Privacy Policy

We collect information you provide directly to us and information generated through your use of our services.

Information You Provide

• Contact details — name, email address, phone number when you book a call, fill out a contact form, or communicate with Maya, our AI receptionist.
• Business information — company name, industry, and size when voluntarily provided during consultations.
• Conversation data — messages and voice interactions with Maya AI to provide and improve our services.

Information Collected Automatically

• Usage data — pages visited, buttons clicked, time on site, and browser/device information.
• IP address — used for security, fraud prevention, and approximate geolocation (province-level only).
• Cookies and similar technologies — see Section 6 for details.

We use your information for the following purposes, always with a lawful basis under applicable privacy law:

• Providing services — booking appointments, responding to inquiries, and delivering AI automation solutions.
• Communications — sending booking confirmations, service updates, and important notices about your account.
• Service improvement — analyzing usage patterns to improve Maya AI's responses, accuracy, and overall user experience.
• Legal compliance — meeting our obligations under PIPEDA, provincial privacy laws, and other applicable regulations.
• Security — detecting and preventing fraud, abuse, and unauthorized access to our systems.

We do not sell your personal information to third parties. We do not use your data for targeted advertising.

We share information only in the following limited circumstances:

• Service providers — trusted third-party vendors who help us operate our platform (e.g., calendar scheduling, cloud hosting, email delivery). These providers are contractually bound to protect your data and may not use it for their own purposes.
• Calendar & scheduling tools — when you book an appointment, your name, email, and meeting details are shared with our scheduling platform (Cal.com) to create and manage your booking.
• Legal requirements — if required by law, court order, or governmental authority, we will disclose information to comply with legal obligations.
• Business transfers — in the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before this occurs.
• With your consent — in any other circumstance, only with your explicit consent.

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected:

• Booking records — retained for 2 years after your last interaction for service continuity and legal compliance.
• Conversation logs — retained for up to 90 days to improve service quality, then anonymized or deleted.
• Marketing contacts — retained until you unsubscribe or request deletion.
• Legal records — retained for up to 7 years as required by Canadian business law.

You may request deletion of your data at any time (see Section 7 — Your Rights).

We implement industry-standard security measures to protect your personal information:

• TLS/SSL encryption for all data transmitted between your browser and our servers.
• Encrypted data storage with access controls limiting who can view personal information.
• Regular security audits and vulnerability assessments.
• Employee training on privacy and data protection practices.

While we take all reasonable precautions, no method of transmission over the Internet is 100% secure. If you suspect unauthorized access to your data, please contact us immediately at hello@mihronai.ca.

We use cookies and similar technologies to operate and improve our website:

• Essential cookies — required for the website to function (session management, security). Cannot be disabled.
• Analytics cookies — help us understand how visitors use our site (page views, time on site). We use privacy-friendly analytics that do not track individuals across sites.
• Preference cookies — remember your settings (language selection, chat preferences).

You can control cookies through your browser settings. Disabling non-essential cookies will not affect your ability to use our core services.

Under PIPEDA and applicable Canadian privacy law, you have the right to:

• Access — request a copy of the personal information we hold about you.
• Correction — request that we correct inaccurate or incomplete information.
• Deletion — request that we delete your personal information, subject to legal retention requirements.
• Withdrawal of consent — withdraw your consent for the use of your data at any time (noting this may affect our ability to provide services).
• Data portability — receive your data in a structured, machine-readable format.
• Complaint — file a complaint with the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca.

To exercise any of these rights, email us at hello@mihronai.ca. We will respond within 30 days.

Our Privacy Officer can be reached at hello@mihronai.ca for any PIPEDA-related inquiries, complaints, or access requests.

If you are unsatisfied with our response to a privacy complaint, you have the right to contact the Office of the Privacy Commissioner of Canada.

Note: Mihron AI is a Canadian company primarily subject to PIPEDA. HIPAA alignment applies where we serve US-based or health-adjacent clients. Clients in regulated healthcare sectors should contact us to execute a Business Associate Agreement (BAA) if required.