Privacy Policy - Intervo.ai

1. INTRODUCTION

1.1. Purpose of this Policy

This Privacy Policy describes how CodeDesign Inc. (“Company”, “we”, “our”, or “us”) collects, uses, discloses, and protects your personal information when you use the Intervo.ai platform (the “Platform”), including all associated products, services, websites, applications, documentation, and open-source software components.

1.2. Scope and Applicability

This Policy applies to all users globally, including users from the United States (including California under CCPA/CPRA), the European Union and EEA (under GDPR), Canada (under PIPEDA), India (under the Digital Personal Data Protection Act, 2023), and other applicable jurisdictions. It applies to data collected from:

Visitors to our website (https://intervo.ai),
Registered users of the Platform (SaaS or self-hosted),
End users of AI agents deployed using the Intervo platform,
Contributors to our open-source repositories and communities.

1.3. Identity of the Data Controller

For the purposes of applicable data protection laws, CodeDesign Inc. is the controller of personal data processed via the Intervo.ai Platform unless stated otherwise (e.g., where an enterprise or developer self-hosts the Platform, they may act as a separate controller).

1.4. Role of Platform Users (Admins, Developers, End Users)

Depending on the use case:

SaaS Users: CodeDesign Inc. is the processor of data generated by agents deployed by registered users.
Self-hosted Users: The hosting entity is solely responsible as the controller of any personal data processed on their instance.
End Users: Individuals who interact with agents deployed using the Platform.
Contributors: Individuals who participate in the development of the open-source software via public repositories or community platforms (e.g., GitHub, Discord).

2. DEFINITIONS

2.1. “Personal Data” or “Personal Information”

Means any information that relates to an identified or identifiable natural person, including but not limited to names, email addresses, identification numbers, IP addresses, device identifiers, biometric data, or any information defined as “personal data” or “personally identifiable information” under applicable data protection laws, such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), the Digital Personal Data Protection Act, 2023 (DPDPA - India), and PIPEDA (Canada).

2.2. “Processing”

Means any operation or set of operations performed on Personal Data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure by transmission, dissemination, alignment, restriction, erasure or destruction.

2.3. “Controller”

Refers to the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

2.4. “Processor”

Means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the Controller.

2.5. “Data Subject”

Refers to an identifiable natural person whose personal data is processed by the Controller or Processor.

2.6. “Intervo Platform” or “Platform”

Means the software, APIs, tools, agents, and user interface made available by CodeDesign Inc. under the name Intervo.ai, including both its hosted SaaS version and the open-source self-hosted version.

2.7. “User”

Means any person or entity who uses or accesses the Platform, including developers, administrators, end customers of clients, and contributors to open-source repositories.

2.8. “End User”

Refers to the individuals who interact with conversational Al agents deployed through the Intervo platform.

2.9. “Sensitive Personal Data” or “Special Category Data”

Means data which is subject to specific processing conditions under applicable law and may include racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, or data concerning a natural person’s sex life or sexual orientation.

2.10. “Applicable Law”

Means all data protection and privacy laws and regulations applicable to the processing of personal data under this Privacy Policy, including but not limited to:

European Union: General Data Protection Regulation (Regulation (EU) 2016/679-”GDPR”);
United Kingdom: UK General Data Protection Regulation and Data Protection Act 2018;
United States: California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA); along with other applicable state laws such as the Virginia CDPA, Colorado CPA, Connecticut CTDPA, and Utah UCPA;
India: Digital Personal Data Protection Act, 2023 (DPDPA);
Brazil: Lei Geral de Proteção de Dados (LGPD);
Canada: Personal Information Protection and Electronic Documents Act (PIPEDA);
Australia: Privacy Act 1988 and its amendments;
Singapore: Personal Data Protection Act 2012 (PDPA);
China: Personal Information Protection Law (PIPL);
South Africa: Protection of Personal Information Act (POPIA);
Thailand: Personal Data Protection Act (PDPA);
United Arab Emirates (UAE): Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data.
Any other applicable international or local law governing privacy and data protection.

2.11. “Cookies”

Refers to small data files that may be placed on your device by websites or applications that you visit, often used for tracking and improving the user experience.

2.12. “Open-Source Contribution”

Refers to any code, documentation, issue, or other material contributed by a user to the Intervo open-source repositories hosted publicly (e.g., GitHub), which may include usernames, commits, messages, or comments associated with the contributor.

