Privacy Policy

1 Who We Are

1.1 Data Controller

The data controller responsible for your personal data is:

AI by Inspire Ltd

Water Ln, Grove Way

Wilmslow, Cheshire SK9 5AG

United Kingdom

For customers located in the United Arab Emirates or certain Middle Eastern and North African countries, services may be provided by a regional AI by Inspire entity.

1.2 What is BAIO?

BAIO (pronounced "Bay-Oh") stands for "Be All In One" "“ a business automation platform providing CRM, marketing automation, website building, AI-powered features, and related services.

1.3 Platform Infrastructure

We are transparent that BAIO is built on GoHighLevel's white-label SaaS infrastructure. This means:

GoHighLevel processes data on our behalf as a sub-processor
Data may be stored on GoHighLevel's infrastructure (primarily in the United States)
GoHighLevel is bound by data processing agreements with appropriate safeguards

We have enhanced the platform with our own customisations, branding, support, and additional features.

2 Information We Collect

2.1 Information You Provide Directly

Account Information

Name, email address, phone number, business name, billing address, password, and other information you provide when creating an account.

Payment Information

Credit card details, billing address, and payment history. Payment processing is handled by Stripe "“ we do not store full card numbers on our servers.

Customer Data

Information you upload or create using BAIO, including contacts, leads, campaigns, emails, websites, funnels, and other business content.

Communications

Messages you send to us via email, chat, or support tickets, including feedback and survey responses.

AI Interactions

Prompts, inputs, and content you provide to our AI features (website builder, content generation, chatbots, voice AI).

2.2 Information Collected Automatically

Usage Data

How you interact with BAIO, including features used, pages visited, clicks, time spent, and actions taken within the platform.

Device Information

Device type, operating system, browser type, browser version, screen resolution, and device identifiers.

Log Data

IP address, access times, referring URLs, error logs, and other diagnostic data.

Location Data

Approximate location based on IP address. We do not collect precise GPS location.

Cookies & Similar Technologies

Information collected via cookies, pixels, and similar tracking technologies. See Section 10 and our Cookie Policy for details.

2.3 Information from Third Parties

Payment Processors: Transaction confirmations and payment status from Stripe
Social Media Platforms: When you connect social accounts (Meta, TikTok, LinkedIn), we receive profile information and access tokens
Integration Partners: Data from services you connect (Google Calendar, email providers, etc.)
Analytics Providers: Aggregated usage data and insights

3 How We Use Your Information

3.1 To Provide and Maintain the Services

Create and manage your account
Process transactions and send billing information
Provide the features and functionality of BAIO
Process and deliver your AI-generated content
Enable integrations with third-party services
Provide customer support

3.2 To Improve and Develop

Analyse usage patterns to improve BAIO
Develop new features and services
Conduct research and analytics
Debug and fix technical issues
Test and evaluate new features

3.3 To Communicate with You

Send service-related announcements (maintenance, security, etc.)
Respond to your enquiries and support requests
Send marketing communications (with your consent where required)
Provide tips, tutorials, and product updates
Request feedback and conduct surveys

3.4 For Security and Compliance

Detect, prevent, and address fraud and abuse
Enforce our Terms and Conditions
Comply with legal obligations
Respond to legal requests and prevent harm
Protect the rights and safety of users and others

3.5 For Personalisation

Customise your experience within BAIO
Provide relevant recommendations and content
Remember your preferences and settings

4 Legal Bases for Processing (GDPR)

If you are located in the UK, European Economic Area (EEA), or Switzerland, we process your personal data based on the following legal grounds:

Contract Performance

Processing necessary to perform our contract with you (providing BAIO services, managing your account, processing payments).

Legitimate Interests

Processing necessary for our legitimate business interests (improving services, security, analytics, marketing to existing customers), where not overridden by your rights.

Consent

Processing based on your specific consent (marketing communications, non-essential cookies, optional AI training). You can withdraw consent at any time.

Legal Obligation

Processing necessary to comply with legal requirements (tax records, responding to lawful requests from authorities).

5 AI Features and Automated Processing

5.1 How AI Features Work

BAIO includes AI-powered features such as:

AI Website Builder (generates websites from prompts)
AI Content Generation (creates marketing copy, emails)
Conversation AI (chatbots)
Voice AI (automated voice interactions)
AI scheduling and recommendations

When you use these features, we process your inputs (prompts, content, data) to generate outputs using AI models.

