Privacy Policy

PRIVACY POLICY

Last updated: March 19, 2026

This Privacy Notice for Acira AI LLC ("we," "us," or "our"), describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

Visit our website at https://www.acira.ai or any website of ours that links to this Privacy Notice
Use any application or tool of ours that links to this Privacy Notice
Use Acira AI. Acira AI LLC is a software-as-a-service (SaaS) platform that enables businesses and individuals to create, manage, and host AI-powered websites through a conversational interface. The company provides website building, hosting, domain registration, and related digital services to customers worldwide.
Engage with us in other related ways, including any marketing or events

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at legal@acira.ai.

Acira AI as a Platform Provider. Acira AI enables you to create and host websites that may collect personal data from your own website visitors (through forms, chatbot interactions, user accounts, and other features). This Privacy Notice applies to you as a user of our platform ("Platform User"). If you are a visitor to a website built on Acira AI, that website's owner is responsible for their own privacy practices and for informing you about how your data is collected and used. Acira AI acts as a data processor on behalf of website owners for visitor data collected through their websites. For basic visitor analytics data that the platform collects automatically, Acira AI and the website owner act as joint controllers — see our Data Processing Addendum for the details of this arrangement, including each party's responsibilities. For all other visitor data, Acira AI acts solely as a data processor on your behalf.

Data Processing Addendum. If you use the Services and your website collects or processes personal data of individuals located in the European Economic Area (EEA), the United Kingdom, or Switzerland, our Data Processing Addendum (DPA) automatically applies to you and is incorporated into this Privacy Notice and our Terms and Conditions by reference. You do not need to separately sign the DPA — it takes effect automatically upon your acceptance of our Terms and Conditions. The DPA sets out the terms under which we process personal data on your behalf, including our obligations regarding sub-processors, data security, and international data transfers.

This Privacy Notice may be translated into other languages for your convenience. In the event of any conflict or inconsistency between the English version and any translated version, the English version shall prevail.

SUMMARY OF KEY POINTS

This summary provides key points from our Privacy Notice, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. Learn more about personal information you disclose to us.

Do we process any sensitive personal information? Some of the information may be considered "special" or "sensitive" in certain jurisdictions, for example your racial or ethnic origins, sexual orientation, and religious beliefs. We do not intentionally collect or process sensitive personal information. As a platform provider, we do not control what information website owners choose to collect from their visitors.

Do we collect any information from third parties? We may receive limited information from service providers that assist us in delivering our Services, such as payment confirmation data from our payment processor. We do not purchase personal information from data brokers or other third-party sources.

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information.

In what situations and with which parties do we share personal information? We may share information in specific situations and with specific third parties. Learn more about when and with whom we share your personal information.

How do we keep your information safe? We have adequate organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Learn more about how we keep your information safe.

What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. Learn more about your privacy rights.

How do you exercise your rights? The easiest way to exercise your rights is by visiting legal@acira.ai, or by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.

Want to learn more about what we do with any information we collect? Review the Privacy Notice in full.

WHAT INFORMATION DO WE COLLECT?
HOW DO WE PROCESS YOUR INFORMATION?
WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?
HOW DO WE USE COOKIES AND SIMILAR TECHNOLOGIES?
INTERNATIONAL DATA TRANSFERS
HOW LONG DO WE KEEP YOUR INFORMATION?
HOW DO WE KEEP YOUR INFORMATION SAFE?
DO WE COLLECT INFORMATION FROM MINORS?
WHAT ARE YOUR PRIVACY RIGHTS?
CONTROLS FOR DO-NOT-TRACK AND GLOBAL PRIVACY CONTROL
DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?
DO WE MAKE UPDATES TO THIS NOTICE?
HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

Personal Information You Disclose to Us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

Email addresses
Names
Phone numbers (if provided for registration or contact)

Content You Create and Upload. When you use our Services, we store the content you create, upload, or provide through our platform, including:

Website content, templates, and design assets you create using our tools
Files and media you upload (such as images, videos, and documents)
Conversations and messages you exchange with our AI assistants
Database records and structured content you create for your websites

Social Media and External Platform Data. During website setup, you may direct us to import content from external platforms such as Facebook, Instagram, Google Maps, or Yelp. When you do, we collect and store publicly available business information from those platforms, including business descriptions, ratings, reviews, photos, addresses, phone numbers, and operating hours. This data is used to help build your website and is retained as part of your website content.

