SCHEDULE A DEMO
SCHEDULE A DEMO

BobbAi Privacy Policy



Version 2.0 – Effective 26 August 2025


  1. Introduction

1.1 Purpose: Welcome to BobbAi. BobbAi (“we”, “us”, “our”) collects and processes personal data to provide, improve, and protect our AI services (“Services”). This policy explains how we handle data in the U.S. and in the EU (and other jurisdictions where we operate).

2.2 Scope: The policy applies to all users, customers, partners, and website visitors who interact with our Services or website.


2. Definitions (Term: Meaning)

2.1 Personal Data: Any information relating to a natural person who can be identified, directly or indirectly, by reference to an identifier such as a name, an email address, a device ID, or an online identifier.

2.2 Processing: Any operation or set of operations performed on Personal Data, such as collection, storage, use, disclosure, or destruction.

2.3 Legal Basis: The lawful ground on which we rely to process Personal Data.  The primary bases are:

2.3.1. Contractual necessity: The data is needed to provide our services.

2.3.2 Legitimate interest: To improve our services, protect security, and comply with legal obligations.

2.3.3 Consent: Where required, e.g., for marketing communications.

2.4 Third‑Party Processor: A company or service provider that processes Personal Data on our behalf, e.g., cloud hosting, analytics, or payment processors.

2.5 Data Subject:The individual whose Personal Data is being processed.

2.6 Retention Period: The length of time we keep Personal Data before it is securely deleted or anonymised.

2.7 Cookies: Small text files stored on your device that help identify you and remember your preferences.

Security Breach: Any unauthorized access, disclosure, alteration, or destruction of Personal Data that could pose a risk to a data subject’s rights and freedoms.


3. Types of Data We Collect

We collect a variety of personal information about those who register on our site, make contributions through our site or use other functions or features on the site. Personal information is information that can be directly associated with a specific person or entity such as a name, address, telephone number, credit card information, bank account information, e-mail address, or information about activities that are directly linked to that person.


We collect information you give us when you register on our site, contact us or make an online contribution. For example, when making a contribution, in addition to providing us your name, address, occupation and name of employer, you will need to provide us with a billing address and credit card or bank account information, and answer a series of brief questions to make sure we may legally accept your contribution.


You may make changes to the information you have provided by visiting any form throughout the www.bobbai.ai site. You may also contact us at info@bobbai.ai with any questions or changes to your account.


Automatically Collected Information: We automatically receive certain types of information whenever you interact with us online. For example, when you visit our site, our systems automatically collect your IP address and the type of browser you use. Information may be automatically collected through the use of “cookies” (more information below). We also collect “clickstream” data about your use of the site.


If you provide your mobile phone number and opt in to receive text messages from us, we may send you SMS or MMS messages about events, updates, and fundraising efforts. Message frequency varies. Message and data rates may apply. You may opt out at any time by replying “STOP” to any message, or request help by replying “HELP” or contacting us at <info@bobbai.ai>. Text messaging originator opt-in data and consent will not be shared with any third party for marketing purposes.

Category; Typical Purpose; Lawful Basis; Retention Schedule


3.1. Identification & Contact Data (e.g., name, email address, phone number)

3.1.1. Providing and maintaining your account; Communicating with you about the services

3.1.1.1. Contractual necessity 

3.1.1.1.1. Until account termination + 12 months

3.2. Account & Authentication Data (e.g., login credentials, device identifiers):

3.2.1. Verifying your identity; Securing your account

3.2.1.1. Contractual necessity

3.2.1.1.1. Until account termination + 3 months

3.3 Usage & Interaction Data (e.g., feature usage, preferences, conversation logs)

 3.3.1. Improving our AI models and services; Personalising your experience

3.3.1.1. Legitimate interest

3.3.1.1.1. Indefinitely (anonymized)

3.4. Payment & Transaction Data (e.g., purchase history, billing details)

3.4.1. Processing payments; Complying with tax and financial regulations

3.4.1.1. Contractual necessity

3.4.1.1.1. 7 years (legal retention)

3.5. Marketing & Promotional Data (e.g., email and SMS opt‑ins)

3.5.1. Sending newsletters, updates, and offers 

3.5.1.1. Consent

3.5.1.1.1. Until you opt‑out

3.6. Analytics & Performance Data

3.6.1. Understanding site performance and usage patterns

3.6.1.1. Legitimate interest

3.6.1.1. Indefinitely (anonymized)

3.7. Partner & Service‑Provider Data

3.7.1. Data shared with approved partners (e.g., for analytics or hosting)

3.7.1.1. Contractual necessity or Consent

3.7.1.1.1. Varies by partner agreement

4. How We Use Personal Data

  1. We use your Personal Data only for the purposes set out in this policy. The principal purposes are:

 4.1.1. To provide, support, and improve BobbAi services (e.g., processing your queries, generating AI responses, and troubleshooting).