5.2 AI Training

We do NOT use your Customer Data to train our AI models unless you explicitly opt in.

Your content, contacts, and business data remain yours. If you wish to contribute data to improve AI features, you may opt in through your account settings.

5.3 Third-Party AI Providers

Some AI features may utilise third-party AI services (such as OpenAI, Anthropic, or others). When you use these features:

Your inputs may be sent to these providers for processing
These providers are bound by data processing agreements
We select providers with strong privacy and security practices
Data sent is used only to provide the requested AI output

5.4 Automated Decision-Making

BAIO may use automated processing for:

Lead scoring and prioritisation
Content recommendations
Spam and fraud detection
AI-powered chatbot responses

These automated processes assist your business operations but do not make legal or similarly significant decisions about individuals without human oversight. If you are subject to UK/EU GDPR, you have rights regarding automated decision-making "“ see Section 9.

6 Information Sharing and Disclosure

We do NOT sell your personal data.

We never have and never will sell your personal information to third parties for their marketing purposes.

6.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

Provider Type	Purpose	Data Shared
Platform Infrastructure (GoHighLevel)	Core platform hosting and processing	Account data, Customer Data
Payment Processor (Stripe)	Payment processing	Billing information, transaction data
Email Delivery	Sending emails on your behalf	Email addresses, email content
SMS Providers	Sending SMS on your behalf	Phone numbers, message content
Cloud Hosting	Data storage and computing	All platform data
Analytics	Usage analysis and improvement	Usage data, device information
AI Providers	AI feature processing	AI inputs and prompts
Customer Support	Help desk and support services	Support tickets, account info

All service providers are bound by data processing agreements and are only permitted to use data as necessary to provide services to us.

6.2 Integrations You Enable

When you connect third-party services to BAIO (Google Calendar, Meta, Stripe, etc.), data may be shared with those services as necessary for the integration to function. You control which integrations you enable.

6.3 Legal Requirements

We may disclose information if required to:

Comply with applicable law, regulation, or legal process
Respond to lawful requests from public authorities
Protect our rights, privacy, safety, or property
Enforce our Terms and Conditions
Detect, prevent, or address fraud or security issues

6.4 Business Transfers

If AI by Inspire is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice before your information is transferred and becomes subject to a different privacy policy.

6.5 With Your Consent

We may share information for other purposes with your explicit consent.

7 International Data Transfers

7.1 Where Your Data May Be Processed

Your information may be transferred to and processed in countries outside your country of residence, including:

United Kingdom: Our primary business location
United States: Where our infrastructure providers (including GoHighLevel) are located
European Union: Where some service providers are located
United Arab Emirates: Where our regional entity operates

7.2 Safeguards for International Transfers

When we transfer personal data outside the UK/EEA, we ensure appropriate safeguards are in place:

Adequacy Decisions: Transfers to countries the UK/EU has determined provide adequate protection
Standard Contractual Clauses (SCCs): EU/UK-approved contractual terms with recipients
Binding Corporate Rules: Where applicable for corporate group transfers
Supplementary Measures: Additional technical and organisational measures where needed

7.3 Your Rights

You may request information about the safeguards in place for transfers of your personal data by contacting us at [email protected].

8 Data Retention

8.1 Retention Periods

Data Type	Retention Period
Account Information	Duration of account + 30 days after deletion
Customer Data	Duration of account + 30 days after deletion
Billing Records	7 years (legal requirement)
Support Communications	3 years after resolution
Usage/Analytics Data	2 years (aggregated data may be kept longer)
Security Logs	1 year
Marketing Preferences	Until you unsubscribe + 2 years

8.2 After Account Cancellation

When you cancel your BAIO account:

Your Customer Data will be retained for 30 days to allow you to reactivate or export
After 30 days, Customer Data will be permanently deleted from active systems
Backup copies may persist for up to 90 days before full deletion
We retain billing records as required by law

8.3 Your Right to Delete

You can request deletion of your data at any time. See Section 9 for how to exercise your rights. We will delete data unless we have a legal obligation or legitimate business need to retain it.

