Privacy Policy & Data Processing Addendum

1. Introduction and Scope

This Privacy Policy (“Policy”) is published by AXARA LLC, a limited liability company organized under the laws of the State of New Mexico, United States of America (“AXARA,” “we,” “us,” or “our”), operating the QuietOps service brand.

This Policy governs the collection, processing, storage, transfer, and deletion of personal data in connection with AXARA’s provision of AI agent deployment services, including AI voice agents, AI website chat agents, CRM integrations, lead qualification systems, automated messaging workflows, and related professional services (collectively, the “Services”).

This Policy applies to: (a) visitors to quietops.org (the “Website”); (b) prospective and current clients who engage AXARA for Services; (c) end users and third parties whose personal data is processed through AXARA-deployed AI systems on behalf of clients; and (d) any individual whose data AXARA processes in the course of its business operations.

AXARA is committed to compliance with applicable data protection laws including, without limitation, the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA/CPRA”), and other applicable state and federal privacy laws.

2. Identity and Contact Details of the Data Controller

For personal data collected directly through the Website and in the context of client relationship management, AXARA LLC acts as the data controller.

For personal data processed through AI agent systems deployed on behalf of clients, AXARA LLC acts as a data processor acting under the documented instructions of the client, who is the data controller.

3. Categories of Personal Data Collected

Website Visitors. IP addresses, browser type, device identifiers, referring URLs, pages viewed, session duration, and cookie identifiers collected via server logs and analytics technologies.

Prospective and Current Clients. Full name, business email address, telephone number, job title, company name, billing and payment information, and communications records.

End Users of Deployed AI Systems. Voice recordings and transcripts, conversational inputs and outputs, contact information submitted by end users, inquiry data, CRM data fields, and any other personal data submitted through the AI agent interface.

Voice and Audio Data. AI voice agents may record, transcribe, and analyze telephone and voice conversations. AXARA does not perform biometric identification, biometric authentication, or biometric profiling of any individual in connection with the Services.

AXARA does not intentionally collect sensitive categories of personal data as defined under GDPR Article 9 unless expressly required under a specific client agreement and subject to appropriate safeguards.

4. Purposes and Legal Bases for Processing

AXARA processes personal data for the following purposes: (a) provision and delivery of the Services; (b) client relationship management and communications; (c) billing and payment processing; (d) compliance with legal obligations; (e) improvement and development of the Services; (f) fraud prevention and security; (g) marketing and business development, subject to applicable consent requirements.

Under the GDPR, the legal bases for processing include: performance of a contract (Article 6(1)(b)); legitimate interests of AXARA (Article 6(1)(f)); compliance with legal obligations (Article 6(1)(c)); and consent where specifically obtained (Article 6(1)(a)).

5. Data Retention

Personal data is retained for the duration necessary to fulfil the purposes for which it was collected and to comply with legal, regulatory, and contractual obligations. Client data and associated AI agent data are retained for the duration of the service agreement plus a period of twelve (12) months following termination, unless a longer retention period is required by applicable law or specifically agreed in writing.

6. Data Subject Rights

Individuals located in the European Economic Area, the United Kingdom, or other applicable jurisdictions have the right to: access their personal data; rectify inaccurate data; request erasure; restrict processing; data portability; object to processing based on legitimate interests; and withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Requests may be submitted to contact@quietops.org. AXARA will respond within the timeframes required by applicable law.

7. International Data Transfers

AXARA is based in the United States. Where personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland to the United States or other third countries, AXARA ensures that appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission and/or other lawful transfer mechanisms.

8. Security

AXARA implements appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures are reviewed and updated regularly in light of current technologies, the cost of implementation, and the nature and sensitivity of the data processed.

9. Subprocessors

AXARA may engage third-party subprocessors to assist in the delivery of the Services. A list of current subprocessors is available upon request. AXARA ensures that all subprocessors are bound by data processing agreements that impose obligations equivalent to those set out in this Policy.

10. Changes to This Policy

AXARA reserves the right to update this Policy at any time. Material changes will be communicated through the Website or via direct notification to affected parties. The “Last Updated” date at the top of this Policy reflects the date of the most recent revision.

Data Processing Addendum

AXARA LLC offers a standalone Data Processing Addendum (“DPA”) to all clients in accordance with the requirements of the GDPR. The DPA governs the processing of personal data by AXARA as a data processor on behalf of the client as data controller, and includes: the subject matter and scope of processing; obligations of the processor; data subject rights assistance; security measures; subprocessor management; audit rights; and data return or deletion upon termination.

To request a copy of the DPA or to execute the DPA as part of a service engagement, contact contact@quietops.org.

© 2026 AXARA LLC · QuietOps · New Mexico, USA