Effective Date: March 18, 2026
This Privacy Policy describes how Current Orchard LLC doing business as DaveryAI™ ("we," "us," or "our") collects, uses, discloses, and protects your information when you use the Acerox™ managed AI agent service (the "Service"). By using the Service, you consent to the data practices described in this policy.
We collect personal information that you provide during onboarding and use of the Service, such as your name, email address, phone number, and billing details. We also collect usage data, such as aggregated logs of API interactions, other interactions, performance metrics, and service health information, to operate and improve the Service. We may use cookies or similar technologies on our website for session management and analytics.
If you choose to provide third-party account credentials to your Acerox™ AI agent for browser-based access, those credentials are stored on your dedicated virtual private server. DaveryAI™ does not access, collect, or store your third-party login credentials.
We collect only the information necessary to provide and enhance the Service, and we adhere to data minimization principles.Your business data — including conversations with your Acerox™ AI agent, files, and any other content you share with your agent — is stored on your dedicated virtual private server. We do not collect, copy, or store your business data on our own systems. We maintain administrative access to your server solely for the purpose of providing maintenance, updates, and technical support, but we do not review or access your business data in the ordinary course of operations. When your interactions are processed by third-party AI providers to generate responses, such processing is transient and is described further in Section 3.
In the event of cancellation or termination, we will generate an export of your data from your dedicated server and deliver it to you via Telegram in a zip file as part of the offboarding process. Your dedicated server is then decommissioned and wiped in accordance with our offboarding procedures. Outside of this process, no client business data is stored on DaveryAI™ systems.
We use the information we collect to provide, maintain, and improve the Service, including processing your requests, managing your Acerox™ AI agent, and delivering features. We also use it for billing and payment processing, providing customer support, and analyzing usage to enhance performance. We may contact you by email regarding your account, including but not limited to service updates, trial status, billing reminders, security notifications, and other communications related to the operation of your Acerox™ AI agent. Anonymized data may be used to improve the Service, but we do not use your specific data to train our own AI models or for unrelated purposes without your explicit consent. Furthermore, we use information for security purposes, such as monitoring for abuse and protecting the Service, and to comply with legal obligations.
Your interactions with the Service may be processed by third-party AI model providers to generate responses and perform tasks. We use commercial/API access rather than consumer chatbot products. These providers’ handling of submitted data is governed by their applicable API, privacy, and data processing terms, which may change over time.
As part of our operating practice, we prefer providers whose published API policies generally state that customer API data is not used for model training, subject to their current terms. Requests may also be retained for limited periods as described in those providers’ applicable policies.
We disclose this third-party processing because it is necessary for the Service’s functionality, and those providers may apply their own content, safety, privacy, and usage policies to requests processed through their systems.
We do not sell your personal information. We share information with service providers, such as payment processors and hosting services, under strict confidentiality agreements to support the Service. We may also share information to comply with legal requirements, such as responding to subpoenas or court orders, or in connection with a business transfer like a merger or acquisition. Your data is stored on your dedicated virtual private server and is not shared with other clients or third parties except as described here.
We implement reasonable security measures to protect your information, including isolating your data on a dedicated virtual private server, using encryption for data in transit and at rest, and applying access controls to limit who can view your data. We conduct regular security reviews and updates. However, no system is completely secure, and you are responsible for securing your own devices, accounts, and credentials, including not sharing sensitive information insecurely.
You have the right to access, correct, or delete your personal information. You may also request an export of your data at any time, and upon cancellation, we provide a data export as part of the offboarding process. If applicable, you may exercise rights under the California Consumer Privacy Act (CCPA), General Data Protection Regulation (GDPR), or similar laws, such as opting out of data sales (though we do not sell data). To exercise these rights, contact us at [email protected], and we will respond within 30 days.
We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy. Upon cancellation or request, we delete your data after providing an export in accordance with our offboarding procedures, unless we are required to retain certain information for legal reasons.
The Service is not intended for children under the age of 13, and we do not knowingly collect personal information from them. If we become aware of such collection, we will take steps to delete it.
Your information may be processed in the United States or other countries. We ensure appropriate safeguards are in place for any transfers, such as standard contractual clauses or adequacy decisions, to protect your data.
In the event of a data breach that affects your personal information, we will notify you via email within 72 hours of becoming aware of the breach, or as otherwise required by applicable law. We will provide information about the nature of the breach, the data affected, and the steps we are taking to address it.
We do not currently respond to "Do Not Track" browser signals.
We reserve the right to update this Privacy Policy at any time at our sole discretion. We will post the revised policy on our website. It is your responsibility to review this Privacy Policy periodically for changes. Your continued use of the Service after such changes constitutes your acceptance of the revised policy. If you do not agree with these changes, you may cancel your subscription at any time.
If you have questions about this Privacy Policy or our data practices, please contact us at [email protected].
This Privacy Policy is incorporated into our Terms of Service and applies to your use of the Service.