Privacy Policy

This Privacy Policy ("Policy") sets forth the data handling practices of JaxSuite AI Software Solutions Inc., a Florida corporation ("JaxSuite," "we," "our," or "us") with respect to the collection, use, disclosure, storage, and protection of Personal Information obtained through the use of our websites, software, platforms, services, applications, and associated technologies (collectively, the “Platform”).

By accessing or utilizing the Platform, you ("you," "User," or "Data Subject") acknowledge that you have read, understood, and accepted the terms of this Policy. If you do not agree to the terms herein, you must refrain from using the Platform.

1. Scope and Applicability

1.1. Purpose of This Policy

This Privacy Policy ("Policy") governs the collection, use, disclosure, storage, and protection of personal information by JaxSuite AI Software Solutions Inc. (“JaxSuite,” “we,” “us,” or “our”), a Florida corporation, in connection with the use of its websites, software platforms, applications, and associated services (collectively, the “Platform”).

This Policy is designed solely for individuals and businesses located within the United States and is intended to comply with relevant U.S. privacy laws, including but not limited to the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and other similar state-level privacy statutes.

1.2. Applicability of This Policy

This Policy applies to all individuals and legal entities within the United States who interact with the Platform, including:

1. Visitors to our websites;
2. Users creating accounts or subscribing to services;
3. Individuals participating in webinars, surveys, or events;
4. Authorized representatives acting on behalf of U.S. companies;
5. Workspace owners, team members, and affiliated users;
6. Businesses using our software for customer data, automation, or communication management.

This Policy applies across all devices and access channels, including desktop, mobile, integrations, and APIs.

1.3. U.S. Jurisdictional Compliance Only

This Policy is drafted to comply exclusively with applicable U.S. privacy laws. These include, but are not limited to:

1. California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
2. Virginia Consumer Data Protection Act (VCDPA)
3. Colorado Privacy Act (CPA)
4. Connecticut Data Privacy Act (CTDPA)
5. Utah Consumer Privacy Act (UCPA)
6. Other applicable federal or state regulations concerning consumer and business data.

JaxSuite does not represent that this Policy complies with any non-U.S. privacy regulations (e.g., GDPR, LGPD, PIPEDA), and our services are not intended for use by individuals or organizations based outside the United States..

1.4. Legal Incorporation

This Policy is hereby incorporated into the following agreements and policies that govern your use of the JaxSuite Platform:

1. Terms and Conditions of Use;
2. Master Subscription Agreement (if applicable);
3. Acceptable Use Policy;
4. Cookie Policy;
5. Any other legally binding agreement between the user and JaxSuite.

In case of any inconsistency between this Policy and another agreement, the terms of the agreement shall prevail to the extent permitted by applicable U.S. law.

1.5. Role as Data Controller or Processor

JaxSuite acts as a data controller with respect to personal information it collects for its own business purposes, and as a data processor when processing information on behalf of clients through the Platform.

Clients are solely responsible for ensuring that their use of our Platform complies with applicable U.S. data privacy laws and that they have appropriate legal rights to collect and share personal data with JaxSuite.

2. Information We Collect

We collect personal and business information to operate, improve, and support the services we provide through the Platform. Information is collected directly from users, automatically through system activity, and from authorized third-party sources.

2.1 Information You Provide

We collect information you voluntarily submit, including but not limited to:

1. Name, email address, phone number, company name, job title;
2. Account credentials and profile settings;
3. Billing and payment information (e.g., business name, billing address, payment method);
4. Uploaded documents, forms, calendar events, and CRM records;
5. Information submitted through support channels, surveys, webinars, or marketing interactions.

This may include personal information and business-related data necessary to deliver services and comply with applicable U.S. laws.

2.2 Information Collected Automatically

When you access or use the Platform, we automatically collect certain technical and usage data, including:

1. IP address, browser type, device information, and operating system;
2. Access times, referring URLs, and session identifiers;
3. Logs of user actions, login attempts, and feature usage;
4. Cookies and other tracking technologies that help recognize user devices, maintain sessions, store preferences, and generate usage analytics.

For more information about our use of cookies, see our Cookie Policy.

