Privacy Policy

Parvathy AI is an enterprise-grade AI Automation Agency. We design, deploy, and operate autonomous agent systems, custom LLM workflows, RAG pipelines, and integrations for B2B and B2C clients. Because our services rely on artificial intelligence and large language models (LLMs), we handle personal and business data with heightened care.

This policy applies to visitors of our website, prospective customers, clients, end-users of systems we operate on a client's behalf (where applicable), and individuals who contact us. If you are a client, additional data processing terms may apply under your service agreement or Data Processing Agreement (DPA).

We may collect the following categories of information:

• Contact & identity data — name, email address, phone number, company name, job title, and communication preferences submitted via audit forms, Atlas onboarding, sales inquiries, or support channels.
• Business & operational data — workflow requirements, CRM/ERP metadata, integration credentials (stored securely), process documentation, and configuration data needed to build or operate automations.
• AI interaction data — prompts, agent inputs/outputs, conversation logs, voice transcripts, and retrieval context used by agents we deploy, where such data is processed to deliver the service.
• Technical & usage data — IP address, browser type, device identifiers, pages viewed, referral URLs, and diagnostic logs collected through our website and hosted infrastructure.
• Payment & billing data — billing contact details and transaction references processed by our payment providers (we do not store full payment card numbers on our servers).

We use personal information to:

• Provide, configure, monitor, and improve AI automation and agentic services.
• Respond to inquiries, deliver AI audits, and manage Atlas onboarding.
• Integrate with client systems (e.g., CRM, ERP, messaging platforms) as authorized.
• Train, fine-tune, or configure models only where permitted by contract and applicable law.
• Maintain security, detect abuse, and troubleshoot platform performance.
• Comply with legal obligations and enforce our Terms of Service.
• Send service-related communications; marketing only with consent where required.

Our services use AI systems—including third-party LLM providers such as OpenAI and Anthropic, custom fine-tuned models, voice synthesis platforms, and retrieval-augmented generation (RAG)—to automate business workflows. Automated processing may include lead qualification, customer support resolution, document summarization, and orchestration across integrated SaaS tools.

Important limitations: AI outputs may be inaccurate, incomplete, or unsuitable for high-stakes decisions without human review. We design systems with human-in-the-loop controls where appropriate, but clients remain responsible for validating outputs used in regulated or consequential contexts unless contractually agreed otherwise.

Unless explicitly agreed in writing, we do not use client proprietary data to train public foundation models. Enterprise and private-deployment options may keep inference and embeddings within client-controlled or air-gapped infrastructure.

Where the GDPR or UK GDPR applies, we process personal data on one or more of the following bases:

• Contract — to perform services you or your organization requested.
• Legitimate interests — to secure our platform, improve services, and communicate about relevant offerings, balanced against your rights.
• Consent — for optional marketing, certain cookies, or processing you explicitly authorize.
• Legal obligation — to comply with applicable laws, tax, or regulatory requirements.

When we process data on behalf of a client, the client is typically the data controller and Parvathy AI acts as a processor under a DPA.

We do not sell personal information. We may share data with:

• Cloud infrastructure providers (AWS, GCP, Azure) hosting agents and data stores.
• LLM and AI API providers (e.g., OpenAI, Anthropic) for inference and embeddings.
• Voice and communications vendors (e.g., ElevenLabs, Azure Neural Voice, WhatsApp/Telegram APIs where configured).
• Integration partners you authorize (Salesforce, HubSpot, Slack, Notion, Zapier, Make, and similar).
• Professional advisors, auditors, and legal counsel under confidentiality.
• Authorities when required by law or to protect rights, safety, and security.

Subprocessors are bound by contractual data protection obligations consistent with our SOC 2 Type II control environment and applicable privacy law.

Parvathy AI may process data in the United States, India, the European Economic Area, and other regions where we or our subprocessors operate. Where required, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs), supplementary measures, and data residency options for enterprise clients.

We maintain administrative, technical, and organizational measures designed to protect personal information, including encryption in transit and at rest where applicable, access controls, logging, vulnerability management, and secure development practices. Our operations align with SOC 2 Type II requirements; HIPAA controls are available for qualifying healthcare engagements.

No method of transmission or storage is 100% secure. If you believe your account or data has been compromised, contact us promptly at hello@parvathyai.com.

We retain personal information only as long as necessary for the purposes described in this policy, to meet contractual obligations, resolve disputes, and comply with legal requirements. Retention schedules for client operational data are defined in service agreements and may include deletion or export upon termination.

Depending on your location, you may have rights to access, correct, delete, restrict, or object to certain processing, as well as data portability and withdrawal of consent. EU/UK residents may lodge complaints with a supervisory authority.

To exercise rights, email hello@parvathyai.com. We may verify your identity before responding.

Our website may use essential cookies for security and session management, and optional analytics cookies to understand traffic patterns. Where required, we request consent before non-essential cookies. You can manage preferences through your browser settings.

Our services are directed to businesses and professionals. We do not knowingly collect personal information from children under 16 (or the applicable age in your jurisdiction). Contact us if you believe we have collected such data inadvertently.

We may update this Privacy Policy to reflect changes in our services, technology, or legal requirements. Material changes will be posted on this page with an updated effective date. Continued use after changes constitutes acknowledgment where permitted by law.

For privacy questions or requests, contact Parvathy AI at hello@parvathyai.com or visit www.parvathyai.com.