Privacy Policy
Maben Marketing
Effective Date: 11/26/25
Last Updated: 11/26/25
Introduction
At Maben Marketing ("we," "us," "our," or "Company"), we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our services or visit our website.
Our Contact Information:
Company Name: Maben Marketing
Website: www.mabenmarketing.com
Email: [email protected]
Physical Address: W196N5033 Sequoia Ct., Menomonee Falls, WI 53051
Who This Policy Applies To:
This Privacy Policy applies to two groups:
Our Clients: Businesses that purchase our AI voice agents, chatbots, and marketing automation services
End Users: Individuals who interact with AI systems we've deployed for our clients (such as customers calling a business that uses our AI voice agents)
Please read this policy carefully to understand how we handle your information.
1. Information We Collect
1.1 Information Collected from Our Clients
When you sign up for our services, we collect:
Contact and Account Information:
Full name and business name
Email address
Phone number
Business address
Job title and role
Billing and payment information (processed through Stripe)
Business Information:
Industry and business type
Company size
Service preferences and requirements
Marketing goals and objectives
Technical Information:
IP address
Browser type and version
Device information
Operating system
Usage data and analytics
Cookies and tracking data
Communications:
Emails, chat messages, and support tickets
Phone call recordings (with your consent)
Meeting notes and recordings
Feedback and survey responses
1.2 Information Collected from End Users (Your Customers)
When end users interact with AI systems we've deployed for our clients, we may collect:
Interaction Data:
Name (if provided during interaction)
Phone number (caller ID information)
Email address (if provided)
Voice recordings and call transcripts
Chat messages and conversation history
Date, time, and duration of interactions
Technical Data:
IP address
Device information
Browser information
Location data (if provided by device)
Business-Related Information:
Appointment requests and preferences
Product or service inquiries
Customer service requests
Any information voluntarily provided during interactions
1.3 Information We Receive from Third Parties
We may receive information from:
Payment processors (Stripe) - payment and transaction data
Platform providers (GoHighLevel) - CRM and marketing data
Communication services (Twilio) - call and messaging data
Analytics providers (Google Analytics) - website usage data
AI services (OpenAI) - processing results and improvements
Publicly available sources - business information for prospecting
1.4 Automatically Collected Information
We automatically collect:
Website visit data through cookies and analytics
Log files containing IP addresses, browser types, and page views
Usage patterns and feature interactions
Error reports and performance data
2. How We Use Your Information
2.1 To Provide Our Services
We use your information to:
Set up, configure, and deploy AI voice agents and chatbots
Process appointments, inquiries, and customer service requests
Manage your account and provide customer support
Process payments and maintain billing records
Deliver notifications about your services
Fulfill our contractual obligations
2.2 To Improve AI Systems
We use data to:
Train and improve AI response accuracy
Customize AI systems for your specific business needs
Analyze conversation quality and effectiveness
Identify areas for optimization
Test new features and capabilities
Improve natural language understanding
Important Note on AI Training: We use conversation data to improve AI performance for your specific implementation. We do NOT use your proprietary business information or customer data to train AI models that serve other clients. Anonymized, aggregated data may be used for general system improvements.
2.3 For Analytics and Business Operations
We analyze data to:
Understand how our services are used
Monitor system performance and uptime
Identify technical issues and bugs
Generate usage reports and insights
Improve our website and user experience
Conduct internal research and development
2.4 For Marketing and Communications
We may use your information to:
Send service updates and announcements
Provide technical support and customer service
Send marketing emails about our services (with opt-out option)
Request feedback and reviews
Inform you about new features or offerings
2.5 For Legal and Security Purposes
We use information to:
Comply with legal obligations and regulations
Enforce our Terms of Service
Protect against fraud and unauthorized access
Respond to legal requests and investigations
Protect our rights, property, and safety
Resolve disputes
3. AI-Specific Data Processing
3.1 Voice Recording and Transcription
When AI voice agents interact with end users:
Calls may be recorded for quality, training, and compliance purposes
Voice recordings are transcribed into text for analysis
Recordings are stored securely on Google Cloud servers
Our clients control whether recordings are enabled
Where legally required, recordings include disclosure notices
3.2 Chat and Conversation Data
AI chatbot interactions:
Are logged and stored for service delivery
May be analyzed to improve response quality
Are accessible to our clients through their dashboard
Are retained according to our data retention policies
3.3 AI Training and Learning
AI systems learn from interactions to improve accuracy
Training occurs within each client's isolated system
We do not share one client's training data with other clients
Generic improvements to AI capabilities may use anonymized, aggregated data
Clients can request that their data not be used for training purposes
3.4 Third-Party AI Services
We use OpenAI's services for AI processing:
Data sent to OpenAI is subject to their privacy policy
We use OpenAI's API, which does not use customer data to train their models (per OpenAI's current API policy)