3. TYPES OF DATA COLLECTED AND HOW

3.1. Personal Data Collected from Users

CodeDesign Inc., through its Intervo platform, may collect the following categories of Personal Data from Users or visitors interacting with the website, platform, or associated APIs:

Contact Information: Includes full name, email address, phone number, organization name, role or job title, and physical address (if provided during onboarding, subscription, inquiry, or support interaction).
Account Information: Includes username, encrypted password, user ID, authentication tokens, and related credentials required for platform access.
Payment and Billing Information: Includes billing name, billing address, partial credit/debit card details (processed via third-party payment processors like Stripe), invoice records, and tax identification numbers if applicable.
Communication Data: Includes content of support requests, chat transcripts, emails sent to support@intervo.ai, feedback forms, or other communications with the Intervo team.
User-Generated Content: Includes any content uploaded, shared, or processed on the platform including voice recordings, chat transcripts, text prompts, file uploads (PDF, DOCX, TXT), and customer support queries.

3.2. Automatically Collected Data

When you access or use the Platform, Intervo may automatically collect:

Log and Usage Data: Includes timestamps, IP address, browser type, device type, operating system, pages visited, time spent, error logs, clickstream data, and referring/exit URLs.
Device Identifiers and Metadata: Includes device ID, session ID, access tokens, geolocation (approximate), and interaction logs collected through SDKs or embedded widgets.
Cookies and Tracking Technologies: As detailed in the cookies policy, Intervo uses cookies, pixel tags, and similar technologies to enhance user experience, enable core functionalities, remember preferences, and collect analytics.

3.3. Data Collected from AI Agents

Intervo Al agents deployed by Users may collect:

End User Interaction Data: Includes audio inputs (voice calls), chat conversations, web widget usage, and responses captured by agents, which may include Personal Data voluntarily provided by end users (e.g., name, email, phone number).
Agent Configuration and Workflow Data: Includes custom-built workflows, scripts, conversation intents, sub-agent assignments, API integration paths, and other programmable settings configured by the User.

3.4. Open-Source Repository Data

If you contribute to the open-source repositories hosted by CodeDesign Inc., the following may be collected:

GitHub or GitLab Profile Information: Includes your username, commit history, public profile, and any comments or issues you post.
Contribution Metadata: Includes time of contribution, lines of code, technical identifiers, and relevant repository usage analytics.

3.5. Third-Party Integrations

If you integrate third-party services (e.g., Twilio, Google Speech, AssemblyAI, Stripe), we may receive data from those services subject to their APIs and data sharing policies. You are responsible for obtaining the necessary authorisations for such integrations.

3.6. Children’s Data

The platform is not intended for use by individuals under the age of 13 (or equivalent minimum age in the relevant jurisdiction). Intervo does not knowingly collect Personal Data from children unless required by client-specific deployment with appropriate legal safeguards in place. Please refer to the Clause on Children’s Privacy.

4. LEGAL BASES FOR PROCESSING PERSONAL DATA

4.1. Overview

CodeDesign Inc. processes Personal Data only when there is a valid legal basis to do so, in accordance with the requirements of applicable global data protection laws. The specific legal basis depends on the context in which the Personal Data is collected and processed. The primary legal bases include consent, contract necessity, legal obligation, legitimate interest, vital interest, and statutory or public interest grounds. Where required by law, CodeDesign Inc. obtains explicit, freely given, informed, and unambiguous consent from the data subject before processing their Personal Data. Consent may be required for activities such as:

Receiving marketing communications;
Using tracking technologies such as cookies;
Capturing voice/chat transcripts where required under PIPL or GDPR;
Enabling cross-border data transfers in jurisdictions like China and India;
Handling sensitive personal data (e.g., under LGPD or GDPR).

Data subjects may withdraw consent at any time by contacting support@intervo.ai or by using designated platform controls, without affecting the lawfulness of prior processing.

4.3. Contractual Necessity

Processing is lawful where it is necessary for the performance of a contract with the data subject or to take steps at their request prior to entering into a contract. This includes:

Creating or managing user accounts;
Providing services or features through Intervo.ai;
Managing billing, payments, and customer support.

4.4. Legal Obligation

CodeDesign Inc. may process Personal Data to comply with applicable legal obligations imposed by national, state, or international laws and regulations. Examples include:

Financial reporting and tax obligations;
Responding to lawful government or judicial requests;
Data retention requirements under applicable laws (e.g., EU e-Privacy Directive, US data retention laws).

4.5. Legitimate Interests

Processing may be conducted where necessary for the legitimate interests pursued by CodeDesign Inc. or a third party, unless overridden by the fundamental rights and freedoms of the data subject. Legitimate interests include:

Securing the platform and preventing fraudulent use;
Enhancing user experience and improving services;
Conducting internal analytics and service development;
Communicating platform updates and new features.

Data subjects may object to such processing where applicable law permits (e.g., GDPR Art. 21).

4.6. Vital Interests and Public Interest

Processing may be lawful where necessary to protect vital interests of the data subject or another individual. It may also occur for performance of tasks in the public interest or exercise of official authority, where permitted under applicable laws (e.g., GDPR Art. 6(1)(e), PIPL Chapter II).

