Apivo← Back to home

Privacy Policy

Effective Date: March 1, 2026  ·  Last Updated: March 24, 2026

1. Introduction

Apivo ("we," "us," or "our") is an AI-powered appointment booking service operated by Apivo, located in Hampton, Virginia. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our services, including our AI chat widget, website (apivo.ai), and related tools.

By using Apivo, you agree to the terms of this Privacy Policy.

2. Information We Collect

Information collected through the chat widget:

  • Full name
  • Email address
  • Phone number
  • Appointment preferences (date, time, service type)
  • Responses provided during the booking conversation

Information collected automatically:

  • IP address
  • Browser type and version
  • Device type
  • Pages visited and time spent
  • Referring URLs
  • Cookies and similar tracking technologies

Information from business clients (B2B):

  • Business name and address
  • Contact person name and email
  • Calendar and integration credentials (OAuth tokens, stored encrypted at rest)
  • Business FAQs and service information uploaded to the knowledge base

3. How We Use Your Information

We use collected information to:

  • Book, reschedule, and cancel appointments on behalf of our business clients
  • Send automated email confirmations to end users
  • Sync appointment data with connected calendar and CRM integrations
  • Respond to inquiries submitted through the chat widget
  • Improve our AI workflows and booking experience
  • Communicate with business clients about their accounts
  • Comply with legal obligations

4. Third-Party Processors

Apivo uses the following third-party services to deliver our product. Each may process personal data on our behalf:

ServicePurposePrivacy Link
VAPIAI conversation engine, agent system prompt, tool callsvapi.ai/privacy
ElevenLabsMulti-language voice and text processingelevenlabs.io/privacy
Azure OpenAI (GPT)Language model inference and AI response generationmicrosoft.com/privacy
n8nWorkflow automation and data routingn8n.io/privacy
Acuity SchedulingAppointment scheduling and calendar syncacuityscheduling.com/privacy
SupabaseDatabase storage for bookings, knowledge base, and client profilessupabase.com/privacy
VercelChat widget deployment and hostingvercel.com/legal/privacy-policy
GitHubWebsite file hosting and version controldocs.github.com/privacy
Google WorkspaceBusiness communications and consultation schedulingpolicies.google.com/privacy

We do not sell your personal data to any third party.

Business clients may request a Data Processing Agreement (DPA) by contacting us at hello@apivo.ai.

5. HIPAA Notice

Apivo is not a covered entity under HIPAA. Business clients who operate as covered entities or business associates under HIPAA are solely responsible for their own HIPAA compliance obligations. Clients are encouraged to evaluate their own compliance requirements independently.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to analyze site traffic, remember preferences, and improve our service. You may disable cookies in your browser settings; however, some features of our service may not function properly without them. We do not use cookies for advertising purposes or share cookie data with advertising networks.

7. Data Retention

  • End-user booking data is retained for as long as the business remains an active Apivo client, or until deletion is requested
  • Chat conversation logs are retained for up to 12 months for quality and support purposes
  • Client account data is retained for the duration of the service agreement plus 90 days after cancellation
  • Clients may request immediate data deletion upon cancellation by contacting hello@apivo.ai
  • You may request deletion of your data at any time by contacting hello@apivo.ai

8. Data Security

We take reasonable technical and organizational measures to protect your data, including:

  • Encrypted data transmission (HTTPS/TLS)
  • OAuth tokens and integration credentials encrypted at rest
  • Privacy-conscious infrastructure settings on all AI processing services
  • Access controls limiting who can view client and end-user data
  • Regular review of third-party vendor security practices

Note: While we implement these measures, no system is completely secure. Business clients are encouraged to evaluate their own compliance obligations independently.

9. Your Rights (U.S. Residents)

Depending on the state in which you reside, you may have the following rights regarding your personal data:

  • Right to access — know what personal data we hold about you
  • Right to correct — request corrections to inaccurate data
  • Right to delete — request deletion of your personal data
  • Right to data portability — receive a copy of your data in a portable format
  • Right to opt out — opt out of the sale of personal data (note: we do not sell personal data)

These rights apply to residents of Virginia (VCDPA), California (CCPA), Colorado, Connecticut, and other states with applicable privacy laws. To exercise any of these rights, email us at hello@apivo.ai. We will respond within 45 days.

10. Children's Privacy

Apivo is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has submitted data through our widget, contact us immediately at hello@apivo.ai.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active clients of material changes via email. Continued use of Apivo after changes constitutes acceptance of the updated policy.

12. Contact Us

Apivo

Hampton, Virginia

hello@apivo.ai

apivo.ai