Scope & who we are

This Privacy Policy applies to personal data processed by Codex Labs Corp (“Chatter Genius,” “we,” “us,” or “our”) when you visit the Website or use our Platform to provision and manage AI Agents. For Website visitors, we act as a controller. For Platform customers, we generally act as a processor/service provider handling data on our customers' instructions. In specific cases (e.g., billing), we act as an independent controller.

Key definitions

  • Personal data: Information that identifies or relates to an identified or identifiable individual.
  • Customer data: Conversation logs, transcripts, agent configurations, and metadata that our customers generate within the Platform.
  • AI Agent: The virtual entity configured by the customer to execute tasks via phone, SMS, or email.

Information we collect

The data we process depends on your relationship with us:

  • Website usage data: Page views, approximate geolocation, and browser attributes (managed via Cookie Settings).
  • Contact data: Information submitted via forms (demo requests, contact sales).
  • Account data: Usernames, roles (RBAC), and hashed credentials required to secure access to the Platform.
  • Conversation data: Content processed by AI Agents (voice audio, SMS text, email bodies) and associated metadata (timestamps, routing info). Customers control the retention policies for this data.
  • Agent configuration data: Prompts, guardrails, knowledge bases, and behavioral instructions you provide to customize your AI Agents.
  • Billing data: Subscription plans, usage metrics (minutes/messages), and invoice history.

How we use information

  • Orchestration: To provision AI Agents, route calls/messages, apply guardrails, and execute workflows.
  • Security: To detect fraud, prevent abuse (e.g., toxicity scanning), and enforce rate limits.
  • Compliance: To generate audit trails, redact PII in real-time, and enforce customer-defined policies.
  • Billing: To aggregate usage events (e.g., SendGrid emails, Twilio minutes) for accurate invoicing.
  • Improvement: We use aggregated, de-identified metadata to monitor platform health and optimize latency. We do not use your Conversation Data to train third-party foundation models by default.

AI & LLM Processing

Our platform uses Large Language Models (LLMs) to power AI Agents. Here is how data is handled:

  • Zero-Retention Inference: By default, data sent to our inference providers (e.g., OpenAI, Azure) is used solely to generate a response and is not used by them for model training.
  • Real-time Guardrails: Input and output tokens are scanned in real-time to redact PII and block Material Non-Public Information (MNPI) based on your configuration.
  • Bring Your Own Vendor (BYOV): If you configure the Platform to use your own API keys (e.g., your own Azure OpenAI instance), data flows directly to your vendor under your specific legal agreements with them.

Sharing & disclosure

We do not sell personal data. We disclose data only to:

  • Sub-processors: Infrastructure providers (e.g., AWS, MongoDB, Twilio, SendGrid) strictly for the purpose of delivering the service.
  • Legal Authorities: When required by law or to protect the safety of our users.
  • Corporate Transfers: In the event of a merger or acquisition, subject to continued privacy protections.

Security

We use enterprise-grade security measures including RS256 JWT authentication, encryption in transit (TLS 1.2+), encryption at rest, and strict Role-Based Access Control (RBAC). Our infrastructure is isolated per environment to prevent cross-contamination.

Retention

We retain data only as long as necessary. Customers can configure retention periods for Conversation Data or request tenant-level deletion via our support team. Upon termination, data is deleted or de-identified in accordance with our Data Processing Agreement (DPA).

Your privacy rights

Depending on your jurisdiction (GDPR, CCPA/CPRA, etc.), you may have rights to access, correct, or delete your personal data. To exercise these rights, please email privacy@chattergenius.ai.

Contact us

For questions about this Policy, our Data Processing Agreement (DPA), or our security practices, please contact: privacy@chattergenius.ai.