Privacy Policy

1. Introduction and Scope

Vorant ("Vorant," "we," "us," or "our"), a brand and division of Thomason Consolidation, Inc., a California corporation, is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, retain, and safeguard information when you visit our website at vorant.ai (the "Site"), use our AI-powered automation services (the "Services"), communicate with us via email, phone, text, or any other channel, or otherwise interact with our business.

This Privacy Policy applies to all visitors, users, clients, prospective clients, and any other individuals whose personal information we process in connection with our business operations. By accessing the Site or using our Services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, you must immediately discontinue use of the Site and Services.

This Privacy Policy is incorporated by reference into our Terms of Service. Capitalized terms not defined herein shall have the meanings ascribed to them in the Terms of Service.

2. Information We Collect

We collect several categories of information in connection with the Site and Services. The specific information collected depends on the nature of your interaction with us.

2.1 Information You Provide Directly

• Contact Information: Full name, email address, phone number, mailing address, and business name provided through forms, booking systems, email, phone calls, or direct communication.
• Account and Registration Information: Usernames, passwords, security questions, and other credentials created during account registration or client onboarding.
• Payment and Billing Information: Credit card numbers, bank account details, billing addresses, tax identification numbers, and other financial information necessary to process payments. Note: Payment information is processed by our third-party payment processors and is not stored on our servers.
• Business Information: Industry type, company size, revenue data, business goals, operational details, existing technology stack, and other business-related information you share during consultations, audits, or onboarding.
• Communications: Content of emails, chat messages, phone call recordings (where permitted by law), voicemails, text messages, and any other communications you send to or receive from us.
• User-Generated Content: Prompts, inputs, uploaded files, documents, images, audio recordings, and any other content you provide to our AI systems or through our Services.
• Survey and Feedback Information: Responses to surveys, questionnaires, reviews, testimonials, and feedback forms.
• Job Application Information: Resumes, cover letters, work history, education, and other employment-related information if you apply for a position with us.

2.2 Information Collected Automatically

• Device Information: IP address, browser type and version, operating system, device type, device identifiers, screen resolution, and language preferences.
• Usage Data: Pages visited, time spent on pages, click patterns, scroll depth, navigation paths, referring URLs, exit pages, search queries, and interaction data.
• Location Data: Approximate geographic location derived from your IP address, including city, state/province, country, and time zone.
• Log Data: Server logs including access times, error logs, HTTP request data, and system activity information.
• Cookies and Tracking Technologies: Information collected through cookies, web beacons, pixel tags, local storage, session storage, and similar technologies as described in Section 10 below.

2.3 Information from Third Parties

• Analytics Providers: Data from Google Analytics, Meta (Facebook) Pixel, and other analytics platforms regarding your interactions with our Site and advertisements.
• Advertising Partners: Information from advertising networks, social media platforms, and marketing partners about your interactions with our ads.
• CRM and Marketing Platforms: Data from customer relationship management systems, email marketing platforms, and marketing automation tools that we use to manage client relationships.
• Public Sources: Publicly available information from business directories, social media profiles, government records, and other public databases.
• Service Integrations: Information received through integrations with third-party services that our clients authorize, including CRM systems, calendars, email platforms, and communication tools.

2.4 AI-Specific Data Collection

In connection with our AI-powered Services, we may collect and process the following additional categories of information:

• AI Interaction Data: Inputs, prompts, queries, and commands provided to our AI systems, including AI voice agents, chatbots, and automated assistants.
• AI Output Data: Responses, recommendations, predictions, and other outputs generated by our AI systems.
• Voice and Audio Data: Call recordings, voice transcriptions, voicemail recordings, and audio data processed by our AI voice agents, subject to applicable consent requirements.
• Behavioral and Inference Data: Patterns, preferences, trends, and inferences derived from AI analysis of your data, including lead scoring, sentiment analysis, and predictive analytics.
• Performance Metrics: Data related to the performance of AI systems, including accuracy rates, response times, conversion metrics, and system health indicators.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Service Delivery and Operations

• To provide, maintain, operate, and improve our AI automation Services
• To process and fulfill service requests, orders, and transactions
• To set up, configure, and manage client accounts and AI systems
• To provide customer support, technical assistance, and troubleshooting
• To schedule and conduct consultations, audits, and onboarding sessions
• To generate reports, dashboards, and analytics for clients

3.2 AI System Training and Improvement

• To train, calibrate, test, and improve our AI models and algorithms
• To enhance the accuracy, reliability, and performance of AI outputs
• To develop new features, products, and services
• To conduct research and development in artificial intelligence and machine learning

Important: We may use aggregated, de-identified, or anonymized data derived from your interactions with our Services to train and improve our AI models. Such aggregated or de-identified data does not identify you personally and is not subject to the restrictions in this Privacy Policy regarding personal information.

