3 Right to Opt Out

Where required by applicable state consumer privacy laws (including those in California, Colorado, Connecticut, and Virginia), End Customers have the right to opt out of profiling activities that further automated decisions producing legal or similarly significant effects.

12.4 AI Governance Framework

Billity AI maintains a comprehensive AI governance framework as described in Sections 7.5 through 7.10 of the Terms of Service. Key privacy-relevant components of the AI governance framework include:

Training Data Governance: AI models are trained, fine-tuned, and evaluated using data that has been lawfully collected and is subject to appropriate consent. Customer Data will not be used to train or fine-tune general-purpose AI models without the Subscriber’s prior written consent. One Subscriber’s Customer Data will not be used to train models that benefit another Subscriber, except through anonymized and aggregated data that does not constitute Personal Data.
Model Risk Management: Billity AI maintains model validation, performance monitoring, and drift detection for all AI models used in the Platform. High-risk models (those producing outputs that materially affect End Customer access to products, services, pricing, or opportunities) are subject to enhanced review.
AI Incident Response: Billity AI maintains procedures for identifying, investigating, and remediating AI incidents, including model failures, unintended outputs, and bias events. Affected Subscribers are notified of material AI incidents within seventy-two (72) hours.
Prohibited Uses: The Platform’s AI capabilities may not be used for unlawful discrimination, deceptive manipulation, covert social scoring, unauthorized biometric identification, deepfake generation, or any purpose that circumvents the Platform’s privacy protections. A complete list of prohibited AI uses is set forth in Section 7.8 of the ToS.

12.5 Subscriber-Provided AI Models

Where a Subscriber integrates its own AI models with the Platform, the Subscriber is solely responsible for the development, training, validation, accuracy, fairness, and legal compliance of such models. Customer Data processed by Subscriber-provided AI models remains subject to all data protection obligations in this Privacy Policy. Detailed terms governing Subscriber AI Models are set forth in Section 7.7 of the ToS.

12.6 Regulatory Compliance for AI

The Platform’s AI capabilities are designed to comply with applicable and emerging AI governance frameworks, including FTC guidance on algorithmic fairness, the Colorado Artificial Intelligence Act, the proposed Canadian Artificial Intelligence and Data Act (“AIDA”) under Bill C-27, and GDPR Articles 13–15 and 22 (automated decision-making). Where Subscribers deploy the Platform in jurisdictions with specific AI governance requirements, Subscribers are responsible for conducting required algorithmic impact assessments and providing required consumer notices. Billity AI will provide reasonable cooperation and access to model documentation. Additional detail on regulatory compliance for AI is provided in Section 7.9 of the ToS.

13. Data Retention

We retain Personal Data only for as long as reasonably necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. Our retention practices are guided by the following principles:

Personal Data used for transaction completion is retained for the period necessary to fulfill the transaction and related obligations.
Personal Data used for analytics and personalization is retained for the duration of the Subscriber’s active subscription, or until the End Customer withdraws consent, whichever occurs first.
Anonymized data and Personas are not subject to retention limitations, as they do not constitute Personal Data.
Upon the expiration or termination of a Subscriber’s agreement, Personal Data is deleted or returned to the Subscriber within thirty (30) days, unless retention is required by law, consistent with Section 14.4 of the ToS.
Personal Data that is no longer necessary for the stated purpose is securely destroyed or de-identified in accordance with this Policy.
SMS Consent Records: SMS opt-in and opt-out records, including consent language, timestamp, and method of consent, are retained for a minimum of four (4) years to satisfy TCPA, CTIA, CASL, and TCR compliance requirements, even if the End Customer or Subscriber Personnel member opts out of messaging or the Subscriber’s subscription terminates. This retention period may extend beyond the general retention periods described above.
Verified deletion requests and SMS consent records (TCPA four-year floor): Where an End Customer or other data subject submits a verified request to delete Personal Data and a corresponding row in Billity AI’s SMS consent record store has not yet met the four (4) year minimum retention period required for TCPA, CTIA, CASL, and TCR defense, Billity AI will remove or irreversibly anonymize Personal Data fields associated with that record (such as encrypted phone numbers, IP addresses, device identifiers, and name or email fields where present) so that the remaining information cannot reasonably be re-linked to the individual. Non-identifying information necessary to demonstrate consent—including the consent text presented, consent language version identifier, timestamp, message channel metadata, jurisdiction or country indicator, and consent type classification—may be retained for the remainder of the four (4) year period because that information, standing alone, does not identify a natural person. The anonymization event is logged in Billity AI’s immutable privacy scrub audit trail. Consumers receive confirmation that Personal Data has been removed while non-identifying records of the consent transaction may be retained for legal compliance as disclosed here.
Subscriber Personnel Data: Upon a Subscriber Personnel member’s opt-out or departure from the Subscriber’s organization, the individual’s phone number and notification preferences are deleted from the Platform within thirty (30) days, except that consent records are retained for the four (4) year minimum described above. No further messages are sent after opt-out or departure notification.