Social media profile URLs you provide (such as links to your Facebook page, Instagram profile, Google Maps listing, or Yelp page) are stored as part of your website configuration.

Billing and Subscription Data. When you subscribe to a plan or purchase services (such as domain registration), we collect and maintain records of your subscription status, plan details, purchase history, and invoicing information.

Sensitive Information. We do not intentionally collect or process sensitive personal information (such as racial or ethnic origin, religious beliefs, health data, or sexual orientation). However, as a platform provider, we do not control what information website owners choose to collect from their visitors through forms and other interactive features. Website owners are solely responsible for ensuring their data collection practices comply with applicable laws, including obtaining any required consents for sensitive data.

Payment Data. We may collect data necessary to process your payment if you choose to make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is handled and stored by Stripe. You may find their privacy notice link(s) here: https://stripe.com/privacy.

Technical Data. When you access our Services, we automatically collect certain technical information, including your Internet Protocol (IP) address, browser type and version, operating system, and general geographic location (country and region-level, derived from your IP address). This information is used to maintain the security and operation of our Services, for troubleshooting, and for our internal analytics and reporting purposes. We also store your IP address in connection with account creation and authentication events for security, rate-limiting, and fraud prevention purposes. We maintain error and diagnostic logs that may include technical identifiers such as IP addresses, request paths, and error details for up to 30 days to support troubleshooting and platform reliability.

Referral and Attribution Data. When you create an account, we may record referral and marketing attribution data, such as how you discovered or arrived at our Services. This information is used solely for our internal analytics to understand the effectiveness of our marketing efforts and is not shared with third parties.

We also record when you accept or are presented with our terms of service, including a timestamp and the version accepted, for compliance record-keeping purposes. We track general activity timestamps (such as the date of your last login or interaction) to manage account status, detect inactivity, and provide service features.

Information Collected via Email. If you contact us by email, we may automatically create an account on your behalf using the email address and name from your email headers. We also detect the language of your message to provide responses in your preferred language.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information from Service Providers

We may receive limited information from third-party service providers that help us deliver our Services. For example, our payment processor may notify us of the status of a transaction, our email delivery provider may inform us of undeliverable messages, or our web data collection services may return publicly available information you requested. This information is used solely to maintain and improve our Services.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We process the personal information for the following purposes listed below. We may also process your information for other purposes only with your prior explicit consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
To fulfill and manage your orders. We may process your information to fulfill and manage your orders, payments, returns, and exchanges made through the Services.
To ensure platform safety and integrity. We may use automated systems to detect spam, moderate content, and prevent abuse or misuse of our Services. Learn more about this in "Do We Offer Artificial Intelligence-Based Products?"
To generate file descriptions. When you upload files such as images and documents, we may use AI to generate descriptive metadata to improve accessibility and organization of your content.
To send you product recommendations based on your usage. We may analyze your usage of platform features and services to send you personalized suggestions about features, tools, or plan capabilities that may be relevant to you.
To provide relevant product recommendations based on your website. We may analyze the general characteristics of your website (such as your industry or business type) to send you personalized suggestions about platform features, resources, or services that may be relevant to your business. We do not share this information with third parties for their marketing purposes.
To measure marketing effectiveness. We may process referral and attribution data associated with your account to understand how users discover our Services and to evaluate the effectiveness of our marketing efforts in aggregate. This data is not used for targeted advertising or shared with third parties.
To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