Conversations are processed in real-time and may be temporarily cached
We select AI providers based on their privacy and security standards
4. Cookies and Tracking Technologies
4.1 What Are Cookies?
Cookies are small text files stored on your device that help websites function properly and collect information about your visit.
4.2 Types of Cookies We Use
Essential Cookies (Required):
Enable basic website functionality
Remember your login status
Maintain security features
Cannot be disabled without affecting site functionality
Analytics Cookies (Optional):
Google Analytics - tracks website usage and visitor behavior
Help us understand which features are most valuable
Allow us to improve website performance
Can be disabled through cookie preferences
Marketing Cookies (Optional):
Track effectiveness of marketing campaigns
Remember your preferences
Personalize your experience
Can be disabled through cookie preferences
4.3 Managing Cookies
You can control cookies through:
Your browser settings (disable or delete cookies)
Our cookie consent banner (manage preferences)
Browser extensions for enhanced privacy
Opt-out links for specific services (like Google Analytics)
Note: Disabling essential cookies may affect website functionality.
4.4 Other Tracking Technologies
We may also use:
Web beacons (tracking pixels) in emails to measure open rates
Local storage for saving user preferences
Analytics scripts to understand user behavior
5. How We Share Your Information
We do not sell your personal information. We share information only in the following circumstances:
5.1 With Service Providers
We share data with trusted third-party providers who help us deliver services:
Infrastructure and Hosting:
Google Cloud (data storage and hosting)
Communication Services:
Twilio (phone and SMS services)
AI Processing:
OpenAI (AI language processing)
Payment Processing:
Stripe (payment and billing)
Business Tools:
GoHighLevel (CRM and marketing automation)
Analytics:
Google Analytics (website analytics)
These providers:
Are contractually obligated to protect your data
May only use data to provide services to us
Must comply with applicable privacy laws
Are carefully vetted for security standards
5.2 With Our Clients
If you are an end user interacting with AI systems:
Your interaction data is shared with our client (the business you're contacting)
Our clients are the data controllers for end user data
Our clients determine how long to retain your information
You should review our client's privacy policy for how they use your data
5.3 For Legal Reasons
We may disclose information when required to:
Comply with legal obligations, court orders, or subpoenas
Enforce our Terms of Service or other agreements
Protect our rights, property, or safety
Protect the rights, property, or safety of others
Prevent fraud or security threats
Respond to lawful government requests
5.4 Business Transfers
If Maben Marketing is involved in a merger, acquisition, sale of assets, or bankruptcy:
Your information may be transferred to the successor entity
We will notify you before your information is transferred
The new entity will be bound by this Privacy Policy
5.5 With Your Consent
We may share information for other purposes with your explicit consent.
