Privacy Policy

Last updated: January 1, 2025

This Privacy Policy describes how Ogrey Software ("Company," "we," "us," or "our") collects, uses, and shares information when you use the OgreyAgent platform and related services ("Services") at ogreysoft.com. We are committed to protecting your privacy and handling your data responsibly.

1. Information We Collect

Account Information: When you register, we collect your name, email address, company name, and billing information.

Usage Data: We collect information about how you use the Services, including features accessed, agent configurations, and interaction counts.

Customer Interaction Data: When your AI agents interact with your customers, those conversation logs are stored in your account to provide the Services.

Technical Data: We collect IP addresses, browser type, device information, and log data for security and performance purposes.

Payment Data: Payment processing is handled by our payment processor (Paddle). We do not store full payment card details on our servers.

2. How We Use Your Information

• To provide, operate, and maintain the Services
• To process payments and manage your subscription
• To send transactional emails (account confirmations, invoices, support responses)
• To monitor and analyze usage for performance and security purposes
• To respond to your inquiries and provide customer support
• To comply with legal obligations

We do not use your customer interaction data to train our AI models. We do not sell your data to third parties.

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data under the following legal bases:

• Contract performance: Processing necessary to provide the Services you subscribed to
• Legitimate interests: Fraud prevention, security, and service improvement
• Legal obligation: Compliance with applicable laws and regulations
• Consent: For marketing communications, where required

4. Data Sharing

We share your data only in the following circumstances:

• Service providers: We use trusted third-party providers (hosting, payment processing, email delivery) who process data on our behalf under strict data processing agreements
• Legal requirements: We may disclose data when required by law, court order, or governmental authority
• Business transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction with advance notice to you

We never sell your personal data or customer interaction data to advertisers or data brokers.

5. Data Security

We implement industry-standard security measures to protect your data:

• All data in transit is encrypted using TLS 1.3
• All data at rest is encrypted using AES-256
• Access to production systems is restricted and logged
• We conduct regular security reviews of our infrastructure

Despite these measures, no system is completely secure. We encourage you to use a strong, unique password for your account.

6. Data Retention

We retain your account data for as long as your account is active or as needed to provide the Services. Interaction logs are retained for 12 months by default. Upon account deletion, we will delete or anonymize your data within 30 days, except where retention is required by law.

7. Your Rights (GDPR)

If you are in the EEA, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Restriction: Request restriction of processing in certain circumstances
• Portability: Request your data in a machine-readable format
• Objection: Object to processing based on legitimate interests

To exercise any of these rights, contact us at ogrey.operations@gmail.com. We will respond within 30 days.

8. Cookies

We use essential cookies to maintain your login session and service functionality. We do not use third-party advertising cookies. You can control cookie settings through your browser preferences.

9. Third-Party Links

Our Services may contain links to third-party websites. We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies before providing any personal information.

10. Children's Privacy

The Services are not directed to children under 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. International Transfers

Your data may be processed in countries outside your country of residence. When transferring data from the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses where required.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website. The updated policy will include a new "Last updated" date.

13. Contact Us

For privacy-related questions, requests, or complaints, contact us at:
ogrey.operations@gmail.com
Ogrey Software · ogreysoft.com