INTRODUCTION AI Revenue Labs ("we," "us," or "our") operates as a conversation management automation service provider for real estate professionals. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services. Our Commitment: We respect your privacy and are committed to protecting your personal information. This policy describes your privacy rights and how the law protects you. Scope: This Privacy Policy applies to all users of AI Revenue Labs services, including visitors to our website, prospective clients, active subscribers, and end users whose data may be processed through our automation services.

INFORMATION WE COLLECT 2.1 Information You Provide Directly Account Information: Full name Business name Email address Phone number Billing address Payment information (processed securely through Stripe) Business Information: Real estate license details (if applicable) Brokerage affiliation Service tier selection Team member information (for Growth and Scale tiers) Communications: Support requests and correspondence Feedback and survey responses Meeting notes and consultation records 2.2 Information Collected Automatically Usage Data: Service access logs Feature usage patterns Response time metrics Lead management statistics System performance data Technical Information: IP address Browser type and version Device information Operating system Time zone settings Referral source Cookies and Tracking: We use cookies and similar technologies to enhance your experience. You can control cookie preferences through your browser settings. See Section 10 for details. 2.3 Information from Third-Party Sources Integration Partners: Email service provider information Calendar integration data Social media platform data (LinkedIn, Facebook, Instagram) CRM integration data (when you connect your systems) Payment Processors: Transaction verification data from Stripe Billing status updates Payment method validation 2.4 Lead and Contact Data Through Our Services: When you use our automation services, we process information about your leads and contacts, including: Names and contact details Communication history Engagement metrics Property interests and preferences Conversation transcripts Important: You are the data controller for this information. We process it only as your service provider (data processor) according to your instructions and our Terms of Service.

HOW WE USE YOUR INFORMATION 3.1 Service Delivery Primary Uses: Provide and maintain automation services Process transactions and send billing statements Deliver customer support Monitor service performance and uptime Implement lead response automation Generate nurture sequences Track speed-to-lead metrics 3.2 Communication Service-Related: Send service updates and maintenance notifications Provide technical support Respond to inquiries and requests Deliver training and onboarding materials We do not send marketing communications without prior opt-in.: Send newsletters and product updates Share industry insights and best practices Offer promotional opportunities Provide case studies and success stories Opt-Out: You can unsubscribe from marketing communications at any time using the link in our emails or by contacting [email protected]. 3.3 Improvement and Analytics Service Enhancement: Analyze usage patterns to improve features Identify and fix technical issues Develop new functionality Optimize automation performance Enhance user experience Aggregated Analytics: Generate industry benchmarks (anonymized) Create performance reports Conduct research and analysis Measure service effectiveness 3.4 Legal and Security Compliance: Comply with legal obligations Enforce our Terms of Service Protect against fraud and abuse Respond to legal requests Defend our legal rights Security: Detect and prevent security incidents Monitor for unauthorized access Protect system integrity Safeguard user data

HOW WE SHARE YOUR INFORMATION 4.1 Service Providers We share information with trusted third-party vendors who assist in operating our business: Infrastructure Partners: Cloud hosting providers Email delivery services Analytics platforms Automation technology providers Payment Processing: Stripe (payment processing and billing) Financial institutions for transaction verification Communications: Email service providers SMS/messaging platforms Customer support tools All service providers: Are contractually obligated to protect your data Use information only for specified purposes Comply with applicable privacy laws Maintain appropriate security measures 4.2 Business Transfers If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and your choices regarding your information. 4.3 Legal Requirements We may disclose your information when required by law or in response to: Valid legal process (subpoenas, court orders) Government requests Legal claims or disputes Protection of rights, property, or safety Fraud prevention and security 4.4 With Your Consent We may share your information for purposes not described in this policy when we have your explicit consent. 4.5 Aggregated and De-Identified Data We may share aggregated or de-identified information that cannot reasonably be used to identify you, including: Industry benchmarks Performance statistics Market research data Anonymized case studies

DATA RETENTION 5.1 Account Data Active Accounts: We retain your account information for as long as your account is active and you use our services. Closed Accounts: After account closure, we retain certain information for: Retention periods vary by data category as described here and in our Terms. Immediate Deletion: Payment credentials (stored only by Stripe, not by us) Sensitive authentication data after account closure 5.2 Lead and Contact Data Your Control: You control retention of lead and contact data processed through our services. You can: Export data at any time Delete specific records Request full data deletion upon account closure Our Processing: We retain lead data only as long as necessary to provide services and as directed by you in your account settings. 5.3 Legal Holds We may retain information longer when required by: Legal obligations Ongoing litigation Regulatory requirements Fraud investigations

DATA SECURITY 6.1 Security Measures We implement industry-standard security measures to protect your information: Technical Safeguards: Encryption in transit (TLS 1.2+) Encryption at rest for sensitive data Secure authentication protocols Periodic internal security reviews Intrusion detection systems Firewall protection Organizational Safeguards: Access controls and authentication Employee security training Confidentiality agreements Incident response procedures Regular security assessments Physical Safeguards: Secure data center facilities Controlled access to servers Environmental protections Backup and disaster recovery systems 6.2 Payment Security PCI Compliance: All payment processing is handled by Stripe, a PCI-DSS Level 1 certified payment processor. We never store: Full credit card numbers CVV codes Unencrypted payment credentials 6.3 Limitations Important Notice: No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for: Maintaining confidential login credentials Using strong passwords Reporting suspicious activity Securing your devices and networks 6.4 Breach Notification In the event of a data breach affecting your personal information, we will: Notify you within 72 hours of discovery Describe the nature of the breach Explain steps we're taking to address it Provide guidance on protecting yourself Comply with applicable breach notification laws

YOUR PRIVACY RIGHTS 7.1 Access and Portability Right to Access: You can request a copy of the personal information we hold about you. Data Portability: You can request your data in a structured, machine-readable format to transfer to another service provider. How to Request: Email [email protected] with "Data Access Request" in the subject line. Response Time: We will respond within 30 days of verification. 7.2 Correction and Updates Right to Correct: You can update or correct your personal information at any time through: Your account dashboard Email to [email protected] Direct contact with your account manager Our Responsibility: We will update our records within 5 business days of receiving your correction request. 7.3 Deletion Rights Right to Delete: You can request deletion of your personal information, subject to: Legal retention requirements Legitimate business needs Ongoing transaction completion Fraud prevention obligations Process: Submit deletion request to [email protected] We verify your identity We confirm deletion eligibility We delete data within 30 days We send confirmation of deletion Exceptions: We may retain certain information when: Required by law Necessary to resolve disputes Needed to enforce agreements Essential for fraud prevention 7.4 Marketing Opt-Out Unsubscribe Options: Click "unsubscribe" in any marketing email Email [email protected] Adjust preferences in your account settings Processing Time: We will process opt-out requests within 10 business days. Service Communications: You cannot opt out of essential service communications (billing, security, legal notices). 7.5 California Privacy Rights (CCPA) For California Residents: You have the right to: Know what personal information we collect Know whether we sell or share personal information Opt-out of sale of personal information Request deletion of personal information Non-discrimination for exercising your rights Our Statement: We do NOT sell your personal information to third parties. How to Exercise Rights: Email [email protected] "California Privacy Request" in the subject line. Authorized Agents: You may designate an authorized agent to make requests on your behalf by providing written authorization. 7.6 Nevada Privacy Rights For Nevada Residents: You have the right to opt-out of the sale of personal information. We do not sell your personal information, but you can submit an opt-out request to [email protected].

INTERNATIONAL DATA TRANSFERS 8.1 Cross-Border Processing Our Location: AI Revenue Labs operates from India and serves clients primarily in the United States. Data Transfer: Your information may be transferred to and processed in India or other countries where our service providers operate. Protection Measures: When transferring data internationally, we ensure: Adequate data protection safeguards Compliance with applicable data transfer regulations Contractual protections with service providers Security measures during transmission 8.2 Your Consent By using our services, you consent to the transfer of your information to India and other countries as necessary to provide our services.

CHILDREN'S PRIVACY Age Restriction: Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If We Learn of Child Data: If we discover we have collected information from a child under 18, we will: Delete the information immediately Terminate the account Notify the account holder Parent/Guardian Rights: If you believe we have information about a child under 18, contact [email protected] immediately.

COOKIES AND TRACKING TECHNOLOGIES (Where required by law, we obtain consent before placing non-essential cookies.) 10.1 What We Use Essential Cookies: Session management Authentication Security features Load balancing Analytics Cookies: Usage patterns Performance monitoring Feature engagement Error tracking Marketing Cookies: Campaign tracking Conversion measurement Retargeting (with consent) A/B testing 10.2 Your Choices Browser Controls: You can control cookies through your browser settings: Block all cookies Block third-party cookies Delete existing cookies Receive cookie notifications Impact of Blocking: Blocking essential cookies may prevent full service functionality. Do Not Track: We currently do not respond to "Do Not Track" signals, as there is no industry standard for compliance. 10.3 Third-Party Tracking Analytics Providers: We use third-party analytics services (Google Analytics, etc.) that may use cookies. These providers have their own privacy policies governing their data practices. Opt-Out: You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

THIRD-PARTY LINKS AND SERVICES External Links: Our website and services may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. Your Responsibility: Review the privacy policies of any third-party sites you visit. Integrations: When you connect third-party services to your AI Revenue Labs account, their privacy policies govern how they handle your data.

CHANGES TO THIS PRIVACY POLICY 12.1 Updates We may update this Privacy Policy from time to time to reflect: Changes in our practices New legal requirements Service enhancements User feedback 12.2 Notification Material Changes: We will notify you of material changes by: Email to your registered address Prominent notice on our website In-app notification 30 days advance notice Minor Changes: For non-material changes, we will update the "Last Updated" date and post the revised policy. 12.3 Your Acceptance Continued use of our services after changes take effect constitutes acceptance of the updated Privacy Policy.

CONTACT INFORMATION 13.1 Privacy Inquiries Email: [email protected] Subject Line: Include "Privacy Request" for faster processing Response Time: We aim to respond to all privacy inquiries within 5 business days. 13.2 Data Protection Officer For questions about data protection practices: Email: [email protected] Mail: AI Revenue Labs - Data Protection Officer [Your Business Address] New Delhi, India 13.3 Support Contact General Support: [email protected] Phone: [Your Support Number] Hours: Monday-Friday, 9 AM - 6 PM IST 13.4 Legal Department For legal notices or formal requests: Email: [email protected] Mail: AI Revenue Labs - Legal Department [Your Business Address] New Delhi, India

SPECIFIC DISCLOSURES 14.1 Real Estate Compliance Fair Housing Act: We are committed to compliance with the Fair Housing Act. Our services do not: Discriminate based on protected classes Enable discriminatory marketing practices Facilitate housing discrimination Your Responsibility: As a real estate professional, you are responsible for ensuring your use of our services complies with all applicable fair housing laws. 14.2 Data Controller vs. Processor We Are the Controller: For information about your account, billing, and our services. We Are the Processor: For lead and contact data you process through our automation services. You are the controller of this data. Your Obligations: As the data controller for your leads and contacts, you must: Obtain necessary consents Provide required privacy notices Honor data subject requests Comply with applicable privacy laws 14.3 Export Service Compliance Cross-Border Services: AI Revenue Labs operates as an export service provider from India. We comply with: Reserve Bank of India (RBI) export service regulations Indian data protection requirements US data import requirements International data transfer standards

DEFINITIONS Personal Information: Information that identifies, relates to, or could reasonably be linked to you. Service Provider: Third parties who process data on our behalf under contract. Data Controller: Entity that determines purposes and means of processing personal data. Data Processor: Entity that processes personal data on behalf of the controller. Cookies: Small text files stored on your device to track information. Aggregate Data: Information combined from multiple users, anonymized so individuals cannot be identified. De-Identified Data: Information that has been modified to remove personal identifiers.

We do not actively target EU/EEA residents, but may process data incidentally. While we primarily serve US-based clients, if you are in the EU/EEA, we process your data based on: Contract Performance: Processing necessary to provide our services under our Terms of Service. Legitimate Interests: Improving our services, preventing fraud, ensuring security. Legal Compliance: Meeting legal obligations and responding to legal requests. Consent: Marketing communications and optional features (you can withdraw consent anytime).