GenuineAI logo.

GenuineAI Privacy Policy

Last Updated: September 13, 2025

Introduction

This Privacy Policy explains how GenuineAI, LLC ("GenuineAI," "we," "our," or "us"), a Delaware limited liability company with offices at 13815 Emerson St, Suite 313, Palm Beach Gardens, FL 33418, collects, uses, discloses, and safeguards personal information in connection with our websites, platform, products, and business operations (collectively, the Services). If you have questions, contact accounts@genuinehq.com.

By accessing or using any of the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of the Services.

Please also review our Terms of Service, which govern your use of the Services. Capitalized terms not defined here have the meanings given in the Terms of Service.

1. Scope of Services Covered

This Privacy Policy applies to personal information processed in connection with:

  • Websites: Our website (e.g., https://www.genuinehq.com), subdomains, pages that link to this Privacy Policy, and marketing properties (collectively, the Websites).
  • Platform: GenuineAI’s proprietary AI Operating System (including AI Agents, the Knowledge Engine, Tools, Workflows, and Integrations) made available on a hosted, remote basis (the Platform).
  • Success Packs: Industry-specific configurations and role-based assistants, templates, workflows, and integrations.
  • Marketing & Communications: Newsletters, events, webinars, and similar programs.

This Privacy Policy applies to personal information about:

  • Visitors who browse the Websites or interact with our social media pages.
  • Customers who enter into an agreement to use the Platform.
  • Authorized Users designated by a Customer to access the Platform on the Customer’s behalf.
  • Other users of the Services, whether registered or unregistered (collectively, Users).

Personal Information (or personal data) means information that identifies, relates to, describes, can be reasonably associated with, or could reasonably be linked, directly or indirectly, with a natural person. Aggregated or de-identified information that cannot reasonably be used to identify an individual is not personal information.

2. Relationship to Customer-Controlled Information (Processor/Service Provider Role)

Certain information submitted to or generated within the Platform by or on behalf of a Customer (including Authorized Users) is controlled by that Customer ("Customer Content"). With respect to Customer Content, GenuineAI generally acts as a processor/service provider on behalf of the Customer, who is the controller/business under applicable data protection laws. Our processing of Customer Content is governed by the applicable customer agreement and, where required, a data protection addendum (DPA).

If you are an Authorized User or otherwise interact with the Platform on behalf of a Customer, please direct any data rights requests (access, deletion, etc.) concerning Customer Content to the relevant Customer. If you send such a request to us, we may forward it to the Customer or request that you contact them directly.

3. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Non-material changes are effective when posted. For material changes, we will provide reasonable advance notice (e.g., by email if we have one on file and/or by posting a prominent notice on the Websites). Your continued use of the Services after the effective date of an updated Privacy Policy signifies your acceptance of the changes.

4. Information We Collect

We collect personal information in three primary ways: (a) information you provide directly, (b) information collected automatically, and (c) information from third-party sources. The specific information collected depends on how you interact with the Services.

A. Information You Provide Directly

  • Account & Profile Information: Name, employer/organization, role or title, business address, email, phone number, and similar identifiers.
  • Credentials: Username, password, authentication tokens, and related security information.
  • Customer Content: Data, documents, materials, prompts, instructions, and other content uploaded to or generated within the Platform by or on behalf of Customers and Authorized Users.
  • Transactional Information: Subscription details, order records, limited payment metadata (e.g., transaction date, last 4 digits, card type). We do not store full payment card numbers. Payment card processing is handled by Stripe (see Section 6).
  • Communications & Submissions: Support requests, survey responses, feedback, reviews, event sign-ups, and other communications.
  • Marketing Preferences: Newsletter subscriptions, opt-in/opt-out choices, and communication preferences.

B. Information Collected Automatically

When you use the Services, we automatically collect certain information ("Usage Data"), typically via cookies, SDKs, and similar technologies (see Section 5):

  • Log & Device Data: IP address, device identifiers, browser type and settings, operating system, language, referral URLs, date/time stamps, and error logs.
  • Service Interaction Data: Pages viewed, features used, time spent, clicks, search queries, and referring/exit pages.
  • Approximate Location: Derived from IP address.

C. Information from Third Parties

  • Customers & Authorized Users: Customer-provided information about their personnel or end users to enable access and use of the Platform.
  • Service Providers: Hosting, customer support, analytics, marketing, and similar providers may provide information (e.g., diagnostic or attribution data) necessary to operate and improve the Services.
  • Third-Party Integrations: If you enable or use integrations, we may receive information from those third-party systems consistent with the integration’s settings and permissions.
  • AI Providers: When you use features powered by OpenAI, Google, Anthropic, or Microsoft 365, we may receive interaction metadata or other information necessary to enable those features.
  • Public & Commercial Sources: Public websites, professional profiles, and data partners.

D. Aggregated/De-Identified Information

We may create aggregated, anonymized, or de-identified information that does not identify you and use it for analytics, research, improving the Services, and other legitimate business purposes. We will not attempt to re-identify such data, except as permitted by law.