4.7. Digital Personal Data Protection Act, 2023 (India)

For data subjects located in India, Personal Data is processed in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA). Key compliance actions include:

Providing notice and obtaining consent prior to data collection;
Allowing withdrawal of consent and data principal rights to access, correct, and erase data;
Notifying the Data Protection Board of India and affected individuals in the event of a breach;
Appointing a Data Protection Officer, if required by the Act.

4.8. International Transfers

When transferring Personal Data across borders, CodeDesign Inc. ensures appropriate legal mechanisms are in place, including:

Standard Contractual Clauses (SCCs) for EU/UK data;
Adequacy decisions under GDPR or PIPEDA;
Deemed consent mechanisms under DPDPA;
Outbound data transfer assessment and contracts under China’s PIPL.

5. HOW WE USE PERSONAL INFORMATION

At Codedesign Inc., we collect and use personal information through our platform, Intervo.ai, to deliver, improve, and secure our services in accordance with applicable data protection laws such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), India’s Digital Personal Data Protection Act (DPDPA), and similar frameworks globally. We use personal information to facilitate user registration, authentication, and identity management. This includes providing users access to Intervo.ai’s platform, allowing them to build and deploy Al agents, and managing integrations with third-party systems such as CRMs, telephony platforms like Twilio, payment processors like Stripe, and various LLM providers. We also use personal information to deliver technical support, onboarding experiences, documentation, and service-related communications. Additionally, personal information is used to maintain platform integrity and monitor interactions for fraud prevention, compliance enforcement, and abuse detection. It allows us to analyse trends, debug issues, and optimize platform functionality. Any analytical activities are performed in adherence to lawful bases and, where applicable, based on user consent or legitimate interest assessments. We also process personal data to send system alerts, transactional notices, policy updates, and service communications. With the appropriate legal basis, including consent where required, we may send marketing communications, user surveys, and promotional materials. Users can manage their preferences or opt-out in accordance with applicable law. To fulfill legal and regulatory obligations, we may use data for tax, audit, anti-money laundering checks, law enforcement cooperation, or as otherwise required under applicable statutes. If necessary, personal data may also be used in connection with potential business transactions such as mergers or acquisitions, under conditions of confidentiality and data protection safeguards. For users engaging in our open-source and developer communities (such as Discord, GitHub, or documentation portals), we may display or reference publicly submitted information, code contributions, or support queries in a manner consistent with community norms and user expectations. We do not use personal data to train generalized Al models without explicit user consent. These uses are governed by transparency, proportionality, and data minimization principles. We ensure that the use of personal information aligns with your rights and our legal obligations as a global provider of AI-driven communication infrastructure. Codedesign Inc. respects the confidentiality of your personal information and does not sell or rent your data to third parties. However, in the course of delivering services through Intervo.ai, we may disclose personal data to select third parties under lawful bases and with appropriate safeguards. This includes sharing with service providers and vendors who support our operations, such as cloud hosting partners, analytics providers, telephony systems, Al infrastructure services, payment processors, customer relationship management tools, and customer support platforms. These third parties are contractually bound to only process personal data on our behalf, subject to strict confidentiality, access control, and security obligations. We may also share information with affiliated companies within the Codedesign group where applicable, solely for internal business, compliance, and administrative purposes consistent with this Privacy Policy. In specific scenarios, we may disclose information if required to do so by law or regulatory authority, such as in response to lawful subpoenas, warrants, court orders, or similar legal processes. We may also share information to enforce our rights, prevent fraud or abuse, investigate potential violations of our terms, or protect the security, rights, and safety of our users, partners, or the public. In connection with strategic transactions such as mergers, acquisitions, restructuring, or asset transfers, your personal data may be shared with counterparties and advisers as part of the due diligence or execution process, under confidentiality agreements and in accordance with applicable privacy laws. Where data transfers occur across borders, particularly from the European Union or other jurisdictions with data export restrictions, we implement mechanisms such as Standard Contractual Clauses, international data transfer agreements, or other legally recognized safeguards to ensure adequate protection of your information. In addition, users deploying public-facing Al agents via Intervo.ai may intentionally integrate third-party systems or share data through APIs or webhook configurations. In such cases, users are responsible for ensuring that their own data processing and sharing practices comply with relevant laws and with their own privacy policies. Intervo.ai is not responsible for third-party integrations initiated by users unless explicitly stated in our Terms of Service. We maintain a list of sub-processors and integrations which may process personal data on our behalf, available upon request or via our platform documentation. Any future updates to our data-sharing practices will be reflected in this Privacy Policy and, where required, communicated directly to users.