6. Data Security
6.1 Security Measures
We implement industry-standard security measures to protect your information:
Technical Safeguards:
Data encryption in transit (TLS/SSL)
Data encryption at rest on Google Cloud
Secure API connections with third-party services
Regular security updates and patches
Firewalls and intrusion detection systems
Access controls and authentication requirements
Administrative Safeguards:
Limited employee access to personal data (need-to-know basis)
Background checks for team members with data access
Regular security training for staff
Confidentiality agreements with employees and contractors
Incident response procedures
Physical Safeguards:
Secure data centers (Google Cloud facilities)
Physical access controls at our facilities
Secure disposal of physical records
6.2 Data Breach Procedures
In the event of a data breach:
We will:
Investigate and contain the breach immediately
Assess the scope and impact of the breach
Notify affected individuals within 72 hours (as required by law)
Notify relevant regulatory authorities as required
Provide details about what data was affected
Explain steps we're taking to mitigate harm
Offer guidance on protective measures you can take
Notification will include:
Date and time of the breach
Type of information compromised
Steps we've taken to address the breach
Recommended actions for affected individuals
Contact information for questions
6.3 Limitations
While we implement strong security measures:
No system is 100% secure
Internet transmission is never completely secure
You are responsible for maintaining your password security
You should use strong, unique passwords
You should notify us immediately of any unauthorized access
7. Data Retention
7.1 How Long We Keep Your Data
We retain personal information only as long as necessary for legitimate business purposes and legal compliance:
Client Account Data:
Active accounts: Retained for the duration of your service
Closed accounts: Deleted within 30 days unless legally required to retain longer
Financial records: Retained for 7 years for tax and accounting purposes
AI Conversation Data:
Voice recordings: Retained for 90 days by default (configurable by client)
Chat transcripts: Retained for 1 year by default (configurable by client)
Training data: Retained while improving your specific AI system
Anonymized analytics: May be retained indefinitely
Marketing Communications:
Contact lists: Retained until you opt out or request deletion
Email engagement data: Retained for 2 years
Website Analytics:
Cookie data: Expires after periods ranging from session to 2 years
Analytics reports: Retained indefinitely in anonymized form
Legal and Compliance Records:
Records required by law: Retained for legally mandated periods
Dispute-related records: Retained until resolution plus applicable limitation periods
7.2 Deletion Exceptions
We may retain information longer when:
Required by law or regulation
Needed for legitimate business purposes (pending disputes, audits)
Necessary to enforce our agreements
Required for legal defense
Retained in anonymized or aggregated form
7.3 End User Data Retention
For end users interacting with our clients' AI systems:
Our clients determine retention periods for your interaction data
We follow our clients' instructions for data retention and deletion
You should contact the business you interacted with for their specific policies
8. Your Privacy Rights
8.1 Rights for All Users
You have the following rights regarding your personal information:
Right to Access:
Request a copy of the personal information we hold about you
Receive information about how we process your data
Obtain data in a structured, commonly used format
Right to Correction:
Request correction of inaccurate or incomplete information
Update your account information directly through your dashboard
Right to Deletion:
Request deletion of your personal information
Subject to legal retention requirements and legitimate business needs
Right to Restrict Processing:
Request that we limit how we use your information
Particularly while we investigate accuracy disputes
Right to Object:
Object to processing based on legitimate interests
Opt out of marketing communications at any time
Right to Data Portability:
Receive your data in a portable format
Request transfer to another service provider (where technically feasible)
8.2 Additional Rights Under GDPR (European Users)
If you are in the European Economic Area (EEA), you have additional rights:
Right to withdraw consent at any time (where processing is based on consent)
Right to lodge a complaint with your local data protection authority
Right to object to automated decision-making and profiling
Right to receive information about international data transfers
8.3 Additional Rights Under CCPA (California Residents)
If you are a California resident, you have the right to:
Know what personal information we collect, use, disclose, and sell
Request deletion of your personal information
Opt out of the "sale" of personal information (we do not sell information)
Non-discrimination for exercising your privacy rights
Request specific pieces of information we've collected about you
California Shine the Light Law: You may request information about our disclosure of personal information to third parties for direct marketing purposes.