2.3 Information from Third Parties

We may receive personal or business information from third parties that you authorize or interact with, such as:

1. Single Sign-On (SSO) or authentication providers (e.g., Google, Microsoft);
2. Integrated tools, applications, or extensions (e.g., calendar, CRM, payment gateways);
3. Marketing partners, lead vendors, or referrers;
4. Payment processors (limited to transaction status and identifiers; we do not store full credit card numbers or CVV codes).

Such data is treated in accordance with this Policy and any applicable contractual agreements.

2.4 Business and Client Data

For users managing client or contact data through the Platform, we may process the following:

1. Contact records (e.g., names, emails, phone numbers);
2. Communications, calendar data, tasks, and messages;
3. Uploaded files and associated metadata;
4. CRM activity logs and user-configured workflows;
5. Team roles and permission settings.

You are responsible for ensuring that any third-party data you provide is collected lawfully and shared with proper consent under applicable U.S. privacy laws.

2.5 Google, Microsoft 365 & Zoom User Data We Access

When you connect external accounts, we request the minimum restricted or sensitive scopes necessary to deliver core features:

2.5.1 Google Workspace:

1. Gmail: reading emails (gmail.readonly), and sending emails (gmail.send).
2. Calendar: create calendar events (calendar.events), Meet links (meetings.space.created).

2.5.2 Microsoft 365

1. Outlook Mail: message metadata, bodies, drafts (Mail.ReadWrite, Mail.Send).
2. Outlook Calendar: event details and Microsoft Teams meeting links for creating, updating, and managing events (Calendars.ReadWrite).

2.5.3 Zoom

1. Meeting objects: meeting IDs, topics, start time, join URLs, organizer details (meeting:write, meeting:read).

We never request user passwords and do not access contacts, files, or other unrelated data.

2.6 How We Use Provider Data

Collected data powers three user-facing services only:

1. Campaign Email Automation – draft, send, track, and label marketing or follow-up emails through your own mailbox (Gmail or Outlook).
2. Calendar Scheduling – create, update, reschedule, or cancel events and free/busy checks across Google Calendar or Outlook Calendar.
3. Virtual Meeting Orchestration – auto-generate Zoom, Microsoft Teams or Google Meet links, update them on event reschedule, and surface join URLs to invitees.

No provider data is used for ads, cross-service profiling, or sold to third parties.

2.7 Human Access to Provider Data

JaxSuite employees do not read content unless one of the following applies:

1. You grant explicit, granular consent during a support session.
2. Required to investigate abuse, security incidents, or legal requests.
3. Aggregated, anonymized debugging data that contains no personal content.
4. All human access is logged and audited quarterly

3. How We Use Your Information

We use the information we collect to operate our business, provide and improve the Platform, comply with applicable U.S. laws, and communicate with users. We do not sell your personal information.

3.1 Service Delivery and Account Management

We use your information to:

1. Create and manage your user account;
2. Authenticate login credentials and manage user roles;
3. Deliver Platform features, including CRM, automation, document management, communications, and scheduling;
4. Facilitate integrations you authorize, such as Google Workspace, Outlook, Stripe, or Twilio.

This use is necessary to fulfill our contractual obligations and provide you with access to your subscribed services.

3.2 Platform Security and Legal Obligations

We process information to:

1. Authenticate users and enforce access controls;
2. Detect, investigate, and prevent unauthorized access, fraud, abuse, or technical issues;
3. Maintain audit logs and records required by law or contract;
4. Respond to subpoenas, court orders, or government inquiries as legally required;
5. Enforce our Terms and Conditions of Use and other agreements.

This processing is based on our legitimate interest in maintaining the integrity and security of the Platform and complying with U.S. legal obligations.

3.3 Billing, Usage Tracking, and Plan Administration

We use billing and usage data to:

1. Process payments through third-party, PCI-compliant providers;
2. Generate invoices, receipts, and usage statements;
3. Monitor consumption of metered services (e.g., emails sent, SMS credits used, appointments booked);
4. Manage upgrades, downgrades, renewals, and cancellations.

All financial data is processed in accordance with applicable financial laws and payment industry standards.

