Olli AI

Privacy Policy

Last updated: May 2026

Olli AI("we," "our," or "us") operates the Olli AI platform and website located at https://getolliai.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our software-as-a-service ("SaaS") platform.

1. Information We Collect

Personal Information

When you create an account or use our services, we may collect:

  • Name, email address, and phone number
  • Company or organization name
  • Billing and payment information
  • Profile information and preferences

Usage Data

We automatically collect information about how you interact with our platform:

  • Log data (IP address, browser type, pages visited, timestamps)
  • Device information (operating system, device identifiers)
  • Feature usage patterns and interaction data
  • Performance metrics and error reports

Customer Data

Our platform processes data you input, including contacts, patient records, messages, appointments, and other business data ("Customer Data"). You retain full ownership of your Customer Data.

2. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve our platform and services
  • Process transactions and send related notifications
  • Send administrative information, updates, and security alerts
  • Respond to your inquiries and provide customer support
  • Monitor and analyze usage trends to improve user experience
  • Detect, prevent, and address technical issues and fraud
  • Comply with legal obligations and enforce our terms

3. Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect and store information about your interactions with our platform. These include:

  • Essential cookies: Required for core platform functionality, authentication, and security.
  • Analytics cookies: Help us understand how visitors interact with our website and platform.
  • Preference cookies: Remember your settings and preferences for a personalized experience.

You can control cookie preferences through your browser settings. Disabling certain cookies may limit your ability to use some features.

4. Third-Party Services

We may share information with trusted third-party service providers who assist us in operating our platform:

  • Cloud hosting: For secure data storage and infrastructure.
  • Payment processors: To handle billing and subscription payments securely.
  • Communication APIs: Including WhatsApp Business API and telephony providers for messaging and voice services.
  • Analytics providers: To understand platform usage and performance.
  • AI and machine learning services: To power features such as voice agents and intelligent automation.

These providers are contractually obligated to protect your data and may only use it for the specific purposes we direct.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security audits and vulnerability assessments
  • Role-based access controls and authentication
  • Secure cloud infrastructure with redundancy and backups

While we strive to use commercially acceptable means to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We may retain certain information as required by law, to resolve disputes, or to enforce our agreements. Customer Data is retained for the duration of your subscription and deleted within 90 days of account termination unless otherwise required by law.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal obligations.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to processing of your data for certain purposes.
  • Withdrawal of consent: Withdraw consent where processing is based on your consent.

To exercise any of these rights, please contact us at the address below.

8. Healthcare Data and HIPAA Posture

Olli AI is a HIPAA-conscious platform built primarily for healthcare organizations such as clinics, hospitals, and practitioners. We treat patient information with elevated care:

  • Protected Health Information (PHI)— such as patient diagnoses, treatment plans, medical history, lab reports, prescriptions, and clinical notes — is processed exclusively on our HIPAA-conscious infrastructure (encrypted at rest and in transit, access-controlled, audit-logged).
  • PHI is NEVER transmitted to Meta APIs (Facebook, Instagram, WhatsApp Business), Google APIs, or any third-party advertising or social platform as part of our advertising, lead capture, or messaging integrations.
  • Lead data captured from advertising forms (Meta Lead Ads, Google Lead Form Extensions) is limited to non-PHI contact fields the user explicitly submits at form-fill time — typically name, email, phone, and optional address / city / interest area — and is collected with that user's consent on the submission form.
  • Any conversation data captured from social messaging (Messenger DMs, Instagram Direct, WhatsApp) is retained for conversation history and quality purposes only, on Olli AI infrastructure, never on Meta's platforms beyond the standard message-storage they themselves operate.
  • Healthcare clinics using Olli AI remain the data controllers for their patient records; Olli AI acts as the data processor under our service terms. We will sign Business Associate Agreements (BAAs) with US-based covered entities on request.

9. Communication Platforms and Automated / AI-Powered Responses

Olli AI integrates with third-party communication platforms including Meta (Facebook, Instagram, WhatsApp Business), Google, and telephony providers (Twilio, Exotel) to help our customers (the clinics) communicate with their leads and patients. When you interact with a clinic using Olli AI through one of these channels, the following applies:

  • Automated and AI-powered responses.The clinic's account on Olli AI may use automated systems and artificial intelligence (large language models, speech recognition, voice synthesis) to respond to your inbound comments, direct messages, voice calls, and form submissions on the clinic's Facebook Page, Instagram account, WhatsApp number, or website. Automated responses are clearly identified as such on first contact within a session, and a human team member from the clinic remains available on request.
  • Opt-out from automated messaging. You may opt out of automated responses at any time by replying with"STOP", "UNSUBSCRIBE", "HUMAN", or "AGENT" in any conversation. After opt-out, automated systems will not message you further; a human staff member from the clinic will pick up the conversation.
  • Conversation retention.Conversations are stored for up to 90 days for quality, training, and audit purposes, and may be reviewed by Olli AI engineers or the clinic's authorized staff. You may request earlier deletion of your conversation data via the Data Deletion process below.
  • Click-to-WhatsApp ads.If you click a Click-to-WhatsApp advertisement, your phone number, the ad identifier, and the message body are received by the clinic via Olli AI's WhatsApp Business integration so the clinic can follow up. The Meta-issued ctwa_clid click identifier may be retained for advertising attribution purposes.
  • Data flow to Meta / Google. Communicating through these platforms means your message metadata (sender id, timestamp, delivery status) is processed by the underlying platform under their own privacy policies. Olli AI does not transmit additional personal information to those platforms beyond what is required to send and receive your messages.

10. Data Deletion

You may request deletion of your personal data held by Olli AI at any time. We process deletion requests within 30 days of receipt, in line with our service obligations and applicable law.

  • How to request deletion: visit https://getolliai.com/data-deletion and submit the form with your email or phone number, or email us at sales@docplix.comwith the subject line "Data Deletion Request".
  • Confirmation: you will receive a confirmation code immediately and a status URL where you can check progress. We will email you when deletion is complete.
  • Meta-initiated deletion: if you revoke our app on your Facebook or Instagram account, Meta sends us a signed deletion callback. We treat that callback the same as a direct request and complete deletion within 30 days.
  • What is retained: some records may be retained for legal, regulatory, or audit obligations (e.g. financial transaction records, security logs). Such records are segregated from active customer data and access-restricted.

11. Children's Privacy

Our platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the platform after changes are posted constitutes your acceptance of the revised policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: sales@docplix.com

Website: https://getolliai.com