7. INTERNATIONAL DATA TRANSFERS

As a global technology provider, Codedesign Inc. may transfer and process your personal data in jurisdictions outside of your home country, including countries that may not offer the same level of data protection as your own. This includes transfers to and from the United States, India, member states of the European Economic Area (EEA), the United Kingdom, Canada, and other jurisdictions where we, our affiliates, or our service providers operate. Whenever we transfer personal data internationally, we take appropriate steps to ensure an adequate level of protection is in place. For data originating from the European Union, the United Kingdom, or other jurisdictions with cross-border data transfer regulations, we rely on mechanisms such as the European Commission’s Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA), Binding Corporate Rules (where applicable), or your explicit consent. In some cases, supplementary technical and organizational measures, such as encryption, access controls, and data minimization, are also implemented to ensure the continued confidentiality and security of your personal information. Users should be aware that our cloud infrastructure, including third-party hosting, analytics, and communications platforms, may store or process personal data in the United States, Canada, Singapore, and other locations, depending on the integration settings and services enabled within the Intervo.ai platform. All such transfers are conducted in compliance with the relevant data protection laws including the General Data Protection Regulation (GDPR), India’s Digital Personal Data Protection Act (DPDPA), Brazil’s LGPD, and the California Consumer Privacy Act (CPRA), among others. In the case of international transfers made at your direction, such as when you deploy an agent on Intervo.ai and configure data flows to third-party services or CRMs, you are responsible for ensuring that such transfers meet the applicable legal requirements and user consent standards in your jurisdiction. Where legally required, we will notify users of any material changes in international data transfer practices and will obtain appropriate consents or approvals before proceeding with such transfers. If you would like more details about the transfer mechanisms or to obtain a copy of the applicable data transfer agreements, you may contact us at support@intervo.ai.

8. DATA RETENTION POLICY

Codedesign Inc. retains personal information collected through Intervo.ai only for as long as necessary to fulfill the purposes for which it was collected, to satisfy legal, regulatory, contractual, or operational requirements, and to enforce our rights or resolve disputes. The specific retention period may vary depending on the nature of the data, the context in which it was provided, and applicable laws in jurisdictions such as the European Union, United States, India, or Canada. Where data is collected pursuant to a contractual relationship, such as through the creation and use of an Intervo.ai account or deployment of agents, we retain the data for the duration of the business relationship and for a reasonable period thereafter to comply with legal obligations, audit requirements, or to facilitate reactivation. In most cases, this retention period will not exceed seven (7) years unless a longer period is legally mandated or justified by legitimate interests such as dispute resolution or fraud prevention. For marketing-related data, we retain information for as long as users continue to interact with our communications or until consent is withdrawn or an opt-out request is processed, whichever occurs earlier. Technical logs, analytics, and diagnostic data are retained for shorter durations unless required to ensure platform stability, conduct investigations, or comply with data subject access requests. Where users self-host or control their own deployments of Intervo.ai, they may configure data retention settings in line with their own privacy obligations. In such cases, Codedesign Inc. will not access, store, or retain end-user data unless explicitly authorized for support or troubleshooting purposes. Upon expiry of the retention period, or upon receipt of a valid request for erasure under applicable law, personal data will be securely deleted, anonymized, or archived in a non-identifiable format, unless further retention is required for legal compliance, regulatory enforcement, or legitimate business purposes. We implement appropriate technical and organizational measures to ensure that data destruction is performed securely and in accordance with industry standards. If you wish to obtain more information on specific data retention periods applicable to your use case, or to request the deletion of your personal information, please contact us at support@intervo.ai.

9. COOKIES AND TRACKING TECHNOLOGIES

Intervo.ai, operated by Codedesign Inc., uses cookies and similar tracking technologies to enhance your experience, analyse platform usage, and deliver relevant content and functionality. Cookies are small text files that are placed on your device when you visit a website. They allow us to remember user preferences, optimize site functionality, improve performance, and measure marketing effectiveness. These technologies are also used to detect security threats, prevent fraudulent activity, and ensure the proper functioning of features such as user authentication, chat history, and AI agent behavior. We use both first-party and third-party cookies. First-party cookies are set directly by Intervo.ai and are primarily used to enable core site operations. Third-party cookies are set by trusted partners such as analytics providers (e.g., Google Analytics), payment processors (e.g., Stripe), and customer interaction platforms. These third parties may collect information about your interaction with our platform and other websites, helping us tailor our services and improve our understanding of user behavior. Types of cookies used include essential cookies (strictly necessary for platform operation), performance cookies (to analyze usage statistics and system diagnostics), functional cookies (to store user preferences and enhance usability), and marketing cookies (to deliver personalized content and advertising). Some cookies remain active only during your session, while others persist for longer durations unless manually cleared. In jurisdictions where consent is legally required, such as the European Union, we provide a cookie consent banner or settings panel that allows you to accept, reject, or customize your cookie preferences before any non-essential cookies are placed on your device. Users may modify these preferences at any time through the cookie management settings available on our website. Most browsers also offer settings to control, disable, or delete cookies. Please note that disabling certain cookies may affect the availability or functionality of specific features on Intervo.ai. For more detailed information on the specific cookies, we use, their purposes, expiration times, and how to manage them, please refer to our Cookies Policy or contact us at support@intervo.ai.