3.4 Communications and Notifications

We may use your contact information to:

1. Deliver important account updates, service announcements, and security alerts;
2. Provide onboarding guidance, tutorials, or support documentation;
3. Send newsletters, product updates, and promotional communications, subject to your preferences;
4. Solicit feedback to improve our products and services.

You may opt out of non-essential communications at any time via account settings or the unsubscribe link provided in the message.

3.5 Product Development and Analytics

We may use aggregated or de-identified information to:

1. Analyze usage patterns and system performance;
2. Improve the design and functionality of the Platform;
3. Evaluate adoption of features and optimize user experience;
4. Train internal AI models to enhance automation, routing, or user suggestions—never using personally identifiable information unless explicitly authorized.

This processing is conducted under legitimate business interests and does not involve external AI systems unless otherwise disclosed.

3.6 With Your Consent

We will only process or share information in the following cases with your explicit consent:

1. Granting access to calendar data, inbox content, or third-party contact lists;
2. Participating in beta testing, user feedback studies, or referral programs;
3. Sharing information with affiliated service providers or partner programs outside of core services.

You may withdraw consent at any time, subject to legal or contractual obligations.

3.7 AI and Data Privacy Commitments

We do not use client, lead, team, or business data to train any third-party AI systems (e.g., OpenAI, Google Gemini, Anthropic). Your data is not disclosed to any AI provider without prior authorization and strict contractual safeguards.

4. How We Share Your Information

We share your information only when necessary to deliver services, meet legal requirements, or with your explicit consent. We do not sell your personal information to third parties.

4.1 Authorized Service Providers

We engage trusted U.S.-based third-party service providers to assist with core business operations, including:

1. Cloud hosting and infrastructure;
2. Payment processing;
3. Communications delivery;
4. CRM and analytics support;
5. Internal automation tools.

All vendors are bound by written agreements that require them to:

1. Act only on our instructions;
2. Protect your information with appropriate security controls;
3. Maintain confidentiality;
4. Comply with applicable U.S. privacy laws and contractual obligations.

A current list of active service providers is available upon request or through your account dashboard, where applicable.

4.2 Business Transfers

If JaxSuite is involved in a merger, acquisition, sale of assets, restructuring, bankruptcy, or similar event, your information may be transferred as part of that transaction. In such cases, we will:

1. Provide prior notice where legally required;
2. Require the receiving party to honor this Privacy Policy or adopt equivalent protections;
3. Offer data deletion options when permitted by law.

4.3 Legal Obligations

We may disclose your personal information if required by law, including:

1. Responding to subpoenas, court orders, or other valid legal processes;
2. Cooperating with law enforcement or regulatory investigations;
3. Preventing fraud, enforcing our agreements, or protecting the rights, safety, or property of JaxSuite, our users, or the public.

We limit such disclosures to only what is legally necessary and, where permitted, will notify you in advance.

4.4 Internal Access and Team Workspaces

If you use the Platform as part of a team or business account:

1. Designated administrators may access your account configuration and usage data;
2. Contacts, tasks, files, and activity logs may be visible to other authorized users according to access controls set by your organization;
3. Role-based permissions are enforced for all users.

Internal access is managed under our security protocols and monitored for compliance.

4.5 Integrations and APIs

If you choose to connect third-party services to your JaxSuite account:

1. Data shared through integrations (e.g., Google Calendar, Microsoft Outlook, Zoom, Stripe, Square) is governed by your authorization to execute your requested action;
2. We do not share data with external applications unless explicitly permitted by you;
3. Integration logs are maintained and can be reviewed upon request.

You may revoke integrations at any time through your dashboard.

4.6 With Your Explicit Consent

We do not share your personal information for purposes unrelated to Platform services unless you provide clear, opt-in consent. This includes:

1. Publishing testimonials with your name or business affiliation;
2. Referrals to outside service providers;
3. Data sharing through optional marketplace tools.

Consent may be withdrawn at any time via your account or by contacting us.

4.7 Aggregated and De-Identified Data

We may use or share aggregated, anonymized information that cannot reasonably identify you or your business for:

1. Analytics;
2. Product research;
3. Industry benchmarking;
4. Security and abuse prevention.

This information is not subject to individual user rights and does not reveal personal details.

