Privacy Policy

1. Introduction

Loopi AI I/S (“Loopi AI,” “we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, and safeguard data in connection with our services, including AI powered receptionists, chatbots, automation tools, and lead reactivation systems.

By using our website or services, you consent to the practices described in this Policy.

2. Who We Are

Loopi AI I/S is a Danish company specializing in AI driven automation tools and communication systems for businesses.

Our registered address is Fløjstrupvej 159, 8330 Beder, Denmark.

CVR: 45581969.

3. Data We Collect

We collect and process the following categories of personal data, depending on the service:

a. Client Data (B2B Clients)

• Name, email, phone number, company details, payment details
• Account credentials, communication history, service preferences

b. End-User or Lead Data (on behalf of Clients)

When we provide services like AI receptionists, widgets, or review automations, we may process limited personal data belonging to your customers or leads, such as:

• Name, phone number, email, or social media handle
• Messages, call transcripts, or AI generated summaries
• Booking, review, or interaction details

This data is only processed as a data processor on behalf of the client and in accordance with their instructions and applicable data protection laws.

c. Technical Data

• IP address, device type, browser type, and usage statistics
• Log data for system performance, troubleshooting, and analytics
• Cookies, pixels, and similar tracking technologies used on our website (see Section 16b)

4. How We Use Data

We use personal data to:

• Provide, manage, and improve our AI tools and services
• Communicate with clients about onboarding, performance, and support
• Configure and train AI models specifically for client use
• Handle payments, billing, and account management
• Comply with legal and regulatory requirements

We do not sell personal data or use it to profile individuals for unrelated marketing purposes.

5. AI and Automation Data Handling

Loopi AI’s systems may generate, record, or store:

• AI generated messages, call transcripts, and response summaries
• Automation logs and communication history between AI tools and end users

These are used only to deliver and improve the contracted service.

All AI outputs are generated algorithmically and are not manually reviewed unless required for debugging, support, or abuse prevention.

We do not use client or end-user data to train public AI models.

SMS opt-in data and consent information will never be shared, sold, or rented to third parties. SMS messages are sent only to contacts who have explicitly opted in. Reply STOP to opt out at any time.

6. Legal Basis for Processing

We process data under one or more of the following bases:

• Contractual necessity: To provide services to clients.
• Legitimate interests: To maintain and secure our systems.
• Legal obligations: To comply with applicable laws.
• Consent: When required for marketing communications.

7. Data Sharing and Sub-Processors

We may share data with trusted sub-processors and partners who assist in operating our services, such as:

• Cloud hosting and database providers (e.g., Google Cloud, AWS)
• Communication platforms (e.g., Twilio, OpenAI, Meta, Gmail, HubSpot)
• Payment processors (e.g., Stripe)
• CRM and marketing automation (e.g., HighLevel Inc., dba GoHighLevel)
• Web analytics and advertising (e.g., Google Ireland Ltd, Meta Platforms Ireland Ltd)

All sub-processors are bound by written agreements and must comply with GDPR and equivalent data protection laws.

a. Business Transfers

In the event of a merger, acquisition, reorganisation, or sale of all or part of Loopi AI I/S, personal data held by us may be transferred to the acquiring entity as part of that transaction. We will notify affected clients of any such change in ownership or control of personal data, and the data will remain subject to the protections described in this Policy.

b. Websites Delivered to Clients

Where Loopi AI designs, develops, or deploys a website on behalf of a Client, that website is operated by the Client and not by Loopi AI. Loopi AI is not the data controller for any personal data collected through such websites after delivery. The Client is solely responsible for publishing its own privacy policy, cookie policy, and consent mechanisms on the delivered website, and for ensuring compliance with GDPR, ePrivacy, and any other applicable laws governing the collection, storage, and processing of visitor data.

Where Loopi AI continues to host, maintain, or operate a delivered website on behalf of a Client under a separate agreement, Loopi AI acts as a data processor on the Client’s behalf, in accordance with that agreement and our Terms of Service.

8. International Data Transfers

Data may be transferred outside the EU/EEA, including to the United States, Canada, or Australia.

When transfers occur, we use Standard Contractual Clauses (SCCs) and other approved mechanisms to ensure adequate protection.

9. Data Retention

We retain personal data only as long as necessary to provide services or comply with legal obligations.

Client campaign data and communication logs are typically deleted within 30 days of termination unless otherwise requested or required by law.

10. Security

We implement technical and organizational safeguards to protect personal data from loss, misuse, and unauthorized access, including:

• Encrypted data storage
• Two-factor authentication (2FA) for internal systems
• Restricted employee access to sensitive data

11. Your Data Rights (GDPR)

You have the right to:

• Access the data we hold about you
• Correct inaccurate data
• Request deletion of your data
• Restrict or object to processing
• Withdraw consent to marketing at any time
• Request data portability

To exercise these rights, contact us at contact@loopiai.com. We will respond within 30 days.

12. CCPA Rights (if applicable)

For California residents, you have additional rights under the California Consumer Privacy Act (CCPA), including:

• The right to know what personal information we collect
• The right to request deletion of your data
• The right to opt out of any “sale” of personal data (we do not sell data)
• The right to non-discrimination for exercising your privacy rights

Requests can be made by emailing contact@loopiai.com.

13. Children’s Privacy

Our services are designed for businesses and are not directed at individuals under 18.

We do not knowingly collect personal data from children.

If we become aware that a minor has provided us with data, we will delete it promptly.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

Updates will be posted on our website with a new effective date.

For significant changes, we will notify clients directly.

15. Contact Information

If you have questions, requests, or complaints about this Privacy Policy or our data practices, please contact:

Loopi AI I/S
Fløjstrupvej 159, 8330 Beder, Denmark
contact@loopiai.com
+45 52 51 50 61
CVR: 45581969

16. Third-Party Links

Our website and services may contain links to third-party websites, platforms, or tools (such as Twilio, Meta, or Stripe).

This Privacy Policy does not apply to those third-party sites, and we are not responsible for their privacy practices or content.

We encourage you to review the privacy policy of any third-party site you visit.

16b. Cookies and Tracking Technologies

Our website (www.loopiai.com) uses cookies and similar technologies to operate the site, remember preferences, measure traffic, and improve performance. We use:

• Strictly necessary cookies required for the site to function (e.g., the cookie that records your consent choice).
• Analytics cookies — Google Analytics 4. See Section 16d.
• Marketing and advertising cookies — Meta Pixel (with Automatic Advanced Matching) and GoHighLevel CRM tracking. See Sections 16c and 16e.

Marketing and analytics cookies do not load until you have actively accepted them through our cookie consent banner. You can withdraw your consent at any time by reopening the banner (clear the cookie_consent cookie or revisit the site in a private window) and choosing Decline. Strictly necessary cookies cannot be disabled because the site cannot function without them.

16c. Meta Pixel and Automatic Advanced Matching

This website uses the Meta Pixel (also known as the Facebook Pixel), a tracking technology provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland ("Meta"). Meta Platforms, Inc. (USA) and Meta Platforms Ireland Ltd. act as joint controllers for the data collected through the pixel.

What data we collect. When you visit our website and have given your consent, the Meta Pixel collects:

• IP address
• Browser type, device information, and operating system
• Pages visited, buttons clicked, and other actions taken on our website
• Referring URL and timestamp of your visit
• Facebook user ID (if you are logged in to Facebook or Instagram)

We have also enabled Automatic Advanced Matching. When you submit a form on our website, the following information is hashed (encrypted with SHA-256) in your browser before being sent to Meta:

• Email address
• Phone number
• First and last name
• City, postal code, and country
• Gender and date of birth (if provided)

The data is hashed before transmission, so Meta does not receive your information in plain text.

Purpose of processing. We use the Meta Pixel and Automatic Advanced Matching to:

• Measure the effectiveness of our advertising campaigns
• Attribute conversions (such as form submissions or bookings) to specific ads
• Build Custom Audiences and Lookalike Audiences for targeted advertising
• Retarget visitors with relevant ads on Facebook, Instagram, and other Meta platforms
• Optimize the delivery of our ads to users most likely to be interested

Legal basis. Processing is based on your explicit consent in accordance with Article 6(1)(a) of the GDPR. The Meta Pixel does not load or collect any data until you have actively accepted marketing cookies through our cookie banner.

Transfer to third countries. Data collected through the Meta Pixel is transferred to Meta Platforms, Inc. in the United States. Meta is certified under the EU-US Data Privacy Framework, and the transfer is additionally safeguarded by Standard Contractual Clauses approved by the European Commission.

Retention. Meta retains data collected through the pixel for up to 2 years. We do not store the raw pixel data ourselves; we only access aggregated reports through Meta's advertising tools.

How to withdraw your consent. You can withdraw your consent at any time by:

• Reopening our cookie banner and rejecting marketing cookies (clear the cookie_consent cookie or revisit in a private window)
• Adjusting your ad preferences at facebook.com/adpreferences
• Using the opt-out tool at youronlinechoices.eu

For details on how Meta processes your data, see Meta's Privacy Policy at facebook.com/privacy/policy.

16d. Google Analytics 4

This website uses Google Analytics 4 (measurement ID G-JJ7YB3VSRV), a web analytics service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland ("Google").

What data we collect. Google Analytics collects: IP address (truncated before storage where IP anonymization applies), browser and device information, pages visited and time spent, referring URL, and approximate location based on IP. A pseudonymous client identifier is stored in the _ga cookie.

Purpose. To understand aggregate traffic patterns, measure marketing performance, and improve site content and structure.

Legal basis. Article 6(1)(a) GDPR — your explicit consent given through the cookie banner. Google Analytics does not load until you accept analytics cookies.

Third-country transfers. Data may be transferred to Google LLC in the United States. Transfers are safeguarded by the EU-US Data Privacy Framework and Standard Contractual Clauses.

Retention. Event-level data is retained for 14 months (the GA4 default we have configured). Aggregated reports are retained longer.

You can withdraw consent at any time by rejecting cookies through our banner, or install Google's opt-out browser add-on at tools.google.com/dlpage/gaoptout.

16e. GoHighLevel CRM Tracking

This website uses a tracking script provided by HighLevel Inc., 400 N St. Paul St. Suite 920, Dallas, TX 75201, USA ("HighLevel," dba GoHighLevel). The script is loaded from book.loopiai.com (a subdomain we operate using HighLevel infrastructure) and assigns a visitor identifier so HighLevel can attribute booking and form submissions back to a specific marketing source.

What data we collect. Visitor identifier (cookie), IP address, page URL, referring URL, timestamps, and any form data (name, email, phone) submitted through HighLevel-hosted forms or the booking widget on our site.

Purpose. Lead capture, attribution, follow-up communications, and CRM record-keeping for users who book a call or submit a form.

Legal basis. Article 6(1)(a) GDPR — your explicit consent given through the cookie banner before the script loads. For form submissions, processing is also based on the contractual necessity of responding to your enquiry (Article 6(1)(b)).

Third-country transfers. HighLevel processes data in the United States. Transfers are safeguarded by Standard Contractual Clauses, and HighLevel makes a Data Processing Addendum available that governs the processing relationship.

Retention. Visitor tracking cookies expire after 12 months. Lead and CRM records are retained for as long as the contact relationship is active, then deleted within 30 days of termination unless a longer retention is required by law.

16f. Your Rights and Withdrawing Consent

Under the GDPR you have the right to access, correct, delete, restrict or object to processing, request data portability, and lodge a complaint with the Danish Data Protection Authority (Datatilsynet, datatilsynet.dk) or your local supervisory authority. You can withdraw consent for any of the technologies in Sections 16c, 16d, and 16e at any time by re-opening the cookie banner. To exercise other rights, contact us at contact@loopiai.com.

Data controller. Loopi AI I/S, Fløjstrupvej 159, 8330 Beder, Denmark — CVR 45581969 — contact@loopiai.com.