8.4 Additional Rights Under Other Laws
We comply with privacy laws in all jurisdictions where we operate, including:
Virginia Consumer Data Protection Act (VCDPA)
Colorado Privacy Act (CPA)
Utah Consumer Privacy Act (UCPA)
Connecticut Data Privacy Act (CTDPA)
Other state and federal privacy regulations
8.5 How to Exercise Your Rights
To exercise any of these rights:
Contact us via:
Email: [email protected]
Mail: W196N5033 Sequoia Ct., Menomonee Falls, WI 53051
Include in your request:
Your full name and contact information
Description of your request
Proof of identity (to prevent unauthorized access)
Specific data or records you're requesting (if applicable)
Response Timeline:
We will respond within 30 days (45 days for complex requests)
We will verify your identity before fulfilling requests
We will notify you if we need additional time
We will explain if we cannot fulfill your request
No Fees:
Exercising your privacy rights is free
We may charge a reasonable fee for excessive, repetitive, or unfounded requests
8.6 End User Rights
If you are an end user who interacted with our client's AI system:
You may have rights regarding data held by our client
Contact the business you interacted with directly
We will assist our clients in fulfilling your requests where we can
You can also contact us, and we'll direct you to the appropriate party
9. Call Recording and Transcription
9.1 Recording Notice
When AI voice agents answer calls:
Calls may be recorded for quality assurance, training, and compliance
Recording disclosures are provided as required by law
In two-party consent states, consent is requested before recording
You may decline to be recorded (though this may limit service availability)
9.2 Purpose of Recordings
Call recordings are used to:
Improve AI voice agent accuracy and naturalness
Train AI systems on your specific business needs
Provide quality assurance for our clients
Resolve disputes or customer service issues
Comply with legal and regulatory requirements
9.3 Access to Recordings
Our clients can access recordings of calls to their business
We may access recordings for technical support and quality assurance
Recordings are stored securely and access is logged
Unauthorized access is prohibited and monitored
9.4 Transcription Process
Voice recordings are transcribed using AI technology
Transcripts are stored alongside recordings
Transcripts are used for analysis and reporting
Transcripts may be searchable by our clients
9.5 Retention of Recordings
Recordings are retained for 90 days by default (configurable)
Clients may retain recordings longer for compliance needs
Recordings are securely deleted after the retention period
Deletion is irreversible unless legally required to retain
10. Marketing Communications
10.1 Types of Communications
We may send you:
Service-Related Communications (Cannot Opt Out):
Account notifications and updates
Service changes or interruptions
Billing and payment confirmations
Security alerts
Responses to your inquiries
Marketing Communications (Can Opt Out):
Promotional emails about new features
Product updates and announcements
Educational content and tips
Special offers and discounts
Newsletters and industry insights
10.2 How to Opt Out
You can unsubscribe from marketing emails:
Via Email:
Click the "Unsubscribe" link at the bottom of any marketing email
Takes effect within 10 business days
Via Account Settings:
Log into your account
Update communication preferences
Choose which types of emails you want to receive
Via Direct Contact:
Email [email protected] with "Unsubscribe" in the subject line
Include the email address you want to remove
Note: Opting out of marketing emails does not stop service-related communications necessary for your account.
10.3 SMS/Text Messages
If you provide consent to receive SMS messages:
You can opt out at any time by replying "STOP"
Standard message and data rates may apply
We only send texts you've explicitly agreed to receive
10.4 Phone Calls
We may call you regarding:
Your account or services
Support requests you've initiated
Sales inquiries (with your permission)
To opt out of marketing calls:
Tell us during the call
Email [email protected]
Update your communication preferences
11. Children's Privacy
11.1 Age Restrictions
Our services are not intended for children under 18 years of age:
We do not knowingly collect information from minors
We do not target marketing to children
Our AI systems are designed for business use, not child interactions
11.2 Definition of Children
For purposes of this policy:
"Child" means anyone under 18 years old
"Minor" means anyone under the age of majority in their jurisdiction
We comply with the Children's Online Privacy Protection Act (COPPA) and similar laws
11.3 If We Learn We Have Child Data
If we discover we have collected information from a child:
We will delete the information as quickly as possible
We will not use the information for any purpose
We will notify relevant parties as appropriate
11.4 Parental Notice
If you believe we have collected information from a child:
Contact us immediately at [email protected]
Provide details about the information collected
We will investigate and take appropriate action
11.5 AI Systems and Minors
If our clients' AI systems may interact with minors:
Our clients are responsible for obtaining parental consent
Our clients must implement appropriate safeguards
Our clients should have their own policies regarding minors
We recommend clients use age verification measures
12. International Data Transfers
12.1 Data Storage Location
Your information is primarily stored in:
United States (Google Cloud servers)
Data may be processed in other countries where our service providers operate
12.2 Cross-Border Transfers
If you are located outside the United States:
Your information may be transferred to the U.S.
