Privacy Policy

Mecha AI LLC
Website: gomecha.ai
Last Updated: March 9, 2026

1. Introduction

Who We Are

Mecha AI LLC ("Mecha AI," "we," "us," or "our") operates gomecha.ai and provides voice AI automated phone systems and related communication services for businesses. We are a B2B service provider that handles calls and sends text messages on behalf of our business clients.

Purpose of This Policy

This Privacy Policy explains how we collect, use, disclose, and protect information through our services and website. It covers:

  • Visitors to our website at gomecha.ai
  • Individuals who call phone numbers serviced by our voice AI systems
  • Individuals who receive text messages (SMS/MMS) sent through our systems on behalf of our business clients
  • Individuals who submit information through forms on our website or our clients' websites that are connected to our services
  • Our business clients and their authorized users

Your Rights

This policy describes your rights under applicable privacy laws including the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), the Telephone Consumer Protection Act (TCPA), and other applicable state and federal laws.

2. Information We Collect

Information from Website Visitors

When you visit gomecha.ai, we collect:

  • Contact Information: Name, email address, phone number, company name, and other information you provide through forms or inquiries
  • Technical Information: IP address, browser type, device information, operating system, and referring URLs
  • Usage Data: Pages viewed, time spent on pages, links clicked, and other interaction data
  • Cookies and Tracking Data: Information collected through cookies, pixels, and similar technologies (see Section 12)

Information from Website Forms and Opt-In

When you submit a form on our website or a connected client form, we may collect:

  • Your name, phone number, and email address
  • Your company name and service inquiry details
  • Your consent to receive SMS/text messages from us or on behalf of our clients
  • Any other information you voluntarily provide in the form

Information from Voice AI Callers

When you call a phone number serviced by our voice AI system, we collect:

  • Call Recordings and Transcripts: Audio recordings of the entire call and text transcriptions of conversations
  • Personal Information You Provide: This may include your name, phone number, email address, service address, property information, appointment preferences and availability, and details about your service request or inquiry
  • Call Metadata: Caller ID/phone number, call duration, time and date of call, and which client business was called
  • Technical Call Data: Voice characteristics processed during the call, call quality metrics, and system performance data

Information from SMS/Text Messaging

When you receive or respond to text messages sent through our systems, we collect:

  • Message Content: The content of text messages sent and received
  • Phone Number: Your mobile phone number
  • Message Metadata: Time and date of messages, delivery status, and opt-in/opt-out status
  • Consent Records: Records of your consent to receive text messages, including the date, time, and method of consent

Information from Our Business Clients

We collect from our business clients:

  • Business contact information and authorized user details
  • Account and billing information
  • Business configuration preferences and system settings
  • Data from connected systems through API integrations

Information from Third Parties

We may receive information from:

  • Our technology service providers and platform partners
  • Client CRM and business management systems
  • Analytics and advertising partners
  • Payment processors

3. How We Use Information

Service Delivery and Performance

  • Process and respond to calls received through our voice AI systems
  • Send text messages (SMS/MMS) on behalf of our clients, including appointment confirmations, reminders, follow-up messages, and other service-related communications
  • Schedule appointments and handle inquiries on behalf of our clients
  • Provide call recordings, transcripts, message logs, analytics, and reports to our business clients
  • Integrate with client systems including CRM platforms and other business tools
  • Monitor and improve system performance and service quality

Business Operations

  • Provide customer support and respond to inquiries
  • Process billing and payments
  • Communicate with clients about their accounts and our services
  • Conduct internal research and development
  • Train and improve our voice AI models and technology

Marketing and Communications

  • Send promotional materials about our services to individuals who have provided consent
  • Send SMS/text messages to individuals who have opted in to receive marketing messages
  • Conduct market research and analyze industry trends
  • Track the effectiveness of our marketing campaigns

Legal and Security

  • Comply with legal obligations and respond to legal requests
  • Protect against fraud, unauthorized access, and security threats
  • Enforce our terms of service and other agreements
  • Resolve disputes and troubleshoot problems

Legal Bases for Processing

We process personal information based on:

  • Performance of Contract: To provide our services to clients and fulfill our contractual obligations
  • Legitimate Interests: To improve our services, ensure security, and conduct business operations
  • Legal Obligations: To comply with applicable laws and regulations
  • Consent: Where required by law, such as for SMS/text messaging and certain marketing communications

4. SMS/Text Messaging Practices

Consent and Opt-In

We send text messages only to individuals who have provided prior express consent. Consent may be obtained through:

  • Submitting a form on our website or a client's website with an SMS opt-in checkbox
  • Providing verbal consent during a phone call handled by our voice AI system
  • Providing written consent through a client's intake or service agreement process

By opting in, you consent to receive text messages from Mecha AI and/or our business clients, which may include appointment confirmations, service reminders, follow-up messages, and promotional or marketing messages. Message frequency varies. Message and data rates may apply.

