PRIVACY POLICY FOR ARISE AI

Last Updated: November 17, 2025

Introduction

Who We Are

Arise AI (“Arise AI,” “we,” “us,” “our”) provides AI automation and workflow technology to local businesses, including dental offices, gyms, nail salons, childcare centers, and other service-based businesses.

What This Policy Covers

This Privacy Policy explains how we collect, use, store, and protect data from:

Visitors to our website (ariseai.ca)

Our direct clients (businesses who purchase our services)

Our clients’ customers (whose data we process through our AI tools on behalf of our clients)

By using our website or services, you agree to this Privacy Policy.

1. Data We Collect & How We Use It

1. For Website Visitors

Data Collected

Non-Personal Data

Browser type

Device and operating system

Usage statistics and analytics (e.g., Google Analytics)

Personal Data (If Submitted)

Name

Email

Phone number

Business name

Any message you submit through forms

How We Use This Data

To operate and improve the website

To respond to inquiries

To send marketing communications (optional and opt-out friendly)

Legal Basis

Depending on your jurisdiction:

Legitimate Interest (e.g., improving services)

Consent (e.g., marketing opt-in)

2. For Our Clients (Businesses Using Arise AI)

Data Collected

Contact Information: Name, email, phone, business name, team member information

Billing Information: Credit card details and payment information (via Stripe or similar processors)

Service Data: Configurations, AI workflows, messages required to deliver services

How We Use Client Data

To set up and manage client accounts

To deliver AI automation services

To provide onboarding and customer support

To process payments

To send relevant updates and notices

3. For Our Clients’ Customers (e.g., Dental Patients)

THIS SECTION IS CRITICAL FOR COMPLIANCE

Our Role

For customer/patient data, Arise AI acts as a:

Data Processor (under GDPR)

Business Associate (under HIPAA, when applicable)

Our client (e.g., the dental practice) is the Data Controller or Covered Entity.

Data We Process on Behalf of Clients

When a customer interacts with an AI system powered by Arise AI, we may process:

Contact Information:

Name

Email

Phone number

Other Information:

Scheduling requests

Service questions

Messages sent to the AI system

Any details voluntarily provided by the customer

Protected Health Information (PHI)

For medical/dental clients:

Some data may be PHI under HIPAA.

Arise AI acts as a Business Associate.

A Business Associate Agreement (BAA) governs all PHI usage.

We only process PHI as required to deliver contracted services.

You must maintain a BAA with your HIPAA-compliant version of GoHighLevel and with each healthcare client.

How This Data Is Used

We use this data only to operate the AI system for the client, such as:

Running conversations

Booking appointments

Syncing data into the client’s CRM (e.g., GHL sub-account)

We never sell client-customer data.

4. How We Share Information

We do not sell your personal information.

We may share your information with:

Service Providers (e.g., email/SMS platforms, CRM tools) under strict confidentiality agreements. Regulatory Authorities when required by law Aggregators and SMS Providers for the purpose of delivering messages

We will never share your personal data with affiliates, non-affiliates, or unrelated third parties for their own marketing purposes.

Data Sharing & Sub-Processors

Arise AI may share data with:

1. GoHighLevel (GHL)

Primary CRM and automation platform.

2. Payment Processors

Stripe and similar services for billing.

3. Analytics Platforms

Google Analytics, website analytics tools.

4. Legal Requirements

We may disclose data if required by law, subpoena, or valid governmental request.

We never sell data.

Data Security & Retention

Security Measures

SSL encryption

Secure cloud infrastructure

Access restrictions

GHL’s built-in security controls for stored data

Retention

Client account data: retained during the subscription and a short period afterward (usually 6–12 months).

Client-customer data: retained per client instructions or industry requirements (e.g., HIPAA).

Clients may request data deletion.

Your Data Rights (GDPR/CCPA)

Rights may include:

Access

Correction

Deletion

Data portability

Opt-out of marketing

“Do Not Sell My Info” (CA residents)

How to Exercise Rights

Website Visitors or Arise AI Clients:

Email: [email protected]

Clients’ Customers:
You must contact the business directly (they are the Data Controller).
Arise AI cannot modify or delete their data without authorization.

Cookies & Tracking

Arise AI uses cookies for:

Website function

Analytics

User experience improvements

Disable cookies in your browser if desired.

Children’s Privacy

Our website and services are not directed at children under 13 (or 16 in some areas).
We do not knowingly collect children’s data without parental consent.

Policy Updates

We may update this Privacy Policy at any time.
Major updates may be communicated directly.

Contact Us

📧 [email protected]