If You Are Located in the EU or UK

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. Learn more about withdrawing your consent.
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
Legitimate Interests. We may process your personal information when we believe it is reasonably necessary to achieve our legitimate business interests, provided those interests do not override your interests or fundamental rights and freedoms. For example, we may process your information to ensure platform safety, detect fraud, or improve our Services.
Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

Legal Basis Mapping

The following table maps each processing activity to its primary legal basis under the GDPR:

Processing Activity	Legal Basis
Account creation and authentication	Performance of a Contract
Providing and delivering the Services	Performance of a Contract
Processing payments and subscriptions	Performance of a Contract
Responding to support inquiries	Performance of a Contract
Sending administrative and service-related emails	Performance of a Contract
File processing (conversion, optimization)	Performance of a Contract
AI-powered website creation and editing	Performance of a Contract
AI content generation and translation	Performance of a Contract
Platform analytics (aggregated)	Legitimate Interests
Marketing attribution and effectiveness measurement	Legitimate Interests
Platform safety and content moderation	Legitimate Interests
Fraud prevention and security (IP logging)	Legitimate Interests
Spam detection	Legitimate Interests
Error and diagnostic logging	Legitimate Interests
Compliance with legal obligations (law enforcement, DMCA)	Legal Obligation
CSAM detection and reporting	Legal Obligation
Protecting vital interests	Vital Interests
Product recommendations based on feature usage	Legitimate Interests
Industry-based product recommendations	Legitimate Interests
Marketing communications	Consent

If You Are Located in Canada

We may process your information if you have given us specific permission (i.e., express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time.

In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:

If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
For investigations and fraud detection and prevention
For business transactions provided certain conditions are met
If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim
For identifying injured, ill, or deceased persons and communicating with next of kin
If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse
If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province
If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records
If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced
If the collection is solely for journalistic, artistic, or literary purposes
If the information is publicly available and is specified by the regulations

We may disclose de-identified information for approved research or statistics projects, subject to ethics oversight and confidentiality commitments.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following third parties.

We may need to share your personal information in the following situations:

Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

Service Providers

We use the following categories of third-party service providers to help us deliver our Services. Your information may be processed by these providers in accordance with their respective privacy policies:

Cloud Infrastructure and Edge Network. We use Cloudflare and Amazon Web Services (AWS) for infrastructure services including content delivery, edge computing, website hosting, data storage, email delivery, domain registration, content moderation, and other services. For EU-based users, website visitor data stored on our edge infrastructure is jurisdictionally restricted to the European Union, and automated visitor-facing operations (such as content submission notifications and transactional email delivery) are processed within the EU. When you access your visitor data through the platform dashboard or conversational interface, it may be processed through our US-based infrastructure. Your data may be processed across multiple geographic regions through these providers.
Payment Processing. We use Stripe to process payments, manage subscriptions, and handle billing. See Stripe's privacy policy.
AI and Machine Learning. We use AI service providers as described in "Do We Offer Artificial Intelligence-Based Products?"
Web Data Collection. When you use features that gather publicly available information from the web (such as importing content for your website or tracking search engine keyword rankings), we may use third-party services, including BrightData and ScreenshotOne, to retrieve this publicly accessible data on your behalf.
File Processing. We use third-party services, including CloudConvert, to convert files you upload into formats suitable for web delivery. We may also use AI services to generate descriptive metadata for uploaded files (such as image alt text) to improve accessibility.
A complete list of subprocessors and their purposes is available in our Data Processing Addendum.

5. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?

In Short: We offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies.

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies (collectively, "AI Products"). These tools are designed to enhance your experience and provide you with innovative solutions. The terms in this Privacy Notice govern your use of the AI Products within our Services.