4.8 No Sale of Personal Information

We do not sell or exchange personal information for monetary or commercial gain. JaxSuite maintains a strict no-sale policy in accordance with the definitions in California Civil Code §1798.140(t)(1) and similar U.S. state laws.

5 Security of Provider Data

1. Transport Layer Security (TLS 1.2+) for all data in transit.
2. AES-256 encryption at rest in ISO 27001-audited data centers.
3. Role-based least-privilege access; keys rotated every 90 days.
4. Annual SOC 2 Type II and independent penetration testing.
5. Compliant with Google security assessment standards for restricted scopes, Microsoft RBAC for Applications, and Zoom Marketplace security guidelines

6. Your Rights and Choices

As a U.S. resident, you may have certain rights over your personal information under applicable state privacy laws. JaxSuite is committed to honoring these rights and providing clear methods for submitting and managing requests.

These rights may vary depending on your state of residence but generally include the rights outlined below.

6.1 Right to Know

You have the right to request access to the personal information we have collected about you, including:

1. The categories and specific pieces of personal information collected;
2. The sources from which the information was collected;
3. The purposes for which it was used;
4. The categories of third parties to whom it was disclosed;
5. Whether your information was sold or shared, and if so, with whom.

You may request a copy of this data in a readily usable format, subject to verification.

6.2 Right to Correct

You have the right to request that we correct inaccurate or outdated personal information we maintain about you. Where supported, you may also update your data directly through your account settings.

6.3 Right to Delete

You may request that we delete personal information we have collected from you, subject to the following exceptions:

1. Information required to complete a transaction or provide requested services;
2. Security, fraud detection, or legal compliance purposes;
3. Internal uses reasonably aligned with consumer expectations;
4. Retention required by law or to defend against legal claims.

When deletion is granted, we will remove or de-identify applicable records and notify our service providers to do the same.

6.4 Right to Opt Out of Sale or Sharing

Under California and similar state laws, you have the right to opt out of:

1. The sale of your personal information;
2. The sharing of your personal information for cross-context behavioral advertising.

JaxSuite does not sell or share personal information as defined by these laws. If our practices change, we will provide a prominent “Do Not Sell or Share My Personal Information” link.

6.5 Right to Limit Use of Sensitive Personal Information

Where applicable (e.g., under CPRA), you may request that we limit the use of your sensitive personal information to essential services only.

We do not use sensitive personal information for profiling or marketing, nor do we disclose it to third parties for secondary use.

6.6 Right to Data Portability

You may request a portable copy of your personal information in a structured, machine-readable format. This applies to information collected directly from you and maintained in a digital format.

6.7 Right to Non-Discrimination

We will not discriminate against you for exercising any of your rights, including by:

1. Denying access to services;
2. Charging different prices or rates;
3. Providing a different level or quality of service.

6.8 Right to Appeal (Where Required)

If we deny your privacy request, you may appeal our decision. Appeals must be submitted within 60 days of the original response. If your appeal is also denied, you may contact your state’s Attorney General or privacy regulator.

6.9 Authorized Agents

You may authorize someone to act on your behalf to submit a privacy request. We will require proof of your identity and written authorization before fulfilling the request.

6.10 How to Submit a Request

You may exercise your rights by contacting us through one of the following methods:

1. Email: info@jaxsuite.com
2. Postal Mail: JaxSuite, 4651 Salisbury Road, Jacksonville, FL 32256
3. Account Settings: If available, via the Privacy or Profile section of your dashboard

We will confirm receipt of your request within 10 business days and provide a full response within 30 days, unless an extension is permitted under law. Identity verification may be required.

7. Data Security and Retention

JaxSuite is committed to protecting the security, confidentiality, and integrity of your information. We implement and maintain a comprehensive information security program aligned with recognized industry standards to safeguard data against unauthorized access, disclosure, loss, or destruction.

7.1 Security Measures

We use a combination of administrative, technical, and physical safeguards to secure your information, including:

1. Access Controls: Role-based access controls (RBAC) and multi-factor authentication (MFA) are enforced across all administrative and privileged accounts.
2. Monitoring and Detection: Our systems are monitored 24/7 with logging, anomaly detection and intrusion prevention protocols.
3. Secure Software Development: Code undergoes peer review, version control, and security scanning before deployment.
4. Vendor Security: All service providers are subject to security due diligence and contractual confidentiality obligations.

