Privacy Policy | Korva Digital Marketing

1.Overview

Korva Digital Marketing ("we," "us," or "our") is a digital marketing agency based in East Wenatchee, WA, providing AI voice agents, AI chatbots, marketing automation, and related digital marketing services to local and regional businesses.

This Privacy Policy explains how we collect, use, store, and protect information about:

Our clients — businesses that engage our services.
End users — individuals who interact with AI tools or systems we deploy on behalf of our clients.
Website visitors — anyone who visits www.korvadigitalmarketing.com.

By using our website or services you agree to the terms of this policy. If you do not agree, please discontinue use of our services.

2.Data We Collect

From clients and prospects we may collect:

Name, business name, email address, and phone number
Business information (industry, size, goals)
Payment information processed securely through Stripe
Communication history (emails, messages, call notes)
Service performance data and campaign analytics

From end users interacting with AI systems we deploy on behalf of clients:

Name and phone number (when provided during an interaction)
Call recordings and transcripts
Chat messages and conversation history
Appointment and scheduling information

Automatically from website visitors:

IP address, browser type, and device information
Pages visited, time on page, and referral source
Cookie data and analytics identifiers

3.How We Use Your Data

We use the information we collect to:

Provide, operate, and improve our services
Communicate with clients about projects, updates, and billing
Process payments through Stripe
Send appointment reminders and service notifications
Analyze website and campaign performance
Comply with legal obligations
Respond to inquiries and support requests

We do not sell your personal information to third parties.

4.AI-Specific Data Use

Our services use artificial intelligence tools to power voice agents and chatbots. When an end user interacts with these systems:

Conversation content may be processed by third-party AI providers in real time to generate responses.
We do not use client or end-user conversation data to train our own AI models.
Call and chat data is used solely to deliver and improve the contracted service for our clients.

Our AI voice and chatbot services are powered through third-party AI service providers. Your input, output, and relevant personal information may be shared with and processed by these providers solely to deliver the contracted service. You must not use our AI-powered services in any way that violates the terms or policies of any AI service provider. Each provider's data use is governed by their own privacy policy. We select providers that, as of the time of engagement, do not use API-submitted data for model training by default.

If you are an end user who interacted with an AI agent deployed by one of our clients and have questions about how your data was used, please contact us at [email protected].

5.Third-Party Services

We share data with the following trusted third-party platforms only as necessary to deliver our services:

GoHighLevel — CRM, automation, and data hosting platform. Data is stored and processed within GoHighLevel's infrastructure. See their Privacy Policy.
Twilio — Voice and SMS communication infrastructure. See their Privacy Policy.
AI Service Providers — AI processing for voice agents and chatbots. Each provider's privacy policy governs their data use.
Google Analytics — Website traffic and behavior analytics. See Google's Privacy Policy.
Stripe — Secure payment processing. We do not store full payment card details. See Stripe's Privacy Policy.

We only share the minimum information required for each service to function. All third-party providers are contractually required to protect your data.

We may also share or transfer your personal information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

6.Call Recordings & Transcripts

As part of our AI voice agent services, calls may be recorded and transcribed. The following applies:

Callers are notified of recording at the start of each call where required by law.
Recordings and transcripts are stored within GoHighLevel's secure platform.
Access is limited to authorized Korva Digital Marketing personnel and the applicable client.
Recordings are retained for the period specified in the client's service agreement, and deleted upon expiration or written request.
Recordings are never sold or shared with unauthorized third parties.

7.SMS Communications

We send SMS messages to clients and, on behalf of clients, to their customers. All messaging complies with the Telephone Consumer Protection Act (TCPA) and carrier requirements.

Opt-in: Recipients provide explicit written consent before receiving SMS messages, through intake forms, service agreements, or text-to-join.
Message frequency: Typically 2–4 messages per month unless otherwise agreed.
Opt-out: Reply STOP to any message at any time. You will receive one confirmation, then no further messages.
Help: Reply HELP or email [email protected].
Message and data rates may apply. Carriers are not liable for delayed or undelivered messages.
Phone numbers collected for SMS are never sold or shared with third parties outside of our service delivery partners (Twilio, GoHighLevel).