Use of AI Technologies

We provide the AI Products through third-party service providers ("AI Service Providers"). We use multiple providers for text generation, image generation, and content safety, including cloud-based AI inference services and image generation APIs. These providers may host and run a variety of open-source and proprietary AI models on their infrastructure to deliver our Services. A complete list of current AI Service Providers is available in our Data Processing Addendum. As outlined in this Privacy Notice, your input, output, and personal information will be shared with and processed by these AI Service Providers to enable your use of our AI Products for purposes outlined in "What Legal Bases Do We Rely on to Process Your Personal Information?" You must not use the AI Products in any way that violates the terms or policies of any AI Service Provider.

Our AI Products

Our AI Products are designed for the following functions:

AI-powered website creation and editing through conversational interfaces
AI translation of website content
AI-assisted content generation and copywriting
Image generation for websites
AI-powered chatbots on websites created through our platform

How We Process Your Data Using AI

All personal information processed using our AI Products is handled in line with our Privacy Notice and our agreement with third parties. This ensures high security and safeguards your personal information throughout the process, giving you peace of mind about your data's safety.

What data is shared with AI Service Providers. To deliver our AI Products, we may share the following information with our AI Service Providers:

Your name, email address, and language preference (to personalize responses)
Your conversation messages and history with our AI assistants
Website content, templates, and design data you are working on
Files you upload (such as images, documents, and videos) for analysis or processing

We share only the data necessary to fulfill the specific AI-powered function you are using.

Your data is not used for AI training. We do not use your personal information, content, conversations, or any data you provide through our Services to train, fine-tune, or improve AI models. Your data is processed solely to deliver the Services you request.

AI-Generated Content Transparency

Content generated through our AI tools (including website text, images, and translations) is produced by artificial intelligence. Websites created through our platform may include AI-generated content. Our conversational interface is powered by AI, and users interact with an AI assistant, not a human agent.

Automated Decision-Making

We use automated systems in the following ways that may affect your use of our Services:

Content Moderation. Files you upload may be automatically analyzed using AWS content moderation services and AI-based safety review to detect content that violates our policies (such as harmful or illegal material). Files that are flagged may be rejected or removed.
Website Content Review. When websites are published through our platform, their content may be automatically reviewed using AI-based safety models to detect violations of our content policies (such as explicit content, hate speech, scams, or illegal material). Websites that are flagged may be subject to review or restriction.
Safety and Abuse Prevention. We may automatically flag or restrict accounts or content that appear to violate our terms of service, based on patterns of activity.

These automated processes are used to protect the safety and integrity of our platform. If you believe an automated decision has been made about you in error, you may contact us to request a human review at legal@acira.ai.

6. HOW DO WE USE COOKIES AND SIMILAR TECHNOLOGIES?

In Short: We use cookies solely for essential platform functionality, not for tracking or advertising.

Cookies We Use

We use a limited number of strictly necessary cookies to operate our Services:

Refresh Token Cookie. When you log in to your account, we set a secure, HTTP-only cookie containing an encrypted refresh token. This cookie is restricted to our API domain's token endpoint, has a 30-day expiry, and cannot be accessed by third-party scripts. Your access token is stored in browser memory only and is never persisted to cookies or local storage.
Language Preference Cookie. When you select a language on our website, we set a cookie containing your language preference with a one-year expiry. This cookie is used solely to remember your language selection across visits.

These cookies are classified as strictly necessary under the ePrivacy Directive (2002/58/EC) because they are essential for the platform to function and cannot be disabled without losing access to core features such as account login. Because these cookies are strictly necessary for the provision of the Services you have expressly requested, they do not require consent under EU/UK cookie laws. We do not set any cookies that would require prior consent under the ePrivacy Directive, and we do not use cookies for analytics, advertising, or tracking purposes on our platform.

Browser Local Storage

We use your browser's local storage for non-identifying preferences such as language selection and interface layout settings. No personal information is stored in local storage.

Analytics and Tracking

We do not use cookies for analytics or tracking purposes on our platform.