9 Your Rights

9.1 Rights Under UK/EU GDPR

If you are located in the UK, EEA, or Switzerland, you have the following rights:

Right of Access

Request a copy of your personal data

Right to Rectification

Correct inaccurate or incomplete data

Right to Erasure

Request deletion of your data ("right to be forgotten")

Right to Restriction

Limit how we process your data

Right to Data Portability

Receive your data in a portable format

Right to Object

Object to processing based on legitimate interests

Automated Decision-Making

Not be subject to solely automated decisions with legal effects

Withdraw Consent

Withdraw consent at any time (without affecting prior processing)

9.2 Rights Under CCPA (California)

If you are a California resident, you have the right to:

Know: What personal information we collect, use, and disclose
Delete: Request deletion of your personal information
Opt-Out: Opt out of the "sale" of personal information (we don't sell your data)
Non-Discrimination: Not be discriminated against for exercising your rights

9.3 How to Exercise Your Rights

To exercise any of these rights, you can:

Email us: [email protected]
Use account settings: Export or delete data from your BAIO dashboard
Unsubscribe: Click "unsubscribe" in any marketing email

We will respond to your request within 30 days (or sooner if required by law). We may need to verify your identity before processing your request.

9.4 Complaints

If you are not satisfied with our response, you have the right to lodge a complaint with a supervisory authority:

UK: Information Commissioner's Office (ICO) "“ ico.org.uk
EU: Your local Data Protection Authority

10 Cookies and Tracking Technologies

10.1 What Are Cookies?

Cookies are small text files placed on your device when you visit a website. We use cookies and similar technologies (pixels, local storage, etc.) to provide, secure, and improve BAIO.

10.2 Types of Cookies We Use

Essential Cookies

Required for BAIO to function (authentication, security, load balancing). Cannot be disabled.

Functional Cookies

Remember your preferences (language, settings, recently viewed). Enhance your experience.

Analytics Cookies

Help us understand how you use BAIO (pages visited, features used). We use Google Analytics.

Marketing Cookies

Used to deliver relevant ads and measure campaign effectiveness. Only with your consent.

10.3 Managing Cookies

You can control cookies through:

Our cookie banner: Choose which optional cookies to accept when you first visit
Browser settings: Most browsers allow you to block or delete cookies
Opt-out tools: Digital Advertising Alliance, Your Online Choices (EU)

Note: Blocking essential cookies may prevent BAIO from functioning properly.

10.4 More Information

For detailed information about our use of cookies, please see our Cookie Policy.

11 Security

11.1 Our Security Measures

We implement appropriate technical and organisational measures to protect your personal data, including:

Encryption

TLS 1.2+ in transit, AES-256 at rest

Access Control

Role-based access, principle of least privilege

Authentication

Secure password hashing, 2FA available

Monitoring

Security logging, anomaly detection

Infrastructure

Secure cloud providers, regular backups

Staff Training

Regular security awareness training

11.2 Your Responsibilities

You are responsible for:

Keeping your password secure and confidential
Using strong, unique passwords
Enabling two-factor authentication when available
Logging out of shared devices
Notifying us immediately if you suspect unauthorised access

11.3 Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

Notify the relevant supervisory authority within 72 hours (where required)
Notify affected individuals without undue delay (where required)
Take immediate steps to contain and remediate the breach

11.4 No Guarantee

While we implement strong security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

12 Children's Privacy

BAIO is designed for business use and is not intended for children under 18 years of age (or the age of majority in your jurisdiction).

We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected], and we will take steps to delete the information.

13 Third-Party Links and Services

BAIO may contain links to third-party websites, services, or applications that are not operated by us. This includes:

Integrations you connect (Google, Meta, Stripe, etc.)
Links in content or documentation
Third-party tools embedded in the platform

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party services you use.

14 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We'll Notify You

Material Changes: We will notify you by email and/or prominent notice within BAIO at least 30 days before the changes take effect
Minor Changes: We will update the "Last Updated" date at the top of this policy

We encourage you to review this Privacy Policy periodically. Your continued use of BAIO after any changes constitutes acceptance of the updated policy.

Previous Versions

You may request previous versions of this Privacy Policy by contacting us at [email protected].

15 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Enquiries

Email: [email protected]

Website: baio.agency

Data Protection Enquiries

Email: [email protected]

Subject: "Privacy Request"

Postal Address

AI by Inspire Ltd

Water Ln, Grove Way

Wilmslow, Cheshire SK9 5AG

United Kingdom

We aim to respond to all enquiries within 30 days. For data subject rights requests, we will respond within the timeframes required by applicable law.