Types of Text Messages

We may send the following types of text messages on behalf of ourselves or our clients:

  • Transactional Messages: Appointment confirmations, scheduling reminders, and service-related updates
  • Conversational Messages: Follow-up messages after calls or service inquiries
  • Marketing Messages: Promotional offers, service announcements, and other marketing communications (only with your express written consent)

Opt-Out

You may opt out of receiving text messages at any time by replying STOP to any message. After opting out, you will receive a single confirmation message and no further messages will be sent unless you opt back in. You may also opt out by contacting us at privacy@gomecha.ai.

Help

For help with our text messaging service, reply HELP to any message or contact us at privacy@gomecha.ai.

No Sharing for Third-Party Marketing

We do not sell, rent, or share your phone number or opt-in consent with third parties for their own marketing purposes. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Phone numbers and SMS opt-in data collected for text messaging are used solely to deliver the messages described in this policy. Information may be shared with service providers (such as Twilio) solely for the purpose of delivering text messages on our behalf.

Carriers and Liability

Mecha AI is not liable for delayed or undelivered messages. Carriers are not liable for delayed or undelivered messages. Message delivery is subject to effective transmission from your wireless carrier.

Additional SMS Terms

For complete terms governing our SMS/text messaging program, including program details, message frequency, opt-out instructions, and support information, please see our SMS Terms of Service.

5. How We Share Information

Sharing with Our Business Clients

When you call a phone number serviced by our voice AI system or receive text messages sent on behalf of a client, the applicable business client will receive your call recording, transcript, message history, and any information you share. They become responsible for that data under their own privacy practices.

Third-Party Service Providers

We share information with service providers who perform services on our behalf:

  • AI and Automation Platforms: Retell AI (voice processing and SMS), Twilio (voice and SMS delivery), n8n, Zapier, Make.com (workflow automation)
  • Cloud Infrastructure: Google Cloud and Vercel for hosting and data storage
  • CRM and Marketing: HubSpot for customer relationship management and marketing automation
  • Analytics and Advertising: Meta (Facebook) for advertising, Google Analytics for website analytics, HubSpot for marketing analytics
  • Payment Processors: For processing client payments

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

Legal Requirements and Protection

We may disclose information when we believe it is necessary to:

  • Comply with applicable laws, regulations, court orders, or legal processes
  • Respond to lawful requests from public authorities
  • Enforce our terms of service and other agreements
  • Protect our rights, property, or safety, or that of our clients or others
  • Prevent fraud or security threats

Business Transfers

If Mecha AI is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your information.

With Your Consent

We may share information for other purposes with your consent or at your direction.

What We Don't Do

  • We do not sell personal information to third parties
  • We do not sell, share, or rent phone numbers or SMS opt-in consent to third parties for their marketing purposes
  • We do not use call data for unrelated advertising purposes
  • We do not share information beyond what is necessary for service delivery and legal compliance

6. Voice Data and AI Processing

How Our Voice AI Technology Works

Our voice AI system processes calls in real-time using artificial intelligence technology:

  • Incoming calls are answered by our AI system
  • Voice data is converted to text for processing and analysis
  • The AI generates appropriate responses based on client-configured scripts and parameters
  • Calls are recorded and transcribed for client records and quality purposes
  • Call data may be used to improve our AI models and technology

Voice Biometrics

We do not use voice recordings to create biometric identifiers or voice prints. Voice characteristics are processed only for the immediate purpose of conducting the conversation and are not used for identification or authentication purposes.

AI Training and Model Improvement

Call data collected through our systems may be used to train and improve our AI models. This helps us enhance accuracy, expand capabilities, and provide better service. Data used for training purposes is processed to support our legitimate business interests in improving our technology.

Recording and Consent

Calls processed through our system are recorded. We comply with applicable state and federal laws regarding call recording. In jurisdictions requiring two-party consent, our clients are responsible for obtaining necessary consent from callers or providing appropriate notification.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

General Retention Practices

  • Call recordings and transcripts are retained based on client requirements and our operational needs
  • SMS/text message records and consent logs are retained for the duration of the client relationship and as required by applicable law, including TCPA requirements
  • Client account data is retained for the duration of the business relationship and for a reasonable period thereafter
  • Website and marketing data is retained until no longer needed for business purposes or until consent is withdrawn
  • Legal and compliance records may be retained longer when required by law or for legitimate legal purposes

Deletion and Anonymization

When personal information is no longer needed, we either delete it or anonymize it so that it can no longer identify individuals. Some information may be retained in anonymized form for analytical purposes.