Third-Party Cookies

We do not allow third-party advertising or tracking cookies on our platform.

Third-Party Links

Our Services may contain links to third-party websites, services, or resources that are not owned or controlled by us. We are not responsible for the privacy practices, content, or data collection of any third-party websites or services. We encourage you to review the privacy policies of any third-party websites you visit. This Privacy Notice applies solely to information collected through our Services.

7. INTERNATIONAL DATA TRANSFERS

In Short: Your data may be transferred to and processed in countries other than your own.

Our Services are operated using infrastructure providers with a global presence. Your personal information may be transferred to, stored, and processed in countries outside of your country of residence, including the United States, where our primary operations are based.

How We Transfer Data

Cloud Infrastructure. Our cloud computing and data storage providers operate data centers in multiple regions worldwide. Your data may be processed in any region where our infrastructure providers maintain facilities.
Edge Network. Our content delivery and edge computing provider processes requests at network locations around the world to provide fast and reliable service. Websites hosted through our platform are served from the nearest edge location to the visitor, meaning request data is initially processed in whatever country the visitor is located in before being routed to our primary infrastructure.
EU Data Residency. For EU-based platform users, website visitor data stored on our edge infrastructure (including form submissions, chatbot conversations, and session data) is jurisdictionally restricted to the European Union. Automated visitor-facing operations — such as content submission notifications and transactional email delivery — are also processed within the EU for these users. When you access your visitor data through the platform dashboard or conversational interface, it may be processed through our US-based infrastructure to fulfill your request.

Safeguards for International Transfers

When your personal information is transferred outside your country of residence, we ensure that appropriate safeguards are in place to protect your data, including:

For transfers from the EEA, UK, or Switzerland: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally recognized transfer mechanisms, to ensure your data receives an adequate level of protection.
For transfers from Canada: We ensure that your personal information receives a comparable level of protection as required under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. We rely on contractual commitments with our service providers that require them to protect your data to a standard consistent with Canadian privacy law.
Service provider agreements: We enter into data processing agreements with our service providers that require them to protect your personal information in accordance with this Privacy Notice and applicable law.

For details on our data transfer mechanisms and supplementary measures, please refer to our Data Processing Addendum and our Transfer Impact Assessment. If you would like more information about the specific safeguards applied to transfers of your data, please contact us at legal@acira.ai.

8. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us.

Retention Periods

The following table describes how long we retain different categories of data:

Data Category	Retention Period
Account information (name, email, phone)	Duration of your account
Temporary accounts (unverified)	Automatically deleted after 30 days of inactivity
Conversations with our AI assistant (via app)	Duration of your account
Conversations with our AI assistant (via email)	6 months from last activity
Website content, templates, and databases	Duration of the associated website
Files and media uploads	Duration of the associated website
Deployment history and backups	Duration of the associated website
Billing and payment records	Duration of your account; Stripe maintains its own records in accordance with applicable financial regulations
IP addresses for rate-limiting and authentication	Up to 7 days
IP address at account creation	Duration of your account (for fraud prevention)
Platform analytics	Duration of the platform
Error and diagnostic logs	Up to 30 days
Temporary processing files (file conversions, crawled data)	Automatically deleted within 24 hours

Account Deletion

You may request deletion of your account at any time through your account settings or by contacting our AI assistant. Upon requesting deletion:

Your account will be scheduled for deletion with a 7-day grace period, during which you may cancel the request.
After the grace period, your account and all associated data — including website content, files, conversations, analytics, and any other records tied to your account — will be permanently and irreversibly purged from our systems.
Active subscriptions will be canceled and any applicable refunds processed in accordance with our terms.

Inactive Website Deletion

Websites on the free plan that do not have a custom domain and have been inactive for six (6) months or more may be scheduled for deletion. We will send a notice to the contact information associated with your account at least seven (7) days before the scheduled deletion date. If you do not reactivate your website before the scheduled date, the website and all associated data will be permanently deleted. Deletion notices are always sent regardless of your account's notification preferences.

