Privacy Policy
How SuperMIA collects, uses, and protects your data
Last updated: March 15, 2026
1. Introduction
SuperMIA ("we", "us", or "our") is a product of Botfinity Inc. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website supermia.ai, use our AI voice and chat agent platform, or interact with us in any capacity.
By using our services you consent to the practices described in this policy. If you do not agree, please discontinue use of our services.
2. Information We Collect
2.1 Information You Provide
- •Account & Contact Data: Name, email address, company name, phone number, and job title when you sign up, request a demo, or contact us.
- •Payment Information: Billing address and payment card details processed securely through Stripe. We do not store full card numbers.
- •Communications: Content of messages you send through our contact form, support channels, or email.
- •User Content: Data, documents, and knowledge-base files you upload to configure your AI agents.
2.2 Information Collected Automatically
- •Usage Data: Pages visited, features used, session duration, click-stream data, and referring URLs.
- •Device & Browser Data: IP address, browser type, operating system, device identifiers, and screen resolution.
- •Cookies & Tracking: We use cookies and similar technologies as described in our Cookie Policy.
2.3 Information from Third Parties
- •Analytics providers (e.g., Google Analytics)
- •Advertising partners
- •CRM and marketing platforms (e.g., HubSpot)
3. How We Use Your Information
Provide, operate, and maintain our AI platform and services.
Process transactions and send billing-related communications.
Respond to inquiries, support tickets, and customer service requests.
Send promotional communications (with your consent). You can opt out at any time.
Improve our website, products, and user experience through analytics.
Detect, prevent, and address fraud, security issues, and technical problems.
Comply with legal obligations and enforce our terms.
4. Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), we process your data under the following legal bases:
Consent
Where you have given explicit consent (e.g., marketing emails, cookies).
Contract
To perform our contractual obligations to you.
Legitimate Interest
For analytics, fraud prevention, and improving our services.
Legal Obligation
When required by applicable law.
5. Data Sharing & Disclosure
We do not sell your personal information.
We may share data with:
- •Service Providers: Cloud hosting (AWS), payment processing (Stripe), analytics, and CRM providers who process data on our behalf under strict confidentiality agreements.
- •Legal Requirements: When required by law, subpoena, or governmental request.
- •Business Transfers: In connection with a merger, acquisition, or sale of assets.
- •With Your Consent: When you explicitly authorise sharing.
6. Data Retention
We retain personal information for as long as your account is active or as needed to provide services. Upon account deletion, we remove or anonymize data within 90 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, tax records).
7. Data Security
We employ industry-standard security measures to protect your data:
TLS/SSL encryption in transit
AES-256 encryption at rest
Role-based access controls
Regular vulnerability assessments
SOC 2 Type II certified infrastructure
Continuous security monitoring
While no method of transmission over the internet is completely secure, we strive to protect your data using commercially acceptable means.
8. Your Rights
Depending on your location, you may have the following rights:
Access
Request a copy of the personal data we hold about you.
Correction
Request correction of inaccurate or incomplete data.
Deletion
Request deletion of your personal data ("right to be forgotten").
Portability
Receive your data in a structured, machine-readable format.
Objection
Object to processing based on legitimate interest.
Restrict Processing
Request limitation of processing in certain circumstances.
Withdraw Consent
Withdraw previously given consent at any time.
To exercise any of these rights, contact us at hello@supermia.ai. We will respond within 30 days.
9. International Data Transfers
Your data may be transferred to and processed in the United States or other countries. We ensure adequate protection through Standard Contractual Clauses (SCCs) and other approved transfer mechanisms.
10. Children's Privacy
Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.
11. Third-Party Links
Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised "Last updated" date. Continued use of our services constitutes acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy, please contact us:
Email: hello@supermia.ai
Address: Botfinity Inc., 2451 W Grapevine Mills Cir #547, Grapevine, TX 76051, US