10. USER RIGHTS

At Codedesign Inc., we are committed to upholding your data protection rights under applicable laws. Users of Intervo.ai are entitled to exercise various rights regarding their personal information, subject to the jurisdiction in which they reside. These rights may include, but are not limited to, the right to access, rectify, erase, restrict, or object to the processing of your personal data. You may also have the right to data portability, to withdraw consent at any time where processing is based on consent, and to not be subject to decisions based solely on automated processing, including profiling, where such decisions produce legal or similarly significant effects. In accordance with the General Data Protection Regulation (GDPR), residents of the European Economic Area (EEA) and the United Kingdom may access and obtain a copy of their personal data, request correction of inaccurate data, and ask for the deletion of data when it is no longer needed or processed unlawfully. California residents, under the California Consumer Privacy Rights Act (CPRA), may request disclosures about the categories and specific pieces of personal data collected, request deletion, opt out of the sale or sharing of personal data, and limit the use of sensitive personal information. Indian users, pursuant to the Digital Personal Data Protection Act (DPDPA), have similar rights including access, correction, erasure, and grievance redressal. Brazil’s LGPD and Canada’s PIPEDA provide comparable protections. To exercise any of these rights, users may submit a verifiable request to support@intervo.ai. We may require additional information to verify your identity before processing your request. Requests will be responded to within the timeframes required by law. Where a request is denied, we will provide an explanation. Please note that some requests may be limited by legal, regulatory, or contractual obligations, or where fulfilling the request would adversely affect the rights of another individual. Additionally, users who have granted consent to processing may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal. If you are dissatisfied with our response, you may lodge a complaint with your local data protection authority or supervisory body, such as the European Data Protection Board, the UK’s ICO, or the relevant state authority in your jurisdiction.

11. EXERCISING YOUR RIGHTS

You may exercise your data protection rights under this Privacy Policy by submitting a written request to us at support@intervo.ai. We are committed to facilitating your rights in a timely, transparent, and legally compliant manner, in accordance with applicable data protection laws including the General Data Protection Regulation (GDPR), the California Consumer Privacy Rights Act (CPRA), the Indian Digital Personal Data Protection Act (DPDPA), and other relevant frameworks. To help us process your request effectively, please include sufficient details to verify your identity and describe the nature of your request. Depending on the type of request and the applicable legal jurisdiction, we may request additional information for verification, particularly where sensitive or high-risk data is involved. Requests that cannot be verified, are repetitive or manifestly unfounded, or conflict with the rights of others may be lawfully denied, in which case we will provide a clear explanation. Upon successful verification, we will take appropriate action in accordance with applicable legal timelines. For example, GDPR requires a response within one month of receipt of the request, while CPRA provides a 45-day timeline. Where allowed, we may extend this period if the request is complex or if we are handling multiple simultaneous requests. You will be notified of any such extension. Requests may include accessing a copy of your personal information, correcting inaccuracies, deleting your data, limiting processing, or requesting portability of your data in a structured, machine-readable format. If you have given consent for specific processing activities, you may withdraw that consent at any time by contacting us, without affecting the lawfulness of prior processing. If you are unsatisfied with how we handle your request, you also have the right to file a complaint with your local data protection authority, such as the European Data Protection Board (EDPB), the UK Information Commissioner’s Office (ICO), the California Privacy Protection Agency (CPPA), or the Data Protection Board of India.

12. DATA SECURITY

At Codedesign Inc., we take the security of your personal information seriously. We implement a comprehensive set of technical, organizational, and administrative safeguards to protect your data against unauthorized access, disclosure, alteration, and destruction. These measures are aligned with globally recognized standards and legal requirements, including the General Data Protection Regulation (GDPR), the Digital Personal Data Protection Act (DPDPA) in India, the California Consumer Privacy Rights Act (CPRA), and security frameworks such as ISO/IEC 27001 and SOC 2. Our infrastructure employs strong encryption protocols for data at rest and in transit, secure authentication mechanisms, network firewalls, access controls based on the principle of least privilege, and routine vulnerability assessments. Sensitive user data such as API keys, authentication credentials, and personal identifiers are encrypted using industry-standard algorithms. We also employ regular security audits, intrusion detection systems, and access logging to monitor and prevent unauthorized activity. Intervo.ai runs on secure cloud environments provided by reputable third-party vendors. These hosting providers are contractually bound to implement robust security practices and are regularly assessed for compliance with data protection standards. Access to your personal data is restricted to only those personnel, contractors, or authorized partners who require such access to provide our services, and all such parties are subject to confidentiality and data processing agreements. Where data is transmitted to sub processors or third-party tools, we ensure that those vendors meet the security and privacy obligations required under applicable laws and our own internal policies. Despite our efforts, no system is completely immune to risks, and we cannot guarantee absolute security. In the unlikely event of a data breach involving your personal data, we will notify you and the appropriate regulatory authorities in accordance with our legal obligations and within legally prescribed timeframes. If you have reason to believe that your interaction with Intervo.ai is no longer secure or you suspect unauthorized activity involving your account, please notify us immediately at support@intervo.ai so we can investigate and take appropriate measures.