Mobile Data Sharing: No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Information sharing to subcontractors in support of service delivery, such as customer service, is permitted. All other use case categories exclude text messaging originator opt-in data and consent; this information will not be shared with third parties.

8.Cookies & Analytics

Our website uses cookies and similar tracking technologies to understand how visitors interact with our site.

Essential cookies: Required for basic site functionality.
Analytics cookies: Google Analytics tracks page views, session duration, traffic sources, and similar metrics. This data is aggregated and anonymized.

You can control or disable cookies through your browser settings. Disabling cookies may limit some website functionality. To opt out of Google Analytics tracking, you may install the Google Analytics Opt-out Browser Add-on.

9.Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy:

Active client data: Retained for the duration of the service agreement plus 2 years.
Contact and lead records: Retained indefinitely for ongoing business purposes, unless a deletion request is submitted.
Call recordings and transcripts: Retained per client agreement; default is 12 months unless otherwise specified.
Website analytics: Retained for up to 26 months per Google Analytics defaults.
Payment records: Retained for 7 years to comply with financial and tax regulations.
SMS opt-out records: Retained indefinitely to honor opt-out requests.

Upon expiration of the applicable retention period, data is securely deleted or anonymized.

10.Data Security

We implement reasonable technical and organizational safeguards to protect your information, including:

Encrypted data transmission (HTTPS/TLS) across all platforms
Access controls limiting data to authorized personnel only
Reliance on SOC 2-compliant platforms (GoHighLevel, Stripe, Twilio) for data storage and processing
Regular review of security practices as our services evolve

No method of transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your information using industry-standard practices.

11.Your Rights

Depending on your location and applicable law (including CCPA for California residents, GDPR for EU/UK residents, and Oregon state privacy law), you may have the right to:

Access — Request a copy of the personal data we hold about you.
Correction — Request correction of inaccurate or incomplete data.
Deletion — Request deletion of your personal data, subject to legal retention requirements.
Portability — Request your data in a commonly used machine-readable format.
Opt-out of marketing — Unsubscribe from marketing emails or SMS at any time.
Non-discrimination — We will not discriminate against you for exercising any privacy rights.
Oregon residents — You have the additional right to obtain a list of specific third parties to whom we have disclosed your personal data.

To exercise any of these rights, email us at [email protected] with your full name and a description of your request. We will respond within 30 days.

If we decline to take action regarding your request, you may appeal our decision by emailing [email protected]. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decision. If your appeal is denied, you may submit a complaint to your state attorney general.

12.Children's Privacy

Our services are directed exclusively at businesses and adults aged 18 and older. We do not knowingly collect personal information from individuals under the age of 13. If you believe a minor has submitted information to us, please contact us immediately at [email protected] and we will promptly delete it.

13.Data Breach Notification

In the event of a data breach that affects your personal information, we will:

Notify affected individuals within 72 hours of becoming aware of the breach, where required by applicable law.
Notify relevant regulatory authorities as required.
Provide clear information about what data was affected and steps being taken to address the breach.
Offer guidance on protective measures you can take.

Breach notifications will be sent to the email address associated with your account or via written notice where required.

14.International Data Transfers

Korva Digital Marketing is based in the United States. If you are accessing our services from outside the U.S., please be aware that your data may be transferred to, stored, and processed in the United States. By using our services you consent to this transfer. We take steps to ensure appropriate safeguards are in place through our platform partners.

15.Do-Not-Track

Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature you can activate to signal your preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.

16.Policy Changes

We may update this Privacy Policy periodically to reflect changes in our services, legal obligations, or industry practices. When we do, we will update the "Last Updated" date at the top of this page. For significant changes, we will notify active clients by email. Continued use of our services after the effective date of any update constitutes acceptance of the revised policy.

17.Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Korva Digital Marketing
Email: [email protected]
Website: www.korvadigitalmarketing.com

We aim to respond to all privacy-related inquiries within 5 business days.