Data Associated with Websites

When a website is deleted, all associated data (including content, files, analytics, domain configurations, and visitor data) is permanently removed following the same deletion process.

Post-Deletion Retention

After deletion is complete, all billing and payment records stored on our platform are permanently deleted. Our payment processor (Stripe) independently maintains its own transaction records in accordance with applicable financial regulations, PCI DSS requirements, and its own data retention policies. We do not retain your personal information for marketing or profiling purposes after account deletion.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Anonymized and Aggregated Data

Where we retain anonymized or aggregated data after account or website deletion, such data has been irreversibly transformed so that it can no longer identify you, either directly or in combination with other data. Anonymized data is no longer considered personal information under applicable data protection laws and is therefore not subject to data subject access, correction, or deletion requests. We may use anonymized and aggregated data indefinitely for analytics, reporting, and service improvement purposes.

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. These measures include:

Encryption of data in transit using TLS/HTTPS
Encryption of data at rest
Access controls and authentication for all internal systems
Regular security assessments of our infrastructure and service providers
Least-privilege access policies for our team and automated systems

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

Data Breach Notification

In the event of a security breach that affects your personal information, we will:

Notify affected users without undue delay and, where required by law, within the timeframes mandated by applicable regulations (such as 72 hours under GDPR). Notification will be sent via email to the address associated with your account. If email delivery is not possible (for example, if your email address has been marked as undeliverable), we will attempt to notify you through alternative means available to us, such as in-app notification or by posting a prominent notice on our platform.
Notify relevant supervisory authorities as required by applicable law
Provide information about the nature of the breach, the types of data affected, and the measures we are taking in response
Offer guidance on steps you can take to protect yourself

10. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age or the equivalent age as specified by law in your jurisdiction.

We do not knowingly collect, solicit data from, or market to children under 18 years of age or the equivalent age as specified by law in your jurisdiction, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or the equivalent age as specified by law in your jurisdiction or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users less than 18 years of age or the equivalent age as specified by law in your jurisdiction has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18 or the equivalent age as specified by law in your jurisdiction, please contact us at legal@acira.ai.

11. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your state of residence in the US or in some regions, such as the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, you have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your account at any time, depending on your country, province, or state of residence.

In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making. If a decision that produces legal or similarly significant effects is made solely by automated means, we will inform you, explain the main factors, and offer a simple way to request human review. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us by using the contact details provided in the section "How Can You Contact Us About This Notice?" below.

We will consider and act upon any request in accordance with applicable data protection laws.

If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your Member State data protection authority or UK data protection authority.

If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section "How Can You Contact Us About This Notice?" below or updating your preferences.

However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

Opting Out of Marketing and Promotional Communications

You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section "How Can You Contact Us About This Notice?" below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

Notification Delivery

We send transactional notifications by email for important account and service events (such as authentication, billing, domain management, and website status updates). If your email address generates a permanent delivery failure (hard bounce) or a spam complaint, we will automatically disable routine email notifications to your account to protect our email delivery reputation and comply with email service provider requirements. You can re-enable notifications at any time through your account settings or by contacting our AI assistant. Please note that while routine notifications are disabled, you may miss some communications about your account. However, critical notices — including account and website deletion warnings — are always sent regardless of your notification status and are never suppressed.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can:

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

If you have questions or comments about your privacy rights, you may email us at legal@acira.ai.

12. CONTROLS FOR DO-NOT-TRACK AND GLOBAL PRIVACY CONTROL

Do-Not-Track

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.

Global Privacy Control (GPC)

We respect Global Privacy Control (GPC) signals. GPC is a browser-level signal that communicates your preference to opt out of the sale or sharing of your personal information.