3.3 Communications and Marketing

• To respond to your inquiries, requests, and communications
• To send transactional communications (confirmations, receipts, service updates)
• To send marketing and promotional communications (with your consent or as permitted by law)
• To personalize content and advertisements based on your interests and preferences
• To conduct surveys, contests, and promotional activities

3.4 Analytics and Business Intelligence

• To analyze website usage patterns, user behavior, and engagement metrics
• To measure the effectiveness of our marketing campaigns and advertising
• To generate business intelligence, market research, and trend analysis
• To optimize our Site, Services, and user experience

3.5 Legal and Compliance

• To comply with applicable laws, regulations, legal processes, and governmental requests
• To enforce our Terms of Service, contracts, and other agreements
• To protect our rights, property, safety, and the rights of our users and the public
• To detect, prevent, and address fraud, security issues, and technical problems
• To establish, exercise, or defend legal claims

4. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, we process your personal data based on the following legal bases under the General Data Protection Regulation (GDPR) and equivalent legislation:

• Consent (Article 6(1)(a)): Where you have given clear, affirmative consent for us to process your personal data for specific purposes, such as receiving marketing communications or the use of non-essential cookies.
• Contractual Necessity (Article 6(1)(b)): Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract, such as providing our Services.
• Legitimate Interests (Article 6(1)(f)): Where processing is necessary for our legitimate interests or those of a third party, provided such interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving our Services, preventing fraud, ensuring network security, and direct marketing to existing clients.
• Legal Obligation (Article 6(1)(c)): Where processing is necessary for compliance with a legal obligation to which we are subject, such as tax reporting, record-keeping requirements, or responding to lawful government requests.
• Vital Interests (Article 6(1)(d)): Where processing is necessary to protect the vital interests of you or another natural person.

5. Information Sharing and Disclosure

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

5.1 Service Providers and Processors

We share information with third-party service providers who perform services on our behalf, including but not limited to:

• Cloud hosting and infrastructure providers (e.g., Amazon Web Services, Google Cloud)
• Payment processors (e.g., Stripe, PayPal)
• CRM and marketing automation platforms (e.g., GoHighLevel, HubSpot)
• Analytics and advertising platforms (e.g., Google Analytics, Meta/Facebook)
• Email service providers and communication platforms
• AI and machine learning service providers (e.g., OpenAI, Google AI)
• Scheduling and calendar services
• Customer support and ticketing systems

These service providers are contractually obligated to use your information only for the purposes of providing services to us and are required to maintain appropriate security measures.

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, dissolution, sale of all or a portion of our assets, or similar corporate transaction, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Site of any change in ownership or uses of your personal information.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with a legal obligation, court order, subpoena, or governmental request; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing in connection with the Services; (d) protect the personal safety of users of the Services or the public; or (e) protect against legal liability.

5.4 With Your Consent

We may share your information with third parties when you have given us your explicit consent to do so.

5.5 Aggregated and De-Identified Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you with third parties for any purpose, including research, analytics, marketing, and business development.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, tax, or reporting requirements. The specific retention period depends on the nature of the data and the purpose of processing:

• Client Account Data: Retained for the duration of the client relationship and for seven (7) years thereafter to comply with tax and legal obligations.
• Marketing and Communication Data: Retained until you opt out or request deletion, or for three (3) years after your last interaction with us, whichever comes first.
• Website Usage Data: Retained for up to twenty-six (26) months from the date of collection.
• AI Interaction Data: Retained for the duration of the client relationship and for up to twelve (12) months thereafter for quality assurance and system improvement purposes, unless a longer retention period is required by law.
• Call Recordings and Voice Data: Retained for up to twelve (12) months from the date of recording, unless a longer retention period is required by law or requested by the client.
• Payment Records: Retained for seven (7) years to comply with tax and financial reporting requirements.

When personal information is no longer needed, we will securely delete or anonymize it. Anonymized data may be retained indefinitely for research and analytical purposes.

7. Data Security

We implement and maintain reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, disclosure, or destruction. These measures include, but are not limited to:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest using industry-standard encryption algorithms
• Access controls and authentication mechanisms, including multi-factor authentication
• Regular security assessments, vulnerability scanning, and penetration testing
• Employee security awareness training and access restrictions based on the principle of least privilege
• Incident response procedures and breach notification protocols
• Secure software development practices and code review processes
• Physical security measures for data center facilities maintained by our hosting providers

Disclaimer: Despite our efforts, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You acknowledge and accept that you transmit information to us at your own risk.

8. International Data Transfers

Vorant is based in the United States. If you are accessing the Site or Services from outside the United States, please be aware that your personal information will be transferred to, stored, and processed in the United States, where our servers are located and our central database is operated.

The data protection laws of the United States may differ from those of your country of residence. By using the Site or Services, you consent to the transfer of your information to the United States and the processing of your information in the United States.