4.1.2. To communicate with you about your account, changes to our services, and relevant updates.  

4.1.3. To deliver marketing and promotional communications (emails, SMS, or web push notifications) that you have explicitly opted‑in to receive.  

4.1.4. To comply with legal and regulatory obligations (tax reporting, data‑retention requirements, etc.).

5. How We Share Personal Data

Text messaging originator opt-in data will not be shared with any third party, except: (1) with vendors, consultants and other service providers who need access to such information to carry out work on our behalf (and who will not use such information for their own purposes); or (2) if we believe disclosure is required by any applicable law, rule, or regulation or to comply with law enforcement or legal process.


If you opt in to receive text messages, your phone number will only be used for our communications and as otherwise permitted under this policy. We will not sell or lease your phone number to any third party.


Information about our donors and website visitors is one of our most important assets and therefore we keep it confidential. Personal information is made available to others for the following, limited purposes:


To Comply with Campaign Finance Laws. We are often required to disclose information regarding our contributions to comply with campaign finance laws. For example, federal law requires us to use our best efforts to collect and report the name, mailing address, occupation and name of the employer of individuals whose contributions aggregate in excess of $200 in a calendar year.


To Carry Out Your Requests. We also may be required to disclose personal information in order to carry out your requests when you use the site. For example, we will share personal information with third parties as necessary to complete a donation transaction or to deliver an e-mail to someone you have identified or when we disclose your return address as part of the service.


To Protect You and Ourselves. We release personal information when we believe release is appropriate to comply with the law (e.g., a lawful subpoena), to protect our rights or property, or to protect our donors and supporters from fraudulent, abusive, or unlawful conduct, or if we reasonably believe that an emergency involving immediate danger of death or serious physical injury to any person requires disclosure of communications or justifies disclosure of records without delay.


To Support Candidates and Organizations. We may disclose selected personal information (other than credit card information, bank information, or mobile phone numbers) to other campaigns and organizations that we believe are like-minded or that we believe you may wish to hear from.

Recipient; Type of Share; Basis; Description


5.1. Our own corporate entities (e.g., subsidiaries)

5.1.1. Internal

5.1.1.1. Contractual necessity

5.1.1.1.1. Personal Data remains within BobbAi.

5.2. Partner companies & services (e.g., analytics, payment processors, hosting providers)

5.2.1. Processing

5.2.1.1. Contractual necessity / DPAs

5.2.1.1.1. Personal Data is processed *only* under the instructions of BobbAi and pursuant to a signed Data Processing Agreement.

5.3 Marketing partners (e.g., email‑campaign services)

5.3.1. Marketing communications

5.3.1.1. Consent

5.3.1.1.1. Personal Data is shared only where you have given explicit, written consent.

5.4. Regulatory authorities

5.4.1. Legal compliance; Legal obligation

5.4.1.1. Personal Data may be disclosed to comply with lawful requests.


We do not share your personal data with other campaigns or organisations without your explicit written consent or a clear legal obligation. This applies to any third‑party service that requires access to your Personal Data for the purposes described above.

6. Cookies and Tracking Technology

We may automatically collect information using “cookies” or cookie-like files called Local Shared Objects (Flash cookies). Cookies are small data files stored on your hard drive by a Web site. Local Shared Objects are larger data files stored on your hard drive. Among other things, cookies and Local Shared Objects help us improve our site and your experience, count visits to our site and to tailor your experience on our site according to which areas you have visited on our site and the preferences you have specified, and to save you the effort of having to log in or provide information each time you visit our Web site. These cookies and Local Shared Objects may be linked to your personal information. Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our site. Browser settings will not affect Local Shared Objects.

We use first‑party cookies to:


- Authenticate your login sessions.  

- Store your language and interface preferences.  

- Ensure the security of your account.


We also use third‑party analytics services (e.g., **Google Analytics**, **Mixpanel**) to analyse usage patterns and improve our services.  These third parties only receive **non‑personalised** data unless you explicitly opt‑in.  You can disable cookies in your browser settings.


