Privacy Policy
This page is maintained by MAZ Assist to explain how we handle personal information across our AI voice widget, AI hiring interviews, LinkedIn decision-maker finder, and dashboard products. Last updated: 2026.
1. Scope of this policy
This Privacy Policy describes how MAZ Assist ("we", "us", "our") collects, uses, stores, shares, and protects personal information when you use our website, dashboard, AI voice widget, AI hiring interviews, LinkedIn decision-maker finder, embed snippets, and related services (collectively, the "Service"). It applies to visitors to www.mazassist.com, registered business customers, their team members, partners, and end users who interact with an AI consultant embedded on a customer's website or complete an AI-led screening interview through our platform.
2. Who is the data controller
For information collected through our marketing site and dashboard, MAZ Assist is the data controller. For personal information collected through an AI voice widget, an AI-led screening interview, or a LinkedIn pitch generated on behalf of one of our business customers, MAZ Assist acts as a data processor and the business customer is the controller.
3. Information we collect
- Account information: name, email address, password (hashed), business name, country, and billing details you provide at sign-up.
- Payment information: processed by our payment provider (Stripe). We store only the last four digits, card brand, and billing address — never full card numbers.
- Usage data: pages viewed, features used, clicks, timestamps, and dashboard activity.
- AI voice and interview data: audio recordings, transcripts, session metadata (duration, timestamps), and AI-generated summaries and scores.
- Lead and contact data: information end users share with the AI consultant or during a screening interview — names, emails, meeting preferences, and free-text messages.
- Website content: text and images crawled from your business website with your permission, used to ground the AI consultant's answers.
- Technical data: IP address, browser type, device information, operating system, referrer, and cookie identifiers.
- Communications: support tickets, emails, and any attachments you send us.
4. How we use your information
- Provide, operate, and maintain the Service.
- Authenticate users and secure accounts.
- Process AI voice conversations and interview sessions.
- Generate transcripts, summaries, lead records, and CRM entries.
- Bill you accurately, prevent fraud, and enforce our terms.
- Send service notifications, billing receipts, and product updates.
- Provide customer support and respond to requests.
- Improve the platform through aggregate analytics and diagnostics.
- Comply with legal, tax, telecom, and regulatory obligations.
5. Legal bases for processing
Where required by law (for example under the GDPR), we rely on the following legal bases: performance of a contract (to deliver the Service you paid for), legitimate interest (security, fraud prevention, and product improvement), consent (marketing emails, optional cookies), and legal obligation (tax, telecom, and law-enforcement requests).
6. AI voice and call recording
Calls placed or received through the platform may be recorded and transcribed to deliver features such as summaries, CRM logging, and quality improvement. It is the business customer's responsibility to disclose recording to end users where required by local law and to obtain any consent needed. We provide configuration options to help customers meet these obligations.
7. Sub-processors and third parties
We use trusted third-party providers to run the Service. These providers are bound by contract to process data only on our behalf and to protect it appropriately. Categories include:
- Cloud hosting and database (Lovable Cloud infrastructure).
- AI voice runtime and transcription providers.
- AI voice model providers for real-time voice generation and transcription.
- Payment processing (Stripe).
- Email delivery for transactional and support messages.
- Product analytics and error monitoring.
We do not sell personal information and we do not share it with third parties for their own marketing purposes.
8. International data transfers
Our infrastructure and sub-processors may be located outside your country of residence, including in the United States and the European Union. Where required, we rely on approved transfer mechanisms such as the EU Standard Contractual Clauses.
9. Data security
We implement reasonable technical and organisational measures to protect information, including encryption in transit (TLS), encryption at rest for stored recordings and databases, strict role-based access controls, audit logging, regular dependency and vulnerability scans, and least-privilege service accounts. No system is completely secure and we cannot guarantee absolute protection.
10. Data retention
We retain personal information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Typical retention: account and billing records for the life of the account plus up to seven years for tax and accounting; call recordings and transcripts for the period configured by the business customer (default 12 months); support tickets for up to 24 months. You can request deletion of your account and associated data by contacting support.
11. Your rights
Depending on your jurisdiction (including under the GDPR, UK GDPR, and applicable US state privacy laws), you may have rights to access, correct, delete, port, restrict, or object to the processing of your personal information, and to withdraw consent. To exercise any of these rights, open a support ticket from your dashboard or write to us at the address in section 15. We will respond within the timeframe required by applicable law.
12. Cookies and tracking
We use cookies and similar technologies to run the site, remember preferences, keep you signed in, measure aggregate usage, and understand how our marketing performs. Strictly necessary cookies (session, security, load balancing) cannot be disabled. Analytics and preference cookies can be managed through your browser settings.
13. Children's privacy
Our Service is intended for businesses and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact support so we can delete it.
14. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page with a new effective date and, where appropriate, communicated by email. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.
15. Contact us
For any privacy question or to exercise your rights, please open a ticket on your support page. We aim to respond within one business day.