For transfers of personal data from the EEA, UK, or Switzerland to the United States, we rely on: (a) Standard Contractual Clauses (SCCs) approved by the European Commission; (b) your explicit consent; or (c) other lawful transfer mechanisms as applicable. You may request a copy of the relevant transfer mechanism by contacting us using the information provided in Section 18.

9. Third-Party Services and Links

Our Site and Services may contain links to, or integrations with, third-party websites, applications, and services that are not owned or controlled by Vorant. These include, but are not limited to, scheduling platforms (e.g., Calendly, Google Calendar), social media platforms (e.g., Instagram, Facebook, LinkedIn), payment processors, analytics services, and AI service providers.

We are not responsible for the privacy practices, content, or security of any third-party websites or services. We strongly encourage you to review the privacy policies and terms of service of any third-party website or service before providing any personal information. Your interactions with third-party services are governed solely by the terms and privacy policies of those third parties.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and use information about you and your interactions with our Site. The types of cookies and tracking technologies we use include:

10.1 Essential Cookies

These cookies are strictly necessary for the operation of our Site. They enable core functionality such as security, network management, and accessibility. You cannot opt out of these cookies.

10.2 Analytics and Performance Cookies

These cookies collect information about how visitors use our Site, including which pages are visited most often, how visitors navigate the Site, and whether they encounter error messages. We use services such as Google Analytics to collect this information. All information collected by these cookies is aggregated and therefore anonymous.

10.3 Advertising and Targeting Cookies

These cookies are used to deliver advertisements that are relevant to you and your interests. They are also used to limit the number of times you see an advertisement and to measure the effectiveness of advertising campaigns. We may use services such as Meta (Facebook) Pixel, Google Ads, and other advertising platforms.

10.4 Functional Cookies

These cookies allow our Site to remember choices you make (such as your language preference or the region you are in) and provide enhanced, more personalized features.

10.5 Managing Cookies

Most web browsers are set to accept cookies by default. You can usually modify your browser settings to decline cookies or to alert you when cookies are being sent. Please note that if you disable or refuse cookies, some parts of our Site may become inaccessible or not function properly. For more information about cookies and how to manage them, visit www.allaboutcookies.org.

10.6 Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. Because there is no uniform standard for how DNT signals should be interpreted, our Site does not currently respond to DNT signals. We will continue to monitor developments around DNT browser technology and update our practices accordingly.

11. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information. We are committed to honoring these rights and facilitating their exercise.

11.1 General Rights

Subject to applicable law, you may have the right to:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that we correct inaccurate or incomplete personal information.
• Deletion: Request that we delete your personal information, subject to certain exceptions.
• Portability: Request that we provide your personal information in a structured, commonly used, machine-readable format.
• Restriction: Request that we restrict the processing of your personal information under certain circumstances.
• Objection: Object to the processing of your personal information for certain purposes, including direct marketing.
• Withdraw Consent: Where processing is based on consent, withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
• Opt Out of Marketing: Unsubscribe from marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us directly.

11.2 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected] or call (925) 813-2422. We will respond to your request within the timeframe required by applicable law (generally within 30 to 45 days). We may need to verify your identity before processing your request. If we are unable to fulfill your request, we will provide you with an explanation.

11.3 Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge you different prices, provide a different level of service, or suggest that you will receive a different price or level of service for exercising your rights.

12. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, "CCPA").

12.1 Right to Know

You have the right to request that we disclose: (a) the categories of personal information we have collected about you; (b) the categories of sources from which we collected your personal information; (c) the business or commercial purpose for collecting, selling, or sharing your personal information; (d) the categories of third parties to whom we disclose your personal information; and (e) the specific pieces of personal information we have collected about you.

12.2 Right to Delete

You have the right to request that we delete any personal information about you that we have collected, subject to certain exceptions provided by law (e.g., completing a transaction, detecting security incidents, complying with legal obligations).

12.3 Right to Correct

You have the right to request that we correct inaccurate personal information that we maintain about you.

12.4 Right to Opt Out of Sale or Sharing

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising purposes. If our practices change in the future, we will update this Privacy Policy and provide you with the right to opt out.

12.5 Right to Limit Use of Sensitive Personal Information

If we collect sensitive personal information (as defined by the CCPA), you have the right to limit our use and disclosure of such information to purposes that are necessary to perform the Services or as otherwise permitted by law.

12.6 Authorized Agents

You may designate an authorized agent to make a request on your behalf. We may require the authorized agent to provide proof of your written authorization and may need to verify your identity directly.