Acira AI does not sell your personal information, does not share your personal information for cross-context behavioral advertising, and does not engage in targeted advertising. As such, there is no sale or sharing activity to opt out of. Our platform processes your data solely to provide the Services you have requested.

When we detect a GPC signal via your browser's globalPrivacyControl setting, we treat it as a valid request to opt out of any future sale or sharing of personal information, should our practices ever change. We also do not use tracking cookies or persistent identifiers for advertising purposes, which means GPC-enabled browsers experience no difference in functionality on our platform.

When a GPC signal is detected, we acknowledge your privacy preference and honor it accordingly.

California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.

13. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you and how we have processed it, correct inaccuracies, get a copy of, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. More information is provided below.

Categories of Personal Information We Collect

The table below shows the categories of personal information we have collected in the past twelve (12) months. The table includes illustrative examples of each category and does not reflect the personal information we collect from you. For a comprehensive inventory of all personal information we process, please refer to the section "What Information Do We Collect?"

Category	Examples	Collected
A. Identifiers	Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account name	YES
B. Personal information as defined in the California Customer Records statute	Name, contact information, education, employment, employment history, and financial information	YES
C. Protected classification characteristics under state or federal law	Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic data	NO
D. Commercial information	Transaction information, purchase history, financial details, and payment information	YES
E. Biometric information	Fingerprints and voiceprints	NO
F. Internet or other similar network activity	Interactions with our Services, pages visited, device and browser information, and referrer data	YES
G. Geolocation data	Country and region-level location derived from IP address	YES
H. Audio, electronic, sensory, or similar information	Images and audio, video or call recordings created in connection with our business activities	NO
I. Professional or employment-related information	Business contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with us	NO
J. Education Information	Student records and directory information	NO
K. Inferences drawn from collected personal information	Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual's preferences and characteristics, such as industry or business type derived from website content	YES
L. Sensitive personal Information		NO

We may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail in the context of:

Receiving help through our customer support channels
Participation in customer surveys or contests
Facilitation in the delivery of our Services and to respond to your inquiries

We will use and retain the collected personal information as needed to provide the Services or for:

Category A — As long as the user has an account with us
Category B — As long as the user has an account with us
Category D — As long as the user has an account with us
Category F — As long as the user has an account with us, or the duration of the associated website for visitor analytics data
Category G — As long as the user has an account with us
Category K — As long as the user has an account with us

Sources of Personal Information

Learn more about the sources of personal information we collect in "What Information Do We Collect?"

Learn more about how we use your personal information in the section "How Do We Process Your Information?"

Will your information be shared with anyone else?

We may disclose your personal information with our service providers pursuant to a written contract between us and each service provider. Learn more about how we disclose personal information in the section "When and with Whom Do We Share Your Personal Information?"

We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration. This is not considered to be "selling" of your personal information.

We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information in the future belonging to website visitors, users, and other consumers.

Your Rights

You have rights under certain US state data protection laws. However, these rights are not absolute, and in certain cases, we may decline your request as permitted by law. These rights include:

Right to know whether or not we are processing your personal data
Right to access your personal data
Right to correct inaccuracies in your personal data
Right to request the deletion of your personal data
Right to obtain a copy of the personal data you previously shared with us
Right to non-discrimination for exercising your rights
Right to opt out of the processing of your personal data if it is used for targeted advertising (or sharing as defined under California's privacy law), the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects ("profiling")

Depending upon the state where you live, you may also have the following rights:

Right to access the categories of personal data being processed (as permitted by applicable law, including the privacy law in Minnesota)
Right to obtain a list of the categories of third parties to which we have disclosed personal data (as permitted by applicable law, including the privacy law in California, Delaware, and Maryland)
Right to obtain a list of specific third parties to which we have disclosed personal data (as permitted by applicable law, including the privacy law in Minnesota and Oregon)
Right to obtain a list of third parties to which we have sold personal data (as permitted by applicable law, including the privacy law in Connecticut)
Right to review, understand, question, and depending on where you live, correct how personal data has been profiled (as permitted by applicable law, including the privacy law in Connecticut and Minnesota)
Right to limit use and disclosure of sensitive personal data (as permitted by applicable law, including the privacy law in California)
Right to opt out of the collection of sensitive data and personal data collected through the operation of a voice or facial recognition feature (as permitted by applicable law, including the privacy law in Florida)

How to Exercise Your Rights

To exercise these rights, you can contact us by visiting legal@acira.ai, by emailing us at legal@acira.ai, by calling toll-free at 888-389-1189, or by referring to the contact details at the bottom of this document.

Under certain US state data protection laws, you can designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with applicable laws.

Request Verification

Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes.

If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request and the agent will need to provide a written and signed permission from you to submit such request on your behalf.

Appeals

Under certain US state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing us at legal@acira.ai. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to your state attorney general.

Nevada Residents

Under Nevada Revised Statutes Chapter 603A, Nevada consumers have the right to direct a business to not sell their covered information. As stated elsewhere in this Privacy Notice, we do not sell your personal information to third parties. If you are a Nevada resident and wish to submit a verified request to opt out of any future sale of your covered information, should our practices ever change, please contact us at legal@acira.ai with the subject line "Nevada Opt-Out Request."

14. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: You may have additional rights based on the country you reside in.

Australia and New Zealand

We collect and process your personal information under the obligations and conditions set by Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020 (Privacy Act).

This Privacy Notice satisfies the notice requirements defined in both Privacy Acts, in particular: what personal information we collect from you, from which sources, for which purposes, and other recipients of your personal information.

If you do not wish to provide the personal information necessary to fulfill their applicable purpose, it may affect our ability to provide our services, in particular:

Offer you the products or services that you want
Respond to or help with your requests
Manage your account with us
Confirm your identity and protect your account

At any time, you have the right to request access to or correction of your personal information. You can make such a request by contacting us by using the contact details provided in the section "How Can You Review, Update, or Delete the Data We Collect from You?"

If you believe we are unlawfully processing your personal information, you have the right to submit a complaint about a breach of the Australian Privacy Principles to the Office of the Australian Information Commissioner and a breach of New Zealand's Privacy Principles to the Office of New Zealand Privacy Commissioner.

Republic of South Africa

If you are unsatisfied with the manner in which we address any complaint with regard to our processing of personal information, you can contact the office of the regulator, the details of which are:

The Information Regulator (South Africa)

General enquiries: enquiries@inforegulator.org.za
Complaints (complete POPIA/PAIA form 5): PAIAComplaints@inforegulator.org.za & POPIAComplaints@inforegulator.org.za

15. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Last updated" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice that affect how we process data you have already provided, we will notify you by email or by prominently posting a notice on our platform. Changes that describe data processing for new services or features take effect upon posting. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

16. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, please contact us at:

Acira AI LLC
11500 S Eastern Ave, Suite 150
Henderson, NV 89052
United States

Phone: 888-389-1189
Email: legal@acira.ai

Representative

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:

United Kingdom (UK)
European Union (EU)

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://app.prighter.com/portal/acira

17. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

Data Portability. If you wish to receive a copy of your personal information, you may submit a request and we will provide it as a ZIP file containing structured, machine-readable data within the timeframes required by applicable law.

Account Deletion. You can request account deletion directly through your account by speaking with our AI assistant, or by contacting us.

To request to review, update, export, or delete your personal information, please contact: legal@acira.ai.

Your Privacy, Our Priority

We don't sell your data, we don't use tracking cookies — that's why you won't see a cookie banner here. We honor Global Privacy Control, and for EU customers, visitor data is stored and processed exclusively within the European Union.

See how we protect your data →

Acira AI

Build beautiful websites with AI. No coding required.

Proudly built in the United States

Company

Pricing Features About Compare Trust & Privacy

Legal

Data Processing Transfer Impact