5. Cookies, Analytics, and Advertising Technologies

We and our partners use cookies, pixels, tags, SDKs, local storage, and similar technologies ("Cookies") to: (i) enable core functionality; (ii) remember preferences; (iii) analyze traffic and usage; and (iv) support marketing and advertising.

Categories of Cookies may include:

  • Strictly Necessary (required for operation and security)
  • Functional/Preference (remember settings)
  • Analytics/Performance (measure and improve Services)
  • Advertising/Targeting (deliver or measure ads and content)

You can manage certain Cookie preferences through your browser settings and, where provided, our Cookie banner or preferences tool. Disabling Cookies may limit functionality.

U.S. state privacy laws (e.g., California) may classify some advertising/analytics activity as a "sale" or "sharing" of personal information for cross-context behavioral advertising. See Section 14 (U.S. State Disclosures) for your rights and opt-out choices.

6. Payment Processing (Stripe)

All payment card transactions are processed by Stripe, a PCI-DSS compliant third-party payment processor. We receive limited payment metadata (e.g., transaction date, amount, card type, last four digits) to confirm transactions and manage subscriptions. We do not directly collect or store full payment card numbers. Your use of Stripe is subject to Stripe’s own terms and privacy policy.

7. Children’s Privacy

The Services are not directed to individuals under 18. We do not knowingly collect personal information from anyone under 18. If we learn that we have inadvertently collected such information, we will take appropriate steps to delete it.

8. Sensitive Information (Prohibited Data)

You must not submit or cause the submission of the following categories of data to the Services unless your unique Statement of Work provides support for them: (a) government-issued identifiers (e.g., Social Security, driver’s license, passport numbers); (b) full payment card numbers or bank account numbers; (c) financial account credentials; (d) health, genetic, or biometric data; (e) racial or ethnic origin, religious or philosophical beliefs, trade union membership, sexual orientation or sex life information; (f) precise geolocation; (g) account passwords; or (h) other information deemed "special category" or similarly protected under applicable law, unless we expressly agree in writing to receive and process it.

9. How We Use Personal Information (Purposes of Processing)

Depending on your interactions with the Services, we use personal information for:

  • Providing the Services: Operating, hosting, configuring, and delivering the Websites and Platform; enabling features; processing transactions; and providing customer support.
  • Personalization: Customizing experiences, content, and recommendations (e.g., assigning knowledge to Assistants, tailoring tool outputs).
  • Security & Integrity: Monitoring, preventing, and investigating fraud, abuse, security incidents, and other harmful or unlawful activity.
  • Service Improvement & Research: Measuring performance, debugging, developing new features, quality assurance, and analytics.
  • Communications: Sending administrative notices, updates, and responses to inquiries; sending marketing communications where permitted by law (you can opt out at any time).
  • Compliance & Protection: Complying with legal obligations, responding to lawful requests, enforcing agreements, and protecting rights, safety, and property.

Legal Bases (EEA/UK/Switzerland): Where required, we rely on one or more of the following legal bases: performance of a contract; legitimate interests (e.g., to secure and improve the Services); consent (e.g., certain marketing or cookies); and compliance with legal obligations.

10. How We Share Personal Information

We disclose personal information in the following circumstances:

  • Service Providers: With vendors who perform services on our behalf (e.g., hosting, cloud infrastructure, customer support, analytics, email delivery, marketing, security, and payment processing). These parties may access personal information only to the extent necessary to perform services for us and are bound by confidentiality obligations.
  • AI Providers: To enable AI features powered by OpenAI, Google, Anthropic, or Microsoft 365. We do not authorize these providers to use Customer Content to train their models, except as necessary to provide the services or as required by law.
  • Third-Party Integrations: If you enable integrations, we share information with the relevant third party as needed to facilitate the integration, subject to the third party’s terms and privacy policy.
  • Professional Advisors: With our auditors, advisors, lawyers, and insurers for compliance, governance, and protection purposes.
  • Business Transfers: In connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to appropriate confidentiality and data protection safeguards.
  • Legal & Safety: To comply with law, legal process, or governmental requests; to enforce our agreements; and to protect the rights, property, or safety of GenuineAI, our Users, or the public.
  • Affiliates: With our corporate affiliates for the purposes described in this Privacy Policy.
  • With Consent/At Your Direction: Where you instruct or consent to disclosure.

We do not sell personal information for monetary consideration. See Section 14 for disclosures regarding "sale" or "sharing" under U.S. state laws.

11. Data Retention

We retain personal information for as long as reasonably necessary to provide the Services, comply with our legal obligations, resolve disputes, enforce our agreements, and for other legitimate and lawful business purposes. Retention periods vary depending on the type of information, the nature of our relationship, and our legal or contractual obligations. Where feasible, we will de-identify or delete information when it is no longer needed.