7.2 Incident Response

We maintain an incident response plan for detecting, investigating, and responding to security events. In the event of a breach involving personal information:

1. Affected users will be notified in accordance with applicable U.S. breach notification laws;
2. Notices will describe the nature of the breach, data affected, and recommended protective measures;
3. We will take immediate steps to contain the incident and mitigate harm.

7.3 Data Retention

We retain personal and business data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer period is:

1. Required by law (e.g., tax, regulatory, or contractual obligations);
2. Needed to protect our legal rights or resolve disputes.

At the end of a retention period, data is:

1. Permanently deleted from production systems;
2. Removed from backups on a rolling schedule;
3. Anonymized if deletion is not technically feasible for archival or legal compliance reasons.

7.3.1 Data Retention & Deletion for Provider Data

Deletion requests are processed within 30 days; revoked tokens invalidate future access immediately.

7.4 Data Minimization and User Controls

We follow the principle of data minimization by limiting the amount and duration of personal data collected and stored. Users can:

1. Access, modify, or delete their information via their account settings;
2. Manage team access and permissions;
3. Contact us for assistance with account-level data management.

7.5 User Responsibilities

While we maintain strong security measures, users are responsible for:

1. Keeping their passwords, API keys, and login credentials secure;
2. Enabling MFA where available;
3. Regularly reviewing team permissions and revoking access when necessary;
4. Reporting any suspected security issues immediately to: info@jaxsuite.com

7.6 Children’s Data

The Platform is not intended for use by children under the age of 16.. We do not knowingly collect personal information from minors without verified parental consent. If such data is discovered, it will be deleted promptly in accordance with Section 13 of this Policy.

8. Data Storage Jurisdiction

All personal and business information collected by JaxSuite is stored and processed within the United States. We do not transfer data internationally or subject user information to non-U.S. jurisdictional oversight.

9. Cookies and Tracking Technologies

JaxSuite uses cookies and similar technologies to support essential functionality, enhance user experience, monitor performance, and deliver lawful marketing communications within the United States.

9.1 What We Use

We use the following tracking technologies across our websites and platform:

1. Cookies: Small files stored on your browser or device to retain session and preference data.
2. Pixels/Web Beacons: Invisible tags that track engagement (e.g., email opens, page visits).
3. Local Storage and Session Storage: Browser technologies used for quick-access data storage.
4. SDKs and Tag Managers: Embedded tools that assist with app functionality and analytics.

These technologies may be placed by us or by authorized third-party service providers acting on our behalf.

9.2 Types of Cookies

9.3 Managing Your Preferences

You can manage or disable cookies in several ways:

1. Adjust your browser settings to block or delete cookies;
2. Install opt-out tools provided by advertising platforms (e.g., Google Ads Settings, Meta Ad Preferences);
3. Enable Do Not Track (DNT) or Global Privacy Control (GPC) settings in supported browsers. We honor GPC signals where required by U.S. law.

Note: Disabling certain cookies may affect the functionality of the Platform.

9.4 Third-Party Cookies

Some cookies are set by third-party providers we use for analytics, advertising, or integrations. These third parties may act as:

1. Service Providers under contract with JaxSuite; or
2. Independent Controllers governed by their own privacy policies.

We only authorize third-party cookies that comply with our security and privacy standards. You may review or opt out of these cookies using tools provided by those platforms.

9.5 Retention and Expiration

Cookies and tracking technologies used on the Platform may persist:

1. Session Cookies: Deleted when you close your browser;
2. Persistent Cookies: Remain on your device for up to 13 months unless deleted manually.

Expiration periods vary depending on cookie type and vendor configuration.

8.6 Contact for Cookie Concerns

If you have questions about our use of cookies, you may contact us at:

Email: info@jaxsuite.com

Mailing Address: JaxSuite, 4651 Salisbury Road, Jacksonville, FL 32256

10. Data Storage and Infrastructure

JaxSuite operates a secure, cloud-native infrastructure exclusively within the United States. All personal and business information is stored, processed, and protected using U.S.-based systems in accordance with applicable laws and industry standards.