The U.S. may have different data protection laws than your country
We take steps to ensure appropriate safeguards are in place
12.3 Safeguards for International Transfers
We protect international data transfers through:
For EEA/UK Users:
Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions where available
Other legally recognized transfer mechanisms
For All International Users:
Contractual obligations with service providers
Technical and organizational security measures
Regular compliance reviews
12.4 Your Rights Regarding International Transfers
If you are in the EEA or UK:
You have the right to information about international transfers
You can request a copy of transfer safeguards
You can object to transfers in certain circumstances
12.5 Country-Specific Considerations
European Economic Area (EEA) and United Kingdom:
We comply with GDPR requirements
We have a lawful basis for all data processing
You have enhanced rights under GDPR (see Section 8)
Canada:
We comply with PIPEDA where applicable
Cross-border transfers are documented and protected
Other Countries:
We comply with local data protection laws
We adapt our practices to meet regional requirements
13. Third-Party Links and Services
13.1 Third-Party Websites
Our website may contain links to third-party websites:
We are not responsible for third-party privacy practices
Third-party sites have their own privacy policies
We encourage you to read their policies before providing information
Links do not imply endorsement of third-party practices
13.2 Third-Party Services We Use
We integrate with third-party services:
GoHighLevel:
CRM and marketing automation platform
Processes client and end user data
Subject to GoHighLevel's privacy policy
Twilio:
Communication infrastructure for calls and SMS
Processes phone numbers and call data
Subject to Twilio's privacy policy
OpenAI:
AI language processing
Processes conversation data for AI responses
Subject to OpenAI's privacy policy and API terms
Stripe:
Payment processing
Handles credit card and payment information
Subject to Stripe's privacy policy and PCI-DSS standards
Google Cloud:
Data hosting and storage
Processes all stored data
Subject to Google Cloud's privacy policy
Google Analytics:
Website analytics and tracking
Collects usage and behavior data
Subject to Google's privacy policy
Can be opted out via browser settings or Google's opt-out tools
13.3 Social Media Integration
If we integrate social media features:
Social networks may track your activity
Social plugins are subject to each network's privacy policy
We do not control social media data collection
13.4 Your Responsibility
When using third-party services:
Review their privacy policies independently
Understand how they use your information
Contact them directly with privacy questions
Exercise your rights with them separately
14. Changes to This Privacy Policy
14.1 Right to Modify
We reserve the right to update this Privacy Policy at any time to reflect:
Changes in our practices or services
Legal or regulatory requirements
Technological developments
Business changes
14.2 Notice of Changes
When we update this policy:
We will post the new policy on our website
We will update the "Last Updated" date at the top
For material changes, we will notify you via: Email to your registered email address Prominent notice on our website Notification in your account dashboard
14.3 Material Changes
Material changes include:
New types of data collection
Significant changes to data usage
Changes to data sharing practices
Reduced privacy protections
Changes to your rights
14.4 Effective Date of Changes
Changes take effect 30 days after posting for material changes
Non-material changes (clarifications, formatting) may be effective immediately
Continued use after the effective date constitutes acceptance
14.5 Reviewing Changes
We encourage you to:
Review this Privacy Policy periodically
Stay informed about how we protect your information
Contact us with questions about changes
14.6 Objecting to Changes
If you do not agree to updated terms:
You may terminate your account before the effective date
Contact us at [email protected] to discuss concerns
After the effective date, continued use means acceptance
14.7 Version History
We maintain a record of previous policy versions:
Available upon request
Shows what changed and when
Contact [email protected] for historical versions
15. Contact Us
15.1 Privacy Questions and Requests
For any privacy-related questions, concerns, or requests:
Email: [email protected]
Subject Line: Privacy Inquiry
Mail:
Maben Marketing
Attn: Privacy Officer
W196N5033 Sequoia Ct.
