1. Accountability
NorBot Systems Inc. (PO Box 23030, Stratford, ON N5A 7V8) is accountable for personal information under its control. The privacy officer is Ferdie Botden and can be reached at ferdie@norbotsystems.com.
NorBot maintains administrative, technical, and organizational safeguards intended to protect personal information handled through the Service.
2. Identifying Purposes
NorBot collects and processes personal information to provide voice processing, transcription, lead capture, CRM records, booking-request workflows, billing, analytics, fraud prevention, abuse detection, service support, and audit logs.
3. Consent
Customers are responsible for obtaining end-user consent for recorded voice processing, commercial follow-up, and any shop-controlled outbound messaging. End-users may opt out by telling the shop or contacting NorBot at ferdie@norbotsystems.com.
NorBot requires explicit Customer acceptance of the Terms, Privacy Policy, Acceptable Use Policy, and Refund Policy before checkout submission.
4. Limiting Collection
NorBot limits collection to information reasonably needed for the Service, including caller contact details, vehicle and service details, consent status, call recordings, transcripts, usage events, billing details, device metadata, and support correspondence.
5. Limiting Use, Disclosure, And Retention
NorBot does not sell Customer Data and does not use Customer Data for third-party marketing without consent. Personal information is used for the purposes described in this Policy or as otherwise permitted by law.
Service records are retained for 24 months by default, subject to legal, security, fraud, billing, backup, and audit requirements.
6. Accuracy
Customers and individuals may request correction of inaccurate personal information. AI-created fields remain subject to human review and may be marked with confidence and review status.
7. Safeguards
NorBot uses encryption in transit, provider access controls, audit logs, least-privilege operational practices, and protected environment variables for secrets. Safeguards are matched to the sensitivity of the information and the current maturity of the Service.
8. Openness
This Policy describes NorBot's privacy practices. Questions about privacy handling can be sent to ferdie@norbotsystems.com.
9. Individual Access
Individuals may request access to personal information held by NorBot. NorBot will respond within 30 days where practical, subject to identity verification, legal limits, security, and information controlled by the Customer.
10. Challenging Compliance
Individuals may challenge NorBot's compliance with this Policy by contacting ferdie@norbotsystems.com. NorBot will investigate and respond to privacy complaints through a documented process.
Sub-processors
NorBot uses service providers to operate the Service, including ElevenLabs for voice, Vercel for hosting, Stripe for billing, Twilio for telephony when activated, Cal.com for booking when activated, and Turso for database hosting.
Sub-processors may process information outside Canada. ElevenLabs and several infrastructure providers are US-based or may route data through US systems. By using the Service, the Customer consents to those cross-border transfers and is responsible for disclosing them to end-users where required.
Quebec Law 25 Notice
Quebec residents and businesses should not use this Ontario launch version without separate review. If Quebec use is approved later, NorBot will designate and publish the privacy officer, assess cross-border transfers, and provide notices for automated processing where required.