10.1 Hosting and Storage

JaxSuite’s production systems are hosted by U.S.-based infrastructure providers, including:

1. Vercel (front-end deployment);
2. Supabase (authentication and user database services);
3. PostgreSQL purchased data and contact management services.
4. ElasticSearch raw data storage.
5. Amazon Web Services (AWS) (file and object storage).

All providers maintain high availability, redundancy, and security certifications such as:

1. SOC 2 Type II;
2. ISO/IEC 27001;
3. PCI DSS (where applicable).

10.2 Data Isolation and Architecture

JaxSuite uses a multi-tenant architecture with strict isolation measures, including:

1. Row-level security enforced at the database layer;
2. Access control policies to segregate customer data;
3. Logical separation of user, team, and organization-level information.

Enterprise customers may request additional data compartmentalization, subject to service level agreements.

10.3 Resilience and Backup

Our infrastructure is designed for uptime, data integrity, and disaster recovery. Features include:

1. Redundant systems across multiple availability zones;
2. Automated failover protocols for mission-critical services;
3. Annual disaster recovery testing to ensure business continuity.

10.4 Retention Controls and Lifecycle Management

Data is managed according to clearly defined retention schedules and deletion protocols:

1. Records are retained only as long as necessary for operational, contractual, or legal reasons;
2. Expired or unnecessary data is securely deleted from production systems;
3. Backup data is purged on a rolling basis;

10.5 Legal Jurisdiction

All data is governed by the laws of the United States, including the Stored Communications Act (SCA), the CLOUD Act, and applicable state and federal privacy regulations.

We do not store or process user data outside the United States, nor do we rely on international data transfer mechanisms.

11. Third-Party Services and Integrations

JaxSuite enables users to connect with approved third-party services to enhance functionality, streamline workflows, and support business operations within the United States. These integrations are entirely optional and user-controlled.

11.1 Supported Integration Categories

Users may choose to authorize integrations with services such as:

1. Authentication Providers (e.g., Google, Microsoft);
2. Calendar and Email Platforms (e.g., Google Calendar, Outlook, Microsoft 365);
3. Marketing and CRM Tools (e.g., Meta Ads, Google Ads, HubSpot);
4. Communication Platforms (e.g., Twilio, Mailgun, SendGrid);
5. File Storage Providers (e.g., Google Drive, Dropbox, OneDrive);
6. Payment Gateways (e.g., Stripe, Helcim, Finnix, PayKings);
7. AI Tools and Automation APIs (e.g., OpenAI, Zapier – with user permission).

You maintain full control over which services are connected to your JaxSuite account.

11.2 Data Roles and Responsibilities

JaxSuite acts as a data controller for information you provide directly to us, and as a data processor when handling data you transmit through integrations.

Third-party platforms may act as:

1. Processors, under JaxSuite’s direction (e.g., analytics providers); or
2. Independent controllers, operating under their own privacy policies (e.g., Google Ads, Meta).

You are responsible for reviewing and understanding each third party’s terms before enabling an integration.

11.3 Authorization and User Consent

We do not connect or activate third-party services on your behalf. Integrations require:

1. Manual connection through the dashboard (e.g., "Connect Google Calendar");
2. Secure authentication (e.g., OAuth 2.0);
3. Your explicit consent to authorize data access.

By connecting an integration, you acknowledge and accept that the third party may access and process relevant data to fulfill its function.

11.4 Integration Safeguards

All third-party integrations are subject to:

1. Data Minimization: Only the necessary data is shared based on requested permissions;
2. Revocation Controls: You may disconnect services at any time from your JaxSuite account;
3. Scoped Access Tokens: Tokens expire and are limited to specific data access levels;
4. Audit Logs: Integration activity is logged and available upon request for supported plans.

11.5 Vendor Risk and Security Assessments

Before onboarding any third-party service, JaxSuite conducts security and privacy evaluations, including:

1. Technical and operational due diligence;
2. Contractual protections regarding confidentiality, data use, and retention;
3. Annual reassessments for critical providers.

We do not integrate with vendors that lack adequate security measures or transparency.

11.6 Responsibility and Limitations

You assume responsibility for:

1. Reviewing the third party’s data practices before enabling an integration;
2. Configuring integration settings in accordance with your business requirements;
3. Disabling integrations you no longer wish to use.

