Privacy Policy
This policy explains how Evolvus Automat AI LLC ("Evolvus", "we", "us") collects, uses, stores, and protects information on evolvusautomat.com. Questions? Email sales@evolvusautomat.com.
1. Who we are
Evolvus Automat AI LLC is a Virginia-registered limited liability company operating from Leesburg, VA, USA. We deliver full-stack AI systems — websites, automations, multilingual chatbot, payments, booking — to clients across the DMV, the broader United States, and Europe.
2. What we collect
2.1 When you browse the site
- Analytics events — pages visited, referrer, device category, approximate location (city-level), timestamp. Collected via Google Ads conversion tag and Google Analytics. Used to measure marketing effectiveness.
- Cookies & localStorage — small data stored in your browser to keep the site working (consent choice, chatbot session identifier). See §6.
2.2 When you use the AI chatbot
- A random session identifier generated in your browser (not linked to your identity unless you provide it).
- Messages you send and responses you receive — text content, timestamp, detected language, intent tag, token usage.
- Technical metadata — page URL the chatbot was used on, browser language hint, IP address (for rate limiting only; not stored with messages).
2.3 When you book a discovery call or purchase a tier
- Booking — name, email, any details you type — handled by Calendly.
- Payments — card and billing data collected directly by Stripe. Evolvus never stores raw card numbers.
3. Why we collect it (legal basis under GDPR)
- Legitimate interest — running the site, keeping it secure, measuring whether marketing is working.
- Contract — fulfilling services you've purchased, including communicating about your engagement.
- Consent — optional analytics and chatbot conversation storage (you can decline via the consent banner or the widget's privacy notice).
- Legal obligation — retaining records required by tax, accounting, or regulatory law.
4. How long we keep it
Chatbot messages + session records: 90 days, then automatically deleted. You can request earlier deletion at any time (§7).
Contact + client records: kept as long as needed for the business relationship plus the period required by applicable law (typically 7 years for tax/accounting records in the US).
5. Who we share it with (data processors)
We use third-party services under written data-processing agreements. None of them sells your data.
- Vercel — site hosting. Privacy.
- Anthropic (Claude) — powers chatbot replies. Privacy.
- OpenAI — generates vector embeddings for the chatbot's knowledge search. Privacy.
- Supabase — stores chatbot conversation history + our knowledge-base content. Privacy.
- Calendly — meeting booking. Privacy.
- Stripe — payment processing. Privacy.
- Google (Analytics + Ads) — traffic measurement + conversion attribution. Privacy.
When data is transferred outside the EEA/UK (primarily to the US), it is covered by Standard Contractual Clauses or equivalent legally-recognized transfer mechanisms.
6. Cookies & localStorage
- Essential — consent preference, chatbot session ID. No tracking; required for basic functionality.
- Analytics — Google Analytics / Google Ads. Enabled only if you accept in the consent banner.
- Payments — Stripe sets its own cookies when you interact with a payment form. Required for secure checkout.
7. Your rights (GDPR + similar laws)
If you are in the EEA, UK, California, or another region with a privacy law, you have the right to:
- Access a copy of the data we hold about you
- Correct inaccurate data
- Erase your data (right to be forgotten) — we honor this within 30 days
- Restrict or object to certain uses of your data
- Data portability — receive your data in a machine-readable format
- Withdraw consent at any time (this does not affect lawfulness of earlier processing)
- Lodge a complaint with your national data-protection authority
To exercise any of these, email sales@evolvusautomat.com with the subject "Privacy request". Include the session ID from the chatbot (if applicable) so we can locate your data precisely.
8. Security
We use industry-standard measures to protect your data: HTTPS everywhere, HSTS, a Content Security Policy, service-role-only database access, encrypted API credentials, and per-IP rate limiting on public endpoints. No system is perfectly secure — we commit to notifying affected users and the relevant authority within 72 hours of discovering a breach that creates a risk to your rights.
9. Children
The site and services are intended for business users. We do not knowingly collect data from anyone under 16. If you believe we have, email us and we will delete it promptly.
10. Changes to this policy
We'll update this document when our practices change. The "Last updated" date at the top reflects the most recent change. Material changes will also be announced on the site.
11. Contact
Evolvus Automat AI LLC
Leesburg, Virginia, USA
Privacy inquiries: sales@evolvusautomat.com