We may also collect information using Web beacons. Web beacons are electronic images that may be used on our sites or in our emails. We use Web beacons to deliver cookies, count visits, understand usage and campaign effectiveness and to tell if an email has been opened and acted upon.

6. Data Security and Breach Notification

We employ technical, administrative, and physical safeguards to protect your Personal Data against loss, theft, misuse, and unauthorised disclosure.  These include encryption, access controls, and secure hosting environments.


In the event of a **security breach** that could put your rights and freedoms at risk, we will:


- Notify the supervisory authority (or equivalent regulator) within 72 hours of discovery where required.  

- Notify affected data subjects by email and/or a public notice on our website within 72 hours.  


If the breach is unlikely to result in a risk to your rights, we may delay notification until the risk has been assessed.


Personal Data Category; Typical Retention Period; Legal / Regulatory Basis

8.1. Identification & Contact Data

8.1. Until account termination + 12 months

8.1.1. Contractual necessity / Legal obligation

8.2. Usage & Interaction Data

8.2.1. Indefinitely (anonymized)

8.2.1.1. Legitimate interest

8.3. Payment & Transaction Data

8.3.1. 7 years | Tax

8.3.1.1. Financial regulations |

8.4. Marketing & Promotional Data

8.4.1. Until opt‑out

8.4.1.1. Consent

8.5. Analytics & Performance Data

8.5.1. Until account termination + 12 months

8.5.1.1. Legitimate interest

After the retention period, we securely delete or anonymise the data.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your Personal Data:

Right; Description; How to Exercise

9.1. Right of Access

9.1.1. Request a copy of the Personal Data we hold about you.

9.1.1.1. Submit a request via the “Contact Us” link.

9.2. Right to Rectification

9.2.1. Request correction of inaccurate Personal Data.

9.2.1.1. Submit a request via the “Contact Us” link.

9.3. Right to Erasure

9.3.1. Request deletion of Personal Data (the “right to be forgotten”).

9.3.1.1. Submit a request via the “Contact Us” link. |

9.4. Right to Restriction

9.4.1. Request temporary restriction of processing.

9.4.1.1. Submit a request via the “Contact Us” link.

9.5. Right to Data Portability

9.5.1. Receive your Personal Data in a structured, commonly used format.

9.5.1.1.1 Submit a request via the “Contact Us” link.

9.6. Right to Object

9.6.1. Object to certain types of processing (e.g., direct marketing).

9.6.1.1. Submit a request via the “Contact Us” link.


10. Data Processing Agreements

All Third‑Party Processors that handle Personal Data on our behalf sign a **Data Processing Agreement (DPA)** that requires them to implement adequate security measures, comply with this Privacy Policy, and honour the legal obligations governing their processing activities.


11. Opt-In / Opt-Out

Communication Type; Opt‑in Requirement; Opt‑out Mechanism

11.1. Email Newsletters & Updates

11.1.1. Explicit opt‑in via registration or account settings.

11.1.1.1. Click the “unsubscribe” link in any email or email us at info@bobbai.com.

11.2. SMS / Text Messages

11.2.1. Explicit opt‑in required.

11.2.1.1. Reply “STOP” to any SMS to opt‑out.

11.3. Marketing & Promotional Offers

11.3.1. Separate opt‑in required.

11.3.1.1. Click the “unsubscribe” link in the communication or email us at info@bobbai.com.


12. Children's Policy

BobbAi does not knowingly, directly or passively, collect information from children under the age of 13. To respect the privacy of children and to comply with the Children's Online Privacy Protection Act, children under the age of 13 should not provide any Personal Information on this Site. We ask that parents supervise their children while online. If we become aware that we have collected data from a child under 13, we will promptly delete it.

13. Contact Us

If you have any questions, concerns, or wish to exercise any of your rights, please contact us:


Channel; Details


  1. Email: info@bobbai.ai
  2. Physical Address:  PO Box 1492, Asheville, NC 28802
  3. Privacy‑Impact: Contact info@bobbai.com (for GDPR‑related inquiries)


We endevour to respond to all inquiries within 7 business days.

14. Changes to this Policy

We may update this Privacy Policy from time to time.  When we make substantive changes, we will post the updated policy on our website and indicate the new effective date.  Your continued use of our services after such changes constitutes your acceptance of the updated policy.


This policy is governed by the laws of the United States, the European Union, and other applicable jurisdictions.  For more detailed information about how we handle data under specific laws (e.g., GDPR, CCPA), please refer to the corresponding legal texts or contact us directly.



Scroll to Top