13. AI AND AUTOMATED PROCESSING DISCLOSURE

Intervo.ai is designed as an advanced conversational Al platform that leverages artificial intelligence, including large language models (LLMs), to enable automated voice and chat interactions. As part of its core functionality, Intervo.ai uses AI technologies to understand user inputs, generate responses, make recommendations, and facilitate customer engagement without human intervention. These systems may include automated workflows, intent recognition engines, natural language processing modules, and decision-making algorithms that help streamline user onboarding, support, lead qualification, and other communications. Where applicable, and in accordance with Article 22 of the EU General Data Protection Regulation (GDPR) and other international legal frameworks such as the California Consumer Privacy Rights Act (CPRA) and India’s Digital Personal Data Protection Act (DPDPA), we provide transparent notice that certain interactions with Intervo.ai may involve fully automated processing that produces legal or similarly significant effects. However, we do not subject users to decisions solely based on automated processing that have such effects unless we have obtained your explicit consent or such processing is otherwise authorized by law. The Al models used by Intervo.ai, including but not limited to integrations with OpenAI, Claude, Gemini, or other LLM providers, operate based on the input data provided by users and pre-configured workflows. Intervo.ai does not use your personal data to train generalized AI or machine learning models. Where Retrieval-Augmented Generation (RAG) or private knowledge base features are used, your data remains under the control of the deploying party or system administrator. We maintain strict controls to limit access to data processed by Al components, including access logs, usage monitoring, and role-based restrictions. All automated systems are subject to rigorous testing, human oversight, and continuous improvement to ensure fairness, transparency, and alignment with applicable laws and ethical Al principles. If you have concerns about automated decisions or wish to contest or request human intervention in a decision made by the system, you may do so by contacting support@intervo.ai. We will respond to your request in accordance with applicable legal obligations.

14. CHILDREN’S PRIVACY

Intervo.ai is not directed toward, nor intended for use by, individuals under the age of 13 (or the minimum age of digital consent in the applicable jurisdiction, such as 16 under the GDPR in certain EU countries or 18 under India’s DPDPA). We do not knowingly collect, process, or store personal information from children without verifiable parental or guardian consent as required by law. If we become aware that we have inadvertently collected personal data from a child without the required consent, we will take immediate steps to delete such data from our records. Users who are legal guardians or parents and believe that their child has provided personal data through Intervo.ai are encouraged to contact us at support@intervo.ai to request deletion or to exercise other rights on behalf of the child. We strictly adhere to the obligations imposed under applicable child data protection laws, including the Children’s Online Privacy Protection Act (COPPA) in the United States, Article 8 of the General Data Protection Regulation (GDPR) in the European Union, and the Digital Personal Data Protection Act (DPDPA) in India. Intervo.ai does not use or profile children’s data for marketing, training, or Al development purposes. We recommend that parents and legal guardians supervise their children’s internet usage and instruct them never to submit personal data through any online service without explicit permission.

15. OPEN-SOURCE COMMUNITY NOTICE

Intervo.ai is an open-source conversational Al platform developed and maintained by Codedesign Inc. The source code is publicly available and distributed under an applicable open-source license, allowing users and developers to inspect, self-host, contribute to, or extend the platform’s capabilities, subject to the terms of such license. By participating in the Intervo.ai open-source community, you acknowledge and agree to the use of open collaboration mechanisms, which may involve public repositories, issue tracking systems, developer forums, documentation portals, and version-controlled contributions. While the open-source platform itself is provided for public use, any personal information submitted through community channels such as GitHub issues, discussion threads, pull requests, Discord forums, or mailing lists may be visible to other contributors or the general public. Users are strongly advised not to include any sensitive or personally identifiable information in these submissions unless absolutely necessary and done with full awareness of the public nature of such platforms. Codedesign Inc. disclaims any liability arising from the misuse of information voluntarily shared by users within public collaboration environments. Contributions to the codebase are subject to audit and may be moderated or removed if they violate community standards, licensing terms, or applicable laws. By engaging with the Intervo.ai open-source platform, you also agree to abide by our Contributor Code of Conduct and other relevant open-source governance policies. While Intervo.ai may be self-hosted or modified, such deployments are the sole responsibility of the implementing party, including compliance with applicable privacy, data protection, and information security regulations. Where third-party dependencies or models are used within the open-source distribution (e.g., LLM APIs, telephony providers, vector databases), users are responsible for reviewing and complying with their respective privacy and licensing terms. Any data collected or processed by your self-hosted instance of Intervo.ai is under your sole control. Codedesign Inc. and the Intervo.ai maintainers do not access, store, or process such data unless explicitly permitted and authorized in limited cases, such as support, error resolution, or security incident response, and even then, only under secure and lawful conditions.