14. Data Security

Billity AI implements administrative, technical, and physical safeguards to protect Personal Data against unauthorized access, disclosure, alteration, destruction, or loss. Our security measures include:

Encryption of Personal Data in transit (TLS 1.3 minimum) and at rest (AES-256).
Role-based access controls (RBAC) with OWNER and ADMIN roles; multi-factor authentication required for admin access; least-privilege by default.
Regular security assessments, penetration testing (annual third-party), and vulnerability scanning.
Incident response procedures, including breach notification in accordance with applicable law and Section 6.5 of the ToS (72-hour notification).
Contractual data protection obligations imposed on all service providers and processors, including SMS delivery providers.
Employee training on data protection and information security best practices.
Immutable audit logging for all data access, consent events, and configuration changes with minimum 90-day retention.
While we take reasonable precautions to safeguard Personal Data, no system of data transmission or storage is guaranteed to be completely secure.

15. International Data Transfers

As Billity AI operates in both the United States and Canada, Personal Data may be transferred across provincial and international borders. Where Personal Data is transferred between jurisdictions, we ensure that appropriate safeguards are in place, including:

Contractual protections requiring the receiving party to maintain the same level of data protection as required under the originating jurisdiction’s law.
Compliance with PIPEDA’s requirements for cross-border data transfers, including transparency about the jurisdictions in which data may be stored or processed.
For any future processing involving data from the EEA, reliance on approved transfer mechanisms such as standard contractual clauses or adequacy decisions.

16. Contact Information

If you have questions about this Privacy Policy, wish to exercise any of your privacy rights, or have concerns about how your Personal Data is being handled, please contact us at:

DataBillity, Inc. d/b/a Billity AI
Attn: Data Protection Officer
Email: privacy@billity.ai
Phone: 206-657-6752
Web: www.billity.ai

Billity AI designates Bryan Guy, J.D., CEO & Co-Founder, DataBillity, Inc. d/b/a Billity AI, as its Privacy Officer and Data Protection Officer for purposes of PIPEDA accountability, Québec Act transparency and contact expectations, and the privacy program described in Section 19 of this Policy. The same individual serves as the regulatory contact for privacy inquiries at the email address above. Day-to-day coordination of verified data subject requests may be performed by authorized operations personnel under policies approved by the Privacy Officer; regulatory accountability and escalation for the roles described in this Section 16 remain with the designated Privacy Officer.

Where an End Customer has not provided an email address to Billity AI (for example, certain SMS-only onboarding paths) and therefore cannot complete an email-based self-service verification flow on billity.ai, the End Customer may contact privacy@billity.ai to verify identity and exercise applicable privacy rights through Billity AI’s manual review workflow, subject to reasonable verification standards consistent with this Policy and applicable law.

We will respond to verified requests within the timeframes required by applicable law: within 45 days for CCPA/CPRA requests (with a 45-day extension where reasonably necessary) and within 30 days for PIPEDA requests.