12.7 Categories of Personal Information Collected

In the preceding twelve (12) months, we have collected the following categories of personal information as defined by the CCPA:

• Identifiers (name, email, phone number, IP address)
• Personal information categories listed in Cal. Civ. Code § 1798.80(e) (name, address, telephone number)
• Commercial information (services purchased, purchasing history)
• Internet or other electronic network activity information (browsing history, search history, interaction with our Site)
• Geolocation data (approximate location from IP address)
• Audio, electronic, visual, or similar information (call recordings, voicemails)
• Professional or employment-related information (business name, industry, role)
• Inferences drawn from the above categories (lead scores, preferences, behavioral patterns)

12.8 "Shine the Light" Law

Under California Civil Code Section 1798.83, California residents may request information regarding the disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

13. Additional State Privacy Rights

If you are a resident of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Iowa (ICDPA), Delaware (DPDPA), New Hampshire (NHPA), New Jersey (NJDPA), Tennessee (TIPA), Indiana (IDPA), or any other state with applicable privacy legislation, you may have additional rights under your state's privacy law, including:

• The right to confirm whether we are processing your personal data
• The right to access your personal data
• The right to correct inaccuracies in your personal data
• The right to delete your personal data
• The right to obtain a copy of your personal data in a portable format
• The right to opt out of targeted advertising, the sale of personal data, and profiling in furtherance of decisions that produce legal or similarly significant effects
• The right to appeal a denial of your privacy request

To exercise any of these rights, please contact us using the information in Section 18. If we deny your request, you have the right to appeal our decision by contacting us at [email protected] with the subject line "Privacy Rights Appeal."

14. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following additional rights under the GDPR and equivalent legislation:

• Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority if you believe that our processing of your personal data violates applicable law.
• Right to Object to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless such processing is necessary for a contract, authorized by law, or based on your explicit consent.
• Data Protection Officer: For inquiries related to GDPR compliance, please contact us at [email protected].

15. Children's Privacy

Our Site and Services are not directed to, and we do not knowingly collect personal information from, children under the age of 16 (or under the age of 13 in the United States, as governed by the Children's Online Privacy Protection Act, "COPPA"). If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. If we become aware that we have collected personal information from a child without verification of parental consent, we will take steps to promptly delete that information from our servers.

16. CAN-SPAM Act and TCPA Compliance

16.1 CAN-SPAM Act

We comply with the CAN-SPAM Act of 2003. All commercial email messages sent by us will: (a) clearly identify us as the sender; (b) include a valid physical postal address; (c) include a clear and conspicuous opt-out mechanism; (d) honor opt-out requests within ten (10) business days; and (e) not use deceptive subject lines or false header information. To opt out of marketing emails, click the "unsubscribe" link at the bottom of any marketing email or contact us at [email protected].

16.2 Telephone Consumer Protection Act (TCPA)

We comply with the Telephone Consumer Protection Act (TCPA) and applicable Federal Communications Commission (FCC) regulations. We will not make autodialed, prerecorded, or artificial voice calls or send text messages to your phone number without your prior express consent (or prior express written consent for marketing messages). You may revoke your consent at any time by contacting us at [email protected] or by replying "STOP" to any text message.

Important for Clients Using AI Voice Agents: If you are a client using our AI voice agent services, you are solely responsible for ensuring that your use of such services complies with the TCPA, FCC regulations, and all applicable state and federal telemarketing laws, including obtaining all required consents from your customers and end users before initiating automated calls or text messages through our systems.

16.3 SMS Opt-In and Communications

When you provide your phone number and consent through our website forms, you opt in to receive SMS messages from VORANT. These messages may include appointment confirmations, service reminders, follow-up communications, and promotional offers. You may opt out at any time by replying STOP to any message. Reply HELP for assistance. Message frequency varies. Standard message and data rates may apply. Please contact your mobile carrier for details about your messaging plan.

Our SMS messaging services are intended for individuals aged 18 and older. By opting in to receive SMS communications, you confirm that you are at least 18 years of age.

16.4 Mobile Information Sharing

VORANT does not sell, rent, share, or otherwise disclose your mobile phone number or any related mobile data to third parties for marketing or promotional purposes. Your mobile information will only be used to deliver the SMS communications you have consented to receive and for the operational purposes described in this Privacy Policy.

17. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make material changes, we will: (a) update the "Last updated" date at the top of this page; (b) post the revised Privacy Policy on our Site; and (c) where required by law, notify you by email or through a prominent notice on our Site prior to the changes taking effect.

Your continued use of the Site or Services after the posting of any revised Privacy Policy constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Privacy Policy periodically for any changes. If you do not agree with the revised Privacy Policy, you must stop using the Site and Services and contact us to request deletion of your personal information.

We will update this Privacy Policy at least once every twelve (12) months, as required by the CCPA.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal information, or our privacy practices, please contact us at:

For privacy-specific requests, please include "Privacy Request" in the subject line of your email. We will respond to all privacy-related inquiries within the timeframe required by applicable law.