16. THIRD-PARTY WEBSITES AND LINKS

The Intervo.ai platform and related services may contain links to third-party websites, plugins, integrations, content, or tools that are not owned, operated, or controlled by Codedesign Inc. These third-party websites and platforms, including, but not limited to, external LLM providers (e.g., OpenAI, Anthropic), telephony services (e.g., Twilio), payment processors (e.g., Stripe), analytics providers, or community forums, may independently collect and process your personal information according to their own privacy policies and terms of service. We encourage you to carefully review the privacy practices and terms of any third-party site you interact with through our platform. Your interactions with those services are governed solely by the respective provider’s policies, and Codedesign Inc. accepts no responsibility or liability for the privacy, data handling, or business practices of any third party. In some cases, third-party links or embedded tools may facilitate optional integrations, such as CRM systems, call APIs, or Al model access. While we provide the infrastructure and may offer guidance on integrations, you remain responsible for ensuring that any third-party usage complies with applicable laws and your own data governance requirements. Unless explicitly stated, the inclusion of a third-party link or service on Intervo.ai does not constitute an endorsement, sponsorship, or affiliation by Codedesign Inc. We disclaim any liability for damages or loss that may arise from your access to or use of third-party resources. If you have questions about a specific third-party integration used within Intervo.ai, or wish to know the subprocessors or vendors we use in delivering our services, please contact us at support@intervo.ai or refer to our integrations documentation and trust center.

17. CHANGES TO THIS PRIVACY POLICY

Codedesign Inc. reserves the right to update, revise, or otherwise modify this Privacy Policy at any time to reflect changes in our legal obligations, technology, data practices, or business operations. We are committed to maintaining transparency and will take reasonable steps to inform you of material changes, in accordance with applicable data protection laws. When changes are made, we will revise the “Last Updated” date at the top of the Privacy Policy and, where required by law, provide prominent notice on the Intervo.ai website or communicate directly with you via the email address associated with your account. In the case of substantial or material changes, such as alterations to the scope of data collection, use, or sharing practices, we may request your renewed consent where required by regulations such as the GDPR or DPDPA. We encourage users to review this Privacy Policy periodically to stay informed about our privacy practices and your rights. Your continued use of Intervo.ai and our related services following the publication of changes constitutes your acceptance of those modifications, unless a different form of consent is mandated under applicable law. If you do not agree to the updated terms, you should discontinue your use of the services and contact us at support@intervo.ai to request account closure or exercise your data subject rights.

18. CONTACT INFORMATION

If you have any questions, concerns, complaints, or requests related to this Privacy Policy or the handling of your personal data, you may contact us using the details provided below. We are committed to addressing all privacy-related inquiries in a timely and transparent manner and in accordance with applicable laws such as the GDPR, CPRA, DPDPA, and others.

18.2. Data Protection Contact

Codedesign Inc.
Address: 16192 Coastal Highway, Lewes, DE 19958, County of Sussex, Delaware, USA.
Email: support@intervo.ai
Website: https://intervo.ai

If you are a resident of the European Economic Area (EEA), the United Kingdom, or other jurisdictions with specific privacy rights, you also have the right to lodge a complaint with your local data protection authority. A list of supervisory authorities under the GDPR can be found at: https://edpb.europa.eu/about-edpb/board/members en. Residents of India may approach the Data Protection Board of India in accordance with the provisions of the Digital Personal Data Protection Act, 2023. California residents may also reach out to the California Privacy Protection Agency (CPPA) for enforcement of their CPRA rights. We value your trust and are committed to safeguarding your privacy. If you believe that your data has been handled improperly or wish to escalate a concern, we welcome the opportunity to resolve the issue directly and promptly.

19. SUPPLEMENTAL JURISDICTION-SPECIFIC DISCLOSURES (Optional)

This section provides additional information as required under the laws of specific jurisdictions in which Intervo.ai operates or may be accessed. These disclosures supplement the rest of this Privacy Policy and are provided to ensure transparency and compliance with relevant data protection frameworks.

19.2. California Consumer Privacy Act (CCPA/CPRA) Notice

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with specific rights regarding your personal information. These include:

The right to know the categories and specific pieces of personal data we collect, use, disclose, and sell.
The right to request deletion of your personal data.
The right to opt-out of the sale or sharing of personal information.
The right to correct inaccurate data.
The right to limit the use and disclosure of sensitive personal information.
The right to non-discrimination for exercising your CCPA rights.