Menomonee Falls, WI 53051
Website: www.mabenmarketing.com
15.2 Response Time
We will respond to privacy inquiries:
Within 30 days for general questions
Within timeframes required by applicable law for rights requests
Within 45 days for complex requests (with notification)
15.3 Data Protection Officer
For users in jurisdictions requiring a Data Protection Officer:
Contact: [email protected]
Include "DPO" in your subject line
15.4 Supervisory Authority
If you are in the EEA or UK and are unsatisfied with our response:
You have the right to lodge a complaint with your local data protection authority
Contact information for EU data protection authorities: https://edpb.europa.eu/about-edpb/board/members_en
UK Information Commissioner's Office: https://ico.org.uk/
15.5 What to Include in Your Request
When contacting us, please include:
Your full name and contact information
Description of your question or request
Relevant account information (if applicable)
Any supporting documentation
Preferred method of response
16. Compliance and Certifications
16.1 Legal Compliance
We comply with:
General Data Protection Regulation (GDPR) - EU/EEA
California Consumer Privacy Act (CCPA) - California
Virginia Consumer Data Protection Act (VCDPA) - Virginia
Other applicable U.S. state privacy laws
Telephone Consumer Protection Act (TCPA)
CAN-SPAM Act
Children's Online Privacy Protection Act (COPPA)
16.2 Industry Standards
We follow:
Industry best practices for data security
NIST Cybersecurity Framework guidelines
OWASP security recommendations
ISO 27001 principles (information security management)
16.3 Service Provider Compliance
Our third-party providers maintain:
SOC 2 Type II certification (Google Cloud, Stripe)
PCI-DSS compliance (Stripe for payment processing)
GDPR compliance commitments
Industry-specific security standards
16.4 Regular Audits
We conduct:
Annual privacy practice reviews
Regular security assessments
Vendor compliance verification
Data processing audits
17. Special Situations
17.1 California "Do Not Track" Signals
Some browsers offer "Do Not Track" (DNT) signals
There is no industry consensus on responding to DNT
We do not currently respond to DNT signals
You can control tracking through cookie settings and opt-outs
17.2 Anonymous Data
We may collect and use anonymous or de-identified data:
Data that cannot reasonably identify you
Used for analytics, research, and improvements
Not subject to this Privacy Policy once truly anonymized
May be shared or used without restriction
17.3 Aggregated Data
We create aggregated data from personal information:
Combined data from multiple users
No individual can be identified
Used for business analytics and reporting
May be shared publicly or with partners
17.4 Research and Development
We may use data for research purposes:
Always in compliance with applicable laws
With appropriate safeguards in place
May involve academic or commercial research
Results may be published in anonymized form
17.5 Training and Quality Assurance
We use data to train our team:
Customer service training (with identifying information removed when possible)
Quality assurance reviews
Performance improvement
Compliance training
18. Accessibility
18.1 Accessible Privacy Policy
We are committed to making this Privacy Policy accessible to everyone:
Available in plain English
Structured with clear headings
Available in alternative formats upon request
18.2 Requesting Alternative Formats
If you need this Privacy Policy in an alternative format:
Contact [email protected]
Specify your preferred format (large print, audio, Braille, etc.)
We will provide it within a reasonable timeframe
19. Definitions
Personal Information: Information that identifies, relates to, or could reasonably be linked with you.
Processing: Any operation performed on personal data, including collection, storage, use, disclosure, or deletion.
Data Controller: The entity that determines the purposes and means of processing personal data (typically our clients for end user data).
Data Processor: The entity that processes personal data on behalf of a data controller (our role for client customer data).
Consent: Freely given, specific, informed, and unambiguous agreement to processing of personal data.
Anonymization: Irreversibly altering data so individuals cannot be identified.
De-identification: Removing identifying information so individuals cannot be readily identified.
End User: An individual who interacts with AI systems we've deployed for our clients.
20. Acknowledgment
By using our services or website, you acknowledge that:
You have read and understood this Privacy Policy
You agree to the collection, use, and disclosure of your information as described
You understand your privacy rights and how to exercise them
You consent to international data transfers where applicable
IMPORTANT LEGAL NOTICE:
This Privacy Policy is provided for informational purposes and represents our current privacy practices. Privacy laws vary by jurisdiction and are subject to change. This policy does not constitute legal advice. We recommend consulting with a qualified attorney to ensure compliance with all applicable privacy laws in your jurisdiction.
For privacy-related questions: [email protected]
End of Privacy Policy
Document Version: 1.0
Review Frequency: Annually or as needed for legal/business changes