Data Processing Agreement

1. Introduction and Scope

This Data Processing Agreement ("DPA") forms part of the service agreement between AI Solutions VIP, LLC ("Processor") and each business client ("Controller") who engages our services. This DPA governs the processing of personal data that AI Solutions VIP handles on behalf of clients as part of delivering AI concierge services.

By engaging our services, you agree to the terms of this DPA.

2. Definitions

• Controller: The client business that determines the purposes and means of processing personal data.
• Processor: AI Solutions VIP, LLC, which processes personal data on behalf of the Controller.
• Personal Data: Any information relating to an identified or identifiable natural person, including names, email addresses, phone numbers, and conversation records.
• Processing: Any operation performed on personal data, including collection, recording, storage, use, and deletion.
• Sub-Processor: Any third-party engaged by AI Solutions VIP to process personal data on behalf of a client.

3. Nature and Purpose of Processing

AI Solutions VIP processes personal data on behalf of clients for the following purposes:

• Operating AI voice and chat agents that interact with the client's customers or users
• Capturing and recording conversation transcripts for quality assurance and knowledge improvement
• Collecting lead information including names and email addresses during AI agent interactions
• Delivering lead data to client-designated destinations such as Google Sheets or CRM systems
• Analyzing conversation data to improve agent performance

4. Types of Personal Data Processed

The categories of personal data processed may include:

• First and last names
• Email addresses
• Phone numbers
• Voice recordings and transcripts
• Chat conversation records
• Any other information voluntarily provided by end users during AI agent interactions

5. Processor Obligations

As a Processor, AI Solutions VIP agrees to:

• Process personal data only on documented instructions from the Controller
• Ensure that personnel authorized to process personal data are bound by confidentiality obligations
• Implement appropriate technical and organizational security measures to protect personal data
• Not engage sub-processors without informing the Controller and obtaining appropriate consent
• Assist the Controller in fulfilling data subject rights requests where applicable
• Delete or return all personal data upon termination of services as instructed by the Controller
• Make available all information necessary to demonstrate compliance with this DPA

6. Controller Obligations

As a Controller, the client agrees to:

• Ensure there is a lawful basis for processing personal data through our AI agent services
• Provide appropriate privacy notices to end users informing them that AI agents may collect their information
• Obtain any necessary consents required under applicable law before deploying AI agents that collect personal data
• Notify AI Solutions VIP promptly of any data subject requests or regulatory inquiries

7. Sub-Processors

AI Solutions VIP uses the following categories of sub-processors to deliver services:

• Retell AI: AI voice and chat agent platform for agent hosting, conversation processing, and transcript storage
• Twilio: Telecommunications infrastructure for voice and SMS delivery
• Zapier: Automation platform for routing lead data to client destinations
• Google Workspace: Data delivery destination for lead capture
• OpenAI: Underlying language model powering agent intelligence

Each sub-processor is bound by data processing terms consistent with applicable privacy law. We will notify clients of any material changes to our sub-processor list.

8. Security Measures

AI Solutions VIP implements the following security measures to protect personal data:

• Access controls limiting data access to authorized personnel only
• Use of encrypted connections for data transmission
• Regular review of third-party platform security practices
• Confidentiality agreements with all personnel who may access client data

9. Data Retention and Deletion

Personal data collected through AI agent interactions is retained for up to 12 months on our platforms unless a shorter period is required by the client or applicable law. Upon termination of services or upon written request, AI Solutions VIP will delete or return all personal data within 30 days, except where retention is required by law.

10. Data Breach Notification

In the event of a personal data breach affecting client data, AI Solutions VIP will notify the affected client without undue delay and no later than 72 hours after becoming aware of the breach, to the extent feasible. Notification will include the nature of the breach, categories of data affected, and steps being taken to address it.

11. Governing Law

This DPA is governed by the laws of the State of Nevada. Where clients are subject to other privacy regulations such as GDPR or CCPA, AI Solutions VIP will work in good faith to support compliance obligations as they relate to our processing activities.

12. Contact Us

For questions about this Data Processing Agreement or to submit a data subject request, please contact us:

• Company: AI Solutions VIP, LLC
• Email: hello@aisolutionsvip.com
• Website: aisolutionsvip.com
• Location: Las Vegas, Nevada