17. Children’s Privacy

The Billity AI Platform is designed for use by businesses and is not directed at individuals under the age of sixteen (16). We do not knowingly collect Personal Data from children. If we become aware that we have inadvertently collected Personal Data from a child, we will take prompt steps to delete it. This is consistent with Section 2.2 of the ToS.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, applicable laws, or the operation of the Platform. When we make material changes, we will:

Provide advance notice to Subscribers through the Platform or by email.
Update the “Effective Date” and “Last Updated” date at the top of this Policy.
Obtain new consent from End Customers before processing their data in ways that are materially different from those described in the version of this Policy in effect at the time of collection, as required by applicable law.

19. Data Protection Compliance Program

Billity AI maintains a comprehensive data protection compliance program designed to ensure ongoing adherence to this Privacy Policy and applicable data protection laws. The program includes:

A data map that tracks the source of each data element, the consent obtained at the time of collection, and all downstream sharing and use.
Regular risk assessments to identify and mitigate privacy risks, including annual Privacy Impact Assessments for cross-network data sharing activities.
Written policies and procedures governing data collection, use, sharing, retention, and destruction.
Administrative, technological, and physical controls to enforce privacy and security requirements.
A qualified Data Protection Officer responsible for overseeing compliance.
Named Privacy leadership: For clarity, the Data Protection Officer / Privacy Officer role identified in the preceding bullet is held by Bryan Guy, J.D., CEO & Co-Founder, as set forth in Section 16 of this Policy. The Privacy Officer may delegate routine DSR intake and coordination to trained operations staff; delegation does not transfer statutory accountability away from the named Privacy Officer.
Regular training and communication to employees and contractors.
Periodic reassessment of risk and the effectiveness of policies, procedures, and controls.
Third-party risk management, including vendor risk assessments for service providers such as SMS connectivity providers, Stripe (payments), and cloud infrastructure providers.

20. Subscriber Obligations

Subscribers using the Billity AI Platform are responsible for:

Obtaining all required consents from their End Customers prior to transmitting Personal Data to the Platform, in accordance with the layered consent model described in Section 7, including SMS-specific consent described in Section 7.5.
Providing End Customers with clear, prominent notice at or before the point of collection describing the data collected, the parties with whom it will be shared (including Billity AI), and the purposes of sharing.
Sending follow-up communications to End Customers confirming consent, providing a full copy of (or link to) the applicable privacy notice, and providing directions for exercising their rights to correction, deletion, or withdrawal of consent.
Promptly notifying Billity AI when an End Customer withdraws consent (including SMS opt-out via STOP keywords), and ceasing the flow of that End Customer’s data to the Platform.
Complying with all applicable data protection laws in their jurisdiction, including the TCPA, CTIA guidelines, and CASL for SMS messaging activities.
Entering into a Data Processing Agreement with Billity AI that governs the processing of Personal Data.
If participating in the Network, executing the separate Network Agreement and obtaining Cross-Network Consent (Layer 4) independently of all other consent layers, as described in Section 7.1 and the Network Agreement.
SMS-Specific Obligations: Maintaining compliant opt-in disclosures; retaining SMS consent records for four (4) years; maintaining an active website with SMS-specific privacy policy and terms; implementing age-gating where required; complying with SHAFT content restrictions and quiet hours; and cooperating with carrier inquiries and TCR compliance reviews. Detailed SMS obligations are set forth in Section 9.6 of the ToS.
Subscriber Personnel Notification Obligations: Using the Platform’s invitation-based opt-in mechanism for all Subscriber Personnel enrollment; ensuring participation is voluntary and not a condition of employment or engagement; ensuring Personnel Notification content is strictly operational (no marketing or promotional content); complying with applicable employment and labor laws regarding personal device use, BYOD policies, cost reimbursement, and off-hours communication; promptly notifying Billity AI when Subscriber Personnel depart the organization; and maintaining Personnel opt-in consent records consistent with Section 9.3.4 of the ToS. Detailed Personnel Notification obligations are set forth in Section 9.13 of the ToS.
• •

This Privacy Policy is effective as of April 1, 2026.