Legal

    Privacy Policy for Arise AI

    Last Updated: November 17, 2025

    Introduction

    Who We Are

    Arise AI (“Arise AI,” “we,” “us,” “our”) provides AI automation and workflow technology to local businesses, including dental offices, gyms, nail salons, childcare centers, and other service-based businesses.

    What This Policy Covers

    This Privacy Policy explains how we collect, use, store, and protect data from:

    • Visitors to our website (ariseai.ca)
    • Our direct clients (businesses who purchase our services)
    • Our clients’ customers (whose data we process through our AI tools on behalf of our clients)

    By using our website or services, you agree to this Privacy Policy.

    1. Data We Collect & How We Use It

    1. For Website Visitors

    Data Collected

    Non-Personal Data

    • Browser type
    • Device and operating system
    • Usage statistics and analytics (e.g., Google Analytics)

    Personal Data (If Submitted)

    • Name
    • Email
    • Phone number
    • Business name
    • Any message you submit through forms

    How We Use This Data

    • To operate and improve the website
    • To respond to inquiries
    • To send marketing communications (optional and opt-out friendly)

    Legal Basis

    Depending on your jurisdiction:

    • Legitimate Interest (e.g., improving services)
    • Consent (e.g., marketing opt-in)

    2. For Our Clients (Businesses Using Arise AI)

    Data Collected

    • Contact Information: Name, email, phone, business name, team member information
    • Billing Information: Credit card details and payment information (via Stripe or similar processors)
    • Service Data: Configurations, AI workflows, messages required to deliver services

    How We Use Client Data

    • To set up and manage client accounts
    • To deliver AI automation services
    • To provide onboarding and customer support
    • To process payments
    • To send relevant updates and notices

    3. For Our Clients’ Customers (e.g., Dental Patients)

    THIS SECTION IS CRITICAL FOR COMPLIANCE

    Our Role

    For customer/patient data, Arise AI acts as a:

    • Data Processor (under GDPR)
    • Business Associate (under HIPAA, when applicable)

    Our client (e.g., the dental practice) is the Data Controller or Covered Entity.

    Data We Process on Behalf of Clients

    When a customer interacts with an AI system powered by Arise AI, we may process:

    Contact Information:

    • Name
    • Email
    • Phone number

    Other Information:

    • Scheduling requests
    • Service questions
    • Messages sent to the AI system
    • Any details voluntarily provided by the customer

    Protected Health Information (PHI)

    For medical/dental clients:

    • Some data may be PHI under HIPAA.
    • Arise AI acts as a Business Associate.
    • A Business Associate Agreement (BAA) governs all PHI usage.
    • We only process PHI as required to deliver contracted services.
    • You must maintain a BAA with your HIPAA-compliant version of GoHighLevel and with each healthcare client.

    How This Data Is Used

    We use this data only to operate the AI system for the client, such as:

    • Running conversations
    • Booking appointments
    • Syncing data into the client’s CRM (e.g., GHL sub-account)

    We never sell client-customer data.

    4. How We Share Information

    We do not sell your personal information.

    We may share your information with:

    • Service Providers (e.g., email/SMS platforms, CRM tools) under strict confidentiality agreements.
    • Regulatory Authorities when required by law
    • Aggregators and SMS Providers for the purpose of delivering messages

    We will never share your personal data with affiliates, non-affiliates, or unrelated third parties for their own marketing purposes.

    Data Sharing & Sub-Processors

    Arise AI may share data with:

    1. GoHighLevel (GHL)

    Primary CRM and automation platform.

    2. Payment Processors

    Stripe and similar services for billing.

    3. Analytics Platforms

    Google Analytics, website analytics tools.

    4. Legal Requirements

    We may disclose data if required by law, subpoena, or valid governmental request.

    We never sell data.

    Data Security & Retention

    Security Measures

    • SSL encryption
    • Secure cloud infrastructure
    • Access restrictions
    • GHL’s built-in security controls for stored data

    Retention

    • Client account data: retained during the subscription and a short period afterward (usually 6–12 months).
    • Client-customer data: retained per client instructions or industry requirements (e.g., HIPAA).
    • Clients may request data deletion.

    Your Data Rights (GDPR/CCPA)

    Rights may include:

    • Access
    • Correction
    • Deletion
    • Data portability
    • Opt-out of marketing
    • “Do Not Sell My Info” (CA residents)

    How to Exercise Rights

    Website Visitors or Arise AI Clients:

    Email: hello@ariseai.ca

    Clients’ Customers:

    You must contact the business directly (they are the Data Controller).

    Arise AI cannot modify or delete their data without authorization.

    Cookies & Tracking

    Arise AI uses cookies for:

    • Website function
    • Analytics
    • User experience improvements

    Disable cookies in your browser if desired.

    Children’s Privacy

    Our website and services are not directed at children under 13 (or 16 in some areas).

    We do not knowingly collect children’s data without parental consent.

    Policy Updates

    We may update this Privacy Policy at any time.

    Major updates may be communicated directly.

    Contact Us