JaxSuite is not liable for the privacy, security, or legal compliance of external services you authorize.

12 Compliance Statements

12.1 Google Workspace:

JaxSuite adheres to the Google API Services User Data Policy, including Limited-Use requirements. We request only gmail.readonly, gmail.send, calendar.events, and meetings.space.created.

12.2 Microsoft 365

JaxSuite follows Microsoft Graph principle-of-least-privilege and RBAC for Applications guidelines; we request only Mail.ReadWrite, Mail.Send, and Calendars.ReadWrite and scope access with Application Access Policies when available.

12.3 Zoom

JaxSuite complies with Zoom API License & Terms of Use and does not request more data than required for meeting automation. We request only meeting:write, meeting:read.

13 CHILDREN’S PRIVACY

JaxSuite (“we,” “us,” or “our”) is committed to protecting the privacy rights of children and minors in accordance with applicable laws and international best practices. Our Services are not intended for use by individuals under the age of sixteen (16), or the minimum age of digital consent required in their jurisdiction, whichever is higher.

13.1 No Use by Children or Minors

JaxSuite does not knowingly collect, solicit, process, or store personal information from individuals under:

1. 16 years of age in most jurisdictions;
2. 16 years of age in the United States (per COPPA); or
3. Any age below the digital consent threshold under local data protection law.

If you are under the applicable minimum age, you are prohibited from using the Services, creating an account, or submitting any personal data.

13.2 No Child-Directed Features

The JaxSuite platform is designed for use by:

1. Businesses, entrepreneurs, licensed professionals, and their teams;
2. Organizations operating in regulated industries (e.g., financial services, legal, real estate, insurance);
3. Adult individuals who are legally authorized to enter into binding contracts.

We do not offer products, services, content, or marketing intended to attract or engage children or minors. We do not display or syndicate third-party ads targeting minors.

13.3 Parental Notification and Deletion

If we become aware that we have inadvertently collected personal data from a child without verified parental consent:

1. We will take immediate steps to delete the information from our records;
2. We will disable the associated account and, if applicable, prevent further access;
3. We may notify the parent or guardian, if contact information is available, and explain applicable rights and remedies.

To report unauthorized data collection involving a child, please contact us at info@jaxsuite.com with the subject line: Children’s Privacy Concern – Urgent.

13.4 Rights of Parents and Guardians

Where permitted or required by law, a parent or legal guardian may:

1. Request access to any personal data collected from their child;
2. Request deletion or correction of such data;
3. Withdraw any prior consent granted;
4. Object to any further processing of the data.

Such requests must include sufficient verification and documentation of the relationship to the minor, and will be processed in accordance with Section 6 – Your Rights and Choices.

13.5 Compliance and Age Verification

JaxSuite employs technical and procedural controls to prevent unauthorized use of the Services by minors, including:

1. Age-gate mechanisms in signup workflows;
2. Content and product design not directed toward children;
3. Employee training on child data restrictions;
4. Periodic review of accounts for compliance anomalies.

We also require that any platform user who suspects an underage individual is accessing our services report it immediately to our Compliance Department at info@jaxsuite.com.

14 Contact Information and Data Protection Officer

If you have any questions, concerns, complaints, or requests regarding this Privacy Policy, our data practices, or your rights under applicable law, you may contact us using the information below.

We take all privacy-related inquiries seriously and are committed to responding to verified requests in a timely, lawful, and non-discriminatory manner.

14.1 Primary Privacy Contact

Company Name:

JaxSuite

Mailing Address:

JaxSuite

4651 Salisbury Road

Jacksonville, FL 32256

United States

Email Address for Privacy and Compliance Matters:

info@jaxsuite.com

14.2 Data Protection Officer (DPO)

In accordance with Article 37 of the General Data Protection Regulation (GDPR) and related frameworks California Consumer Privacy Act (CCPA/CPRA), JaxSuite has appointed a Data Protection Officer (DPO) to oversee privacy compliance and handle inquiries from data subjects and regulators.

DPO Contact Information:

Data Protection Officer

JaxSuite

info@jaxsuite.com

(Please include "Attn: DPO" in the subject line)