12. Security

We maintain administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, destruction, loss, alteration, or misuse. While we strive to protect information, no method of transmission or storage is completely secure. If we become aware of a security incident affecting personal information, we will take appropriate steps, which may include notifying affected Customers and/or individuals without undue delay consistent with applicable law.

13. International Data Transfers

We may transfer, store, and process personal information in countries other than the country in which it was originally collected (including the United States), where we or our service providers operate. Where required, we implement appropriate safeguards for international transfers, such as Standard Contractual Clauses (and the UK Addendum/IDTA) or other lawful mechanisms.

14. U.S. State Privacy Disclosures (including California)

A. Notice at Collection (California)

We collect the following categories of personal information for the business and commercial purposes described in Sections 9–10. We disclose these categories to the types of recipients identified in Section 10. We do not sell personal information for money. Some advertising/analytics activities may constitute “sharing” or a “sale” under California law.

Identifiers

  • Examples: Name, email, phone, account ID, IP address
  • Sources: You; your organization; device/browser
  • Purposes: Provide Services; security; support; communications; marketing (where permitted)
  • Disclosed to: Service providers; AI providers (as needed); affiliates

Customer Records

  • Examples: Billing contact, subscription details
  • Sources: You; your organization
  • Purposes: Account management; provide Services; support
  • Disclosed to: Service providers; affiliates

Commercial Information

  • Examples: Transaction history, usage metrics
  • Sources: You; your organization; automated collection
  • Purposes: Provide and improve Services; analytics
  • Disclosed to: Service providers; affiliates

Internet/Network Activity

  • Examples: Log data, device/browser data, interactions
  • Sources: Automated collection
  • Purposes: Security; analytics; improve Services; marketing (where permitted)
  • Disclosed to: Service providers; analytics/advertising partners

Geolocation (approximate)

  • Examples: IP-derived region/city
  • Sources: Automated collection
  • Purposes: Localization; security; analytics
  • Disclosed to: Service providers

Professional/Employment Information

  • Examples: Role/title, organization
  • Sources: You; your organization
  • Purposes: Account setup; personalization; communications
  • Disclosed to: Service providers; affiliates

Inferences

  • Examples: Preferences inferred from usage
  • Sources: Automated collection; analytics
  • Purposes: Personalization; improve Services
  • Disclosed to: Service providers; affiliates

Sensitive Personal Information
We do not use or disclose sensitive personal information for purposes beyond those permitted by California law. See Section 8 (Prohibited Data).

B. Your Rights (CA/CO/CT/UT/VA and similar state laws)

Depending on your state, you may have the right to know/access, correct, delete, port, and opt out of (i) targeted advertising (cross-context behavioral advertising), (ii) sale of personal information, and (iii) certain profiling activities. You also have the right to be free from discrimination for exercising your rights.

How to Exercise Rights: Email accounts@genuinehq.com with the subject line “Privacy Request,” and indicate the right(s) you wish to exercise and the state where you reside. We will verify your request consistent with applicable law. Authorized agents may submit requests on your behalf subject to verification.

Opt-Out of Sale/Sharing: Where applicable, you may opt out by adjusting your Cookie preferences via our cookie banner or browser settings, and/or by emailing accounts@genuinehq.com. If your browser supports Global Privacy Control (GPC), we will treat it as a request to opt out of sale/sharing for the browser that sends the signal, to the extent required by law.

Appeals: If we deny your request, you may appeal by replying to our decision email with “Appeal” in the subject line.

15. EEA/UK/Switzerland (and Other Non-U.S. Territories)

If you are located in the EEA, UK, Switzerland, or other jurisdictions with comparable rights, you may have the rights to request access, rectification, erasure, restriction, objection, and data portability. Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal. You also have the right to lodge a complaint with your local supervisory authority.

For inquiries or to exercise rights, please contact accounts@genuinehq.com.

16. Your Choices

  • Marketing Communications: You can unsubscribe from marketing emails by using the link at the bottom of the message or contacting us. You will continue to receive transactional or service-related communications.
  • Cookies: Manage cookies via your browser or our cookie banner/preferences tool (where available). Disabling some cookies may impact functionality.
  • Do Not Track: Our Websites currently do not respond to browser Do Not Track signals. We honor GPC where required by law (see Section 14).

17. Third-Party Services and Links

The Services may contain links to or integrations with third-party websites, applications, products, or services. We are not responsible for the privacy practices of such third parties. We encourage you to review their privacy policies.

18. Data Accuracy and Your Responsibilities

You are responsible for ensuring the personal information you provide is accurate and up to date. If you provide personal information about another individual, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

19. Contact Us

GenuineAI, LLC
13815 Emerson St, Suite 313
Palm Beach Gardens, FL 33418
Email: accounts@genuinehq.com

20. Supplemental Terms for Specific Features

From time to time, we may provide additional notices or terms that apply to specific features (e.g., beta features, new integrations, or AI capabilities). Those terms supplement this Privacy Policy for the relevant feature and control to the extent of any conflict for that feature.

21. Effective Date

This Privacy Policy is effective as of the Last Updated date above.