Legal Holds

We may retain information for longer periods when required by law, legal proceedings, investigations, or to enforce our legal rights.

8. Data Security

We implement reasonable and appropriate technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction.

Security Measures

Our security practices include:

  • Encryption of data during transmission and storage
  • Access controls limiting data access to authorized personnel only
  • Regular monitoring for security vulnerabilities and threats
  • Employee training on data protection and security practices
  • Confidentiality obligations for employees and contractors with data access
  • Incident response procedures for addressing potential security breaches

Limitations

While we strive to protect your information, no security system is impenetrable. We cannot guarantee the absolute security of your information. Any transmission of information is at your own risk.

Data Breach Notification

In the event of a data breach that compromises personal information, we will notify affected individuals and relevant authorities as required by applicable law.

9. Your Privacy Rights

Depending on where you live, you may have certain rights regarding your personal information.

Rights Under State Privacy Laws (CCPA, VCDPA, CPA, CTDPA)

If you are a resident of California, Virginia, Colorado, Connecticut, or other states with consumer privacy laws, you may have the following rights:

  • Right to Know: Request information about the personal information we collect, use, and disclose about you
  • Right to Access: Request a copy of the personal information we maintain about you
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (note: we do not sell personal information)
  • Right to Limit: Limit the use of sensitive personal information (where applicable)
  • Right to Non-Discrimination: Exercise your privacy rights without discriminatory treatment

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: privacy@gomecha.ai
Mail: Mecha AI LLC, 6207 Northrop Way, Clarksville, MD 21029

We will respond to your request within 45 days. We may require verification of your identity before processing your request.

Authorized Agents

You may designate an authorized agent to submit requests on your behalf. The authorized agent must provide proof of authorization, and we may still require you to verify your identity directly with us.

Limitations on Rights

Certain rights may be limited by law or business necessity. For example:

  • We may retain information required by law or for legitimate business purposes
  • Client business records may need to be maintained for legal compliance
  • Deletion may not be possible if information is necessary for service delivery or legal obligations

Appeals Process

If we deny your privacy rights request, you may appeal the decision by contacting us at privacy@gomecha.ai with "Privacy Rights Appeal" in the subject line.

10. State-Specific Requirements

Call Recording Laws

Call recording laws vary by state. Some states require all parties to a call to consent to recording (two-party consent states), while others require only one party to consent. Two-party consent states include California, Florida, Pennsylvania, Connecticut, Montana, New Hampshire, Illinois, Maryland, Massachusetts, Michigan, Nevada, and Washington. Our clients are responsible for complying with applicable call recording laws in their jurisdictions and obtaining any necessary consent from callers.

California Residents

Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • We do not sell personal information as defined by California law
  • We do not share personal information for cross-context behavioral advertising
  • We do not process sensitive personal information beyond what is necessary for service delivery
  • The categories of personal information we collect are described in Section 2
  • We retain personal information as described in Section 7

Virginia, Colorado, and Connecticut Residents

Residents of Virginia, Colorado, and Connecticut have rights under their respective state privacy laws as described in Section 9. You may contact us to exercise these rights or appeal a decision regarding your rights request.

Other State Laws

We comply with privacy laws in all states where we operate or serve clients. If you believe your state-specific privacy rights have not been addressed, please contact us at privacy@gomecha.ai.

11. Children's Privacy

Our services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information as soon as possible. If you believe we have collected information from a child under 13, please contact us immediately at privacy@gomecha.ai.

12. Cookies and Tracking Technologies

What Are Cookies

Cookies are small text files placed on your device when you visit our website. They help us recognize your browser, remember your preferences, and understand how you use our site.

Cookies We Use

Essential Cookies: Necessary for the website to function properly, including security and basic functionality.

Analytics Cookies: Help us understand how visitors use our website through services like Google Analytics. This includes information about pages visited, time spent on the site, and navigation paths.

Marketing and Advertising Cookies: Used by Meta (Facebook) and HubSpot to track website visitors for advertising and marketing purposes, including showing you relevant ads on other platforms and measuring campaign effectiveness.

Third-Party Cookies

Our website uses cookies from third-party services including:

