Privacy Policy

Interpretation and Scope

1.1This Policy applies to all individuals whose personal information is processed by CXO in connection with the Services, including website visitors, prospective clients, customers, end users of CXO agentic AI systems, and individuals whose data is processed through client integrations.

1.2This Policy does not apply to third-party websites, platforms, or services that are not owned or controlled by CXO, notwithstanding any links or integrations thereto.

Categories of Information Collected

CXO collects and processes the following categories of information, either directly or indirectly:

• Name, email address, telephone number
• Employer, title, and business affiliation
• Billing and payment information
• Information submitted through forms, chat interfaces, or communications
• Business data and operational inputs provided for agentic AI or consulting services

• Internet Protocol (IP) address
• Device identifiers, browser type, and operating system
• Usage data, session logs, and interaction metrics
• Referral sources and navigation patterns
• Cookie and tracking data

Where users interact with CXO's agentic AI systems, CXO may process:

• prompts, queries, and instructions
• uploaded documents or datasets
• CRM and third-party system data
• conversational logs and workflow triggers
• structured and unstructured business inputs

CXO expressly disclaims responsibility for decisions, actions, or omissions taken by users or clients in reliance on outputs generated by CXO agentic AI systems. Such systems do not constitute autonomous decision-making systems capable of binding CXO or any third party.

CXO may receive information from third-party service providers, including:

• customer relationship management systems (including GoHighLevel)
• cloud infrastructure providers
• analytics and marketing platforms
• AI model providers, including OpenAI, Anthropic, Google, and similar entities

These providers may process data independently of CXO's control.

Purposes of Collection and Use

CXO collects and uses personal information for the following purposes:

• (a)provision, operation, and maintenance of the Services;
• (b)deployment, configuration, and operation of agentic AI systems and automated workflows;
• (c)performance of contractual obligations;
• (d)billing, account administration, and payment processing;
• (e)service improvement, analytics, and system optimization;
• (f)security monitoring, fraud prevention, and risk mitigation;
• (g)customer support and communications;
• (h)compliance with legal and regulatory obligations; and
• (i)where permitted, marketing and promotional communications.

Legal Basis for Processing (GDPR)

Where the General Data Protection Regulation (EU) 2016/679 applies, CXO processes personal data on the following legal bases:

• performance of a contract;
• legitimate interests, including business operations, service improvement, and fraud prevention;
• consent, where required (including marketing and cookies);
• compliance with legal obligations.

Where automated processing or AI-assisted systems are used, such processing is conducted in furtherance of contractual and operational purposes and does not constitute sole automated decision-making intended to produce legal or similarly significant effects without human review.

Agentic AI Systems and Automated Decision-Making

5.1CXO provides agentic AI systems, including autonomous and semi-autonomous workflow automation agents.

5.2You acknowledge and agree that:

• (a)agentic AI systems operate using probabilistic machine learning models;
• (b)outputs may be inaccurate, incomplete, outdated, or otherwise unreliable;
• (c)automated processing may occur without human intervention;
• (d)AI outputs do not constitute professional advice of any kind;
• (e)AI outputs may contain hallucinations or incorrect information;

5.3CXO does not guarantee the accuracy, reliability, or suitability of any AI-generated output, and expressly disclaims any liability arising from reliance thereon.

CXO agentic AI systems rely on third-party large language models, including OpenAI, Anthropic, Google, and similar providers. CXO does not control model training, weighting, inference logic, or output generation behavior of such providers. Outputs may be influenced by systems outside CXO's control.

Disclosure and Sharing of Information

CXO may disclose personal information to the following categories of recipients:

Including:

• AI model providers (OpenAI, Anthropic, Google)
• cloud infrastructure providers (AWS, Google Cloud, Microsoft Azure)
• CRM and automation platforms
• analytics and communication providers
• payment processors and financial service providers

These providers may act as independent processors or controllers under applicable law.

Where necessary for:

• service delivery and support
• system maintenance and security
• business operations and analytics

Where required to:

• comply with applicable law or regulatory process
• respond to lawful requests from authorities
• enforce contractual rights
• protect rights, safety, or security of CXO or third parties

International Data Transfers

CXO operates on a cross-border basis. Personal information may be transferred to jurisdictions outside the user's country of residence, including Canada, the United States, and other jurisdictions where service providers operate.

Where required by applicable law, CXO implements appropriate safeguards, which may include Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms.

Data Retention

CXO retains personal information only for as long as necessary to fulfill the purposes for which it was collected, including:

• provision of Services
• legal and regulatory compliance
• dispute resolution
• legitimate business purposes

Retention periods vary depending on the nature of the information and applicable legal requirements.

Security Safeguards

CXO implements commercially reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction.

No system is completely secure, and CXO cannot guarantee absolute security.

User Rights

Subject to applicable law, individuals may have rights including:

• right of access
• right to rectification
• right to erasure
• right to restriction of processing
• right to data portability
• right to object

• right to know
• right to delete
• right to correct
• right to opt out of sale or sharing (where applicable)
• right to non-discrimination

• right of access and correction
• right to withdraw consent subject to legal restrictions

Requests may be submitted to: [email protected]

CXO reserves the right to verify identity prior to responding.

Cookies and Tracking Technologies

CXO uses cookies and similar technologies for:

• authentication and security
• analytics and performance measurement
• user experience optimization
• marketing and attribution

Where required by applicable law, consent mechanisms are implemented. For full detail, see our Cookie Policy.

Users may disable cookies through browser settings; however, certain functionalities may be impaired.

Marketing Communications (CASL / CAN-SPAM)

CXO complies with applicable anti-spam legislation. Marketing communications are sent only where consent or lawful basis exists. Users may withdraw consent at any time.

Third-Party Links and Services

CXO is not responsible for privacy practices of third-party services, content, or data handling practices outside CXO's control. Use is at user's risk.

Limitation of Liability

To the maximum extent permitted by applicable law, CXO shall not be liable for:

• third-party data practices
• AI-generated outputs
• reliance on Services or outputs
• system interruptions or failures
• unauthorized access outside CXO systems

Children's Privacy

Services are not directed to individuals under the age of majority. CXO does not knowingly collect personal information from minors.

Amendments

CXO reserves the right to amend this Policy at any time. Continued use constitutes acceptance of updated versions.

Contact Information

CoreXpert Operations Corporation (CXO)
Ontario, Canada
[email protected]