top of page

Repify AI Privacy Notice

Effective Date: April 1, 2026

Who we are

Behold Business Intelligence, Inc. (an Oklahoma corporation) doing business as Repify AI ("Repify," "we," "our," or "us") provides cloud software that helps distributors and other field-sales teams manage targets and incentives. This Privacy Notice explains how we collect, use, share, and protect information when a Customer (your company) or its authorized users access our websites, app, and related services (collectively, the "Service").

Scope

This Notice covers business contact data and Customer Data (photos, files, text, and other content you upload) that we process in the United States for Customers located in the U.S. and Canada. It does not apply to any websites or services we do not control. If you are located outside the U.S. and Canada but use our Service, this Notice still applies, and your data will be processed in the United States under the same protections described here.

Information we collect

 

Account & Contact Data:

  • Includes: Company name, billing address, contact person, work email, phone

  • Source: Provided by Customer

Payment Data:

  • Includes: Credit-card number and security code are collected and processed by our PCI-compliant payment processor; we store only tokenized IDs and the last four digits.

  • Source: Customer / Processor

Customer Data:

  • Includes: Photos, files, transaction records, text descriptions, and any other content a user uploads.

  • Source: Customer

Usage & Device Data:

  • Includes: Log files, IP address, browser type, device IDs, time stamps, pages viewed, and in-app actions.

  • Source: Automatic

Support & Comms:

  • Includes: Messages, tickets, survey responses, or emails you send us.

  • Source: Customer

 

We do not intentionally collect information from anyone under 18.

How we use information

We process information to:

Provide & secure the Service — create accounts, authenticate users, process transactions, and prevent fraud or abuse.

Operate & improve Repify AI — monitor performance, debug, and develop new features.

Train machine-learning models — We use Customer Data in aggregated and de-identified form to develop, train, and improve Repify's machine-learning models, algorithms, and analytics. "De-identified" means data processed to remove direct identifiers (such as company names, individual names, specific addresses) and aggregated such that individual customers or persons cannot reasonably be re-identified from the processed data. This helps us improve features like sales pattern recognition, performance analytics, and predictive insights for all users. You may opt out of ML training use by contacting privacy@repifyai.com, though this may limit certain Service features such as personalized recommendations and advanced analytics.

Communicate with you — send transactional notices (account, billing, updates) and respond to requests. We send marketing emails only with your consent or as otherwise allowed by law, and you may opt out anytime.

Comply with law — satisfy legal or accounting obligations, enforce our Terms, or defend against legal claims.

Legal bases: For Canadian Customers we rely on consent and performance of a contract under PIPEDA. For U.S. Customers we rely on legitimate business interests and contractual necessity.

How we share information

We never sell or rent Customer Data. We share it only:

• With service providers (e.g., cloud hosting, payment processing, analytics, customer-support tools) under confidentiality obligations and only to operate the Service;
• If required by law or to protect rights (court orders, subpoenas, or emergencies);
• In a business transfer (merger, acquisition, or asset sale) with reasonable notice;
• With your consent or at your direction.

Our primary service providers include cloud hosting (Amazon Web Services), payment processing (Stripe), email services (Google), and customer support tools (Hubspot). A current list of our key data processors is available upon request at privacy@repifyai.com.

Aggregated or anonymized information that cannot reasonably identify a company or individual may be shared publicly (e.g., trend reports) or with partners.

Security

We maintain administrative, technical, and physical safeguards aligned with industry standards. Despite these efforts, no method of transmission or storage is 100% secure. We will notify affected Customers of a data breach involving personal information within 72 hours of discovery when required by applicable U.S. state laws and Canada's PIPEDA, or sooner when the breach poses significant risk. Notifications will be sent via email to the primary account contact and may include details about the incident, affected data types, and recommended protective actions.

Data retention & deletion

We retain different types of information for varying periods based on business and legal requirements:

• Customer Data (photos, files, transaction records): Retained while your account is active, plus 30 days after termination to allow data recovery, then deleted from production systems. Backup systems retain data for up to 90 days for disaster recovery purposes.

• Account & Contact Data: Retained while your account is active, plus 3 years after termination for accounting, tax, and legal compliance purposes.

• Usage & Device Data (logs, analytics): Retained for 2 years to support Service improvement, security monitoring, and troubleshooting.

• Support Communications: Retained for 3 years to maintain support history and improve our service quality.

• Payment Data: Tokenized payment information retained for 7 years to comply with financial record-keeping requirements; actual card details are never stored by us.

• Marketing Communications: Retained until you opt out or we determine they're no longer needed for legitimate business purposes.

Upon account termination or written deletion request, we will delete Customer Data from production systems within 30 days and provide written confirmation, except where retention is required by law. Aggregated or de-identified data used for analytics or model training may be kept indefinitely as it cannot be connected to identifiable customers or individuals.

Your choices & rights

Access & correction. Administrators can review, edit, or delete Account & Contact Data through the dashboard or by emailing privacy@repifyai.com.

Opt-out of marketing. Click the unsubscribe link in any marketing email or adjust preferences in your account.

California & Virginia (if applicable). If the California Consumer Privacy Act (CCPA/CPRA) or Virginia Consumer Data Protection Act applies to your business contact data, you may have the rights to know, delete, correct, or opt out of sale/share. Submit requests to privacy@repifyai.com.

Canada. Under PIPEDA you may request access to, or correction of, personal information we hold about you, or file a complaint with the Office of the Privacy Commissioner of Canada.

Data Portability: You may request a copy of your Customer Data in a commonly used electronic format by contacting privacy@repifyai.com. We will provide the data within 30 days of verification of your identity and authority.

Processing Restrictions: You may request that we limit our processing of your personal information in certain circumstances, such as when you contest the accuracy of the data or object to processing.

International data transfers

The Service is hosted in the United States. By using the Service, Canadian Customers acknowledge and consent that their information will be transferred to, stored, and processed in the U.S., where laws may differ from those in Canada.

Cookies & similar tech

We use the following types of cookies and similar technologies:

• Essential Cookies: Required for login sessions, security, and core Service functionality. These cannot be disabled without affecting Service operation.
• Analytics Cookies: Used with Google Analytics and similar tools to understand usage patterns and improve our Service. You can opt out via browser settings or by visiting the Google Analytics opt-out page.
• Preference Cookies: Remember your settings and preferences to enhance your experience.

You can control cookies through your browser settings or use tools like the Digital Advertising Alliance's opt-out page. However, disabling essential cookies will prevent you from using the Service. We do not use cookies for targeted advertising or cross-site tracking.

Changes to this Notice

We will post any material changes here and provide at least 30 days' advance notice (email or in-app) before they take effect. Continued use of the Service after the effective date constitutes acceptance.

Automated Decision-Making

Our Service uses automated processing and machine learning to provide features such as performance analytics, sales forecasting, and personalized recommendations. These automated systems do not make decisions that significantly affect your legal rights or have similarly significant impacts. If our automated processing practices change to include such decision-making, we will update this Notice and provide appropriate safeguards including the right to human review.

Contact us

Behold Business Intelligence, Inc. (d/b/a Repify AI)
Attn: Privacy Officer
6608 N Western Avenue #1663
Oklahoma City, OK 73116
United States

Email: privacy@repifyai.com
Phone: 405-451-2099

Privacy Request Form: For formal privacy requests, please email privacy@repifyai.com with "Privacy Request" in the subject line.

If you are located in Canada and have an unresolved privacy concern, you may contact the Office of the Privacy Commissioner of Canada.

bottom of page