Codedesign Inc. does not sell personal information as defined under CCPA/CPRA. You may exercise your rights by contacting support@intervo.ai. If you are located in the European Economic Area (EEA) or the United Kingdom, you are entitled to the following rights under the General Data Protection Regulation (GDPR):

Right of access to your personal data.
Right to rectification and erasure (“right to be forgotten”).
Right to restriction of processing.
Right to data portability.
Right to object to processing.
Right not to be subject to automated decision-making, including profiling.
Right to withdraw consent at any time.

We process your data under legal bases including your consent, contractual necessity, legal obligation, and legitimate interests. Data transfers outside the EEA/UK are safeguarded by Standard Contractual Clauses (SCCs) and other adequacy mechanisms. You may contact your local Data Protection Authority (DPA) or us at support@intervo.ai for assistance.

19.4. India - Digital Personal Data Protection Act (DPDPA) Rights

Under the Digital Personal Data Protection Act, 2023, Indian data principals have the following rights:

Right to access information about personal data processing.
Right to correction, completion, and updating of personal data.
Right to erasure (subject to legal exceptions).
Right of grievance redressal.
Right to nominate an individual to exercise these rights in the event of incapacity or death.

We act as a “Data Fiduciary” under DPDPA and process data lawfully and for legitimate purposes. Personal data is retained only as long as necessary, and user consent is obtained where required. For complaints or requests, contact support@intervo.ai. You may also escalate to the Data Protection Board of India.

19.5. PIPEDA (Canada) Disclosures

If you are a Canadian resident, your personal data is protected under the Personal Information Protection and Electronic Documents Act (PIPEDA). Your rights include:

The right to access your personal information.
The right to correct inaccurate or incomplete information.
The right to withdraw consent.
The right to file a complaint with the Office of the Privacy Commissioner of Canada.

Codedesign Inc. takes all reasonable steps to safeguard your data and ensures cross-border transfers comply with Canadian law. You may contact us at support@intervo.ai with any concerns.

19.6. UAE, Australia, or Other Applicable Laws

If Intervo.ai services are offered in other jurisdictions (such as the United Arab Emirates or Australia), we shall comply with the applicable data protection laws of those regions, including:

The UAE Federal Data Protection Law (Law No. 45 of 2021).
The Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

Users in these jurisdictions may exercise similar rights of access, correction, withdrawal of consent, and complaint by writing to support@intervo.ai. Where required, we will localize data handling and transfer mechanisms to meet region-specific requirements.

Get Started

Workspace

Publishing an Agent

​1. INTRODUCTION

​1.1. Purpose of this Policy

​1.2. Scope and Applicability

​1.3. Identity of the Data Controller

​1.4. Role of Platform Users (Admins, Developers, End Users)

​2. DEFINITIONS

​2.1. “Personal Data” or “Personal Information”

​2.2. “Processing”

​2.3. “Controller”

​2.4. “Processor”

​2.5. “Data Subject”

​2.6. “Intervo Platform” or “Platform”

​2.7. “User”

​2.8. “End User”

​2.9. “Sensitive Personal Data” or “Special Category Data”

​2.10. “Applicable Law”

​2.11. “Cookies”

​2.12. “Open-Source Contribution”

​3. TYPES OF DATA COLLECTED AND HOW

​3.1. Personal Data Collected from Users

​3.2. Automatically Collected Data

​3.3. Data Collected from AI Agents

​3.4. Open-Source Repository Data

​3.5. Third-Party Integrations

​3.6. Children’s Data

​4. LEGAL BASES FOR PROCESSING PERSONAL DATA

​4.1. Overview

​4.2. Consent

​4.3. Contractual Necessity

​4.4. Legal Obligation

​4.5. Legitimate Interests

​4.6. Vital Interests and Public Interest

​4.7. Digital Personal Data Protection Act, 2023 (India)

​4.8. International Transfers

​5. HOW WE USE PERSONAL INFORMATION

​6. DISCLOSURE AND SHARING OF INFORMATION

​7. INTERNATIONAL DATA TRANSFERS

​8. DATA RETENTION POLICY

​9. COOKIES AND TRACKING TECHNOLOGIES

​10. USER RIGHTS

​11. EXERCISING YOUR RIGHTS

​12. DATA SECURITY

​13. AI AND AUTOMATED PROCESSING DISCLOSURE

​14. CHILDREN’S PRIVACY

​15. OPEN-SOURCE COMMUNITY NOTICE

​16. THIRD-PARTY WEBSITES AND LINKS

​17. CHANGES TO THIS PRIVACY POLICY

​18. CONTACT INFORMATION

​18.2. Data Protection Contact

​19. SUPPLEMENTAL JURISDICTION-SPECIFIC DISCLOSURES (Optional)

​19.2. California Consumer Privacy Act (CCPA/CPRA) Notice

​19.3. General Data Protection Regulation (EU GDPR) Notice

​19.4. India - Digital Personal Data Protection Act (DPDPA) Rights

​19.5. PIPEDA (Canada) Disclosures

​19.6. UAE, Australia, or Other Applicable Laws