Privacy Policy
Last updated: June 30, 2026
1. Overview
Recoverly AI LLC ("Recoverly", "we", "us", or "our") provides a vertical AI agent built for digital producers, e-commerce operators, and info-product businesses. Our agent automates sales conversations, call-center interactions, broadcasting, post-sale customer success, customer support, and revenue recovery across voice, email, SMS, and messaging channels.
This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, how long we keep it, and the rights you have under applicable privacy laws, including the EU/UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), and Brazil's LGPD.
2. Who we are
The data controller responsible for personal data processed through recoverly.io and the Recoverly platform is:
- Recoverly AI LLC
- 525 Randall Ave, Ste 100 – 1026, Cheyenne, WY 82001, United States
- Email: hello@recoverly.io
When we act on behalf of a customer (for example, when our agent talks to that customer's buyers), Recoverly is a processor and the customer is the controller. When you interact with our website, marketing, or sign-up forms directly, Recoverly is the controller.
3. Scope of this policy
This policy covers personal data processed when you:
- visit recoverly.io or any Recoverly subdomain;
- submit our application form or contact us;
- create or use a Recoverly account or workspace;
- integrate Recoverly with a third-party platform (e.g., ClickBank, Digistore24, BuyGoods, Shopify, Stripe, PayPal, WooCommerce, CartPanda, Hotmart, Kiwify, Yampi);
- are contacted by the Recoverly agent on behalf of one of our customers.
4. Data we collect
4.1 Information you provide
- Account & application data: name, corporate email, company, website, role, niche, platform, revenue band, monthly orders, country, message.
- Billing data: handled by our payment processors; we receive limited metadata (last 4 digits, brand, country) — never full card numbers.
- Support communications: any content you send us by email or form.
4.2 Information from your integrations
- Order, customer, transaction, refund, chargeback, abandoned-cart, and subscription data from connected platforms;
- End-customer identifiers necessary to deliver recovery, support, and post-sale workflows (name, email, phone, order ID, country, language).
4.3 Information collected automatically
- Device, browser, IP address, approximate location, referrer, pages viewed, timestamps;
- Product telemetry: feature usage, agent runs, message volumes, error logs.
4.4 Conversational data
When the Recoverly agent interacts with end-customers, we process the content of those conversations (voice transcripts, chat messages, emails, SMS) to deliver the service, improve safety, and provide reporting to the controller (our customer).
5. How we use your data
- Operate and deliver the Recoverly agent and dashboards;
- Authenticate users, prevent fraud, and secure the platform;
- Provision integrations with third-party platforms you authorize;
- Generate analytics and reporting for your workspace;
- Improve the product, including evaluating model quality with appropriate safeguards;
- Communicate with you about your account, security, and product updates;
- Comply with legal obligations and enforce our agreements.
We do not sell personal data, and we do not use customer conversational content to train third-party foundation models.
6. Legal bases (GDPR / LGPD)
- Contract: to provide the Recoverly service to you.
- Legitimate interests: to secure, improve, and analyze our service, prevent abuse, and develop our business.
- Consent: for optional cookies and certain marketing communications, where required.
- Legal obligation: tax, accounting, anti-fraud, and lawful-request compliance.
7. AI processing & automated decisions
Recoverly is an AI-driven agent. We use large language models, speech models, and routing logic to generate responses, recover revenue, and qualify conversations. The agent operates under guardrails defined by the controller (our customer) and by Recoverly's internal policies.
Automated decisions made by the agent (e.g., classifying a conversation, offering a discount, scheduling a follow-up) do not produce legal or similarly significant effects for end-users on their own. You can request human review of any decision that materially affects you by writing to hello@recoverly.io.
9. Subprocessors
We rely on vetted subprocessors for hosting, AI inference, messaging, and analytics, including:
- Cloud hosting and database providers (e.g., Cloudflare, Supabase);
- Transactional email providers (e.g., Postmark);
- AI model providers (e.g., OpenAI, Anthropic, Google) under enterprise data-processing terms with no training on customer data;
- Voice and telephony providers for the AI call center;
- Analytics and error-monitoring tools.
A current subprocessor list is available on request at hello@recoverly.io.
10. International transfers
Recoverly is established in the United States (Wyoming). Where we transfer personal data outside the EEA, UK, or Brazil, we rely on Standard Contractual Clauses (SCCs), UK IDTA, or equivalent safeguards, and apply additional measures as needed.
11. Data retention
- Account data: for the life of your account plus up to 24 months.
- Conversational logs: by default 12 months, or as configured by the controller.
- Billing & tax records: at least 7 years, as required by law.
- Backups: rolling 30 days, then purged.
12. Security
We protect personal data using TLS in transit, encryption at rest, least-privilege access controls, audit logging, scoped service tokens, secret rotation, isolated environments, and regular security reviews. No system is perfectly secure — if we become aware of a breach affecting your data, we will notify you and the relevant authorities as required by law.
13. Your rights (GDPR, CCPA, LGPD)
Depending on your jurisdiction, you may have the right to:
- access the personal data we hold about you;
- request correction or deletion;
- object to or restrict certain processing;
- port your data to another service;
- withdraw consent at any time;
- opt out of "sale" or "sharing" of personal data (CCPA) — Recoverly does not sell personal data;
- lodge a complaint with your local supervisory authority (e.g., ANPD in Brazil, your EU/UK DPA, or your state attorney general).
To exercise any of these rights, email hello@recoverly.io. If you are an end-user of one of our customers, please contact that customer first; we will assist them in responding.
14. Children's privacy
Recoverly is a B2B product and is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us so we can delete it.
16. Changes to this policy
We may update this policy from time to time. The "last updated" date at the top of the page reflects the latest version. Material changes will be communicated through the product or by email.
17. Contact us
Questions, requests, or complaints? Email hello@recoverly.io or write to Recoverly AI LLC, 525 Randall Ave, Ste 100 – 1026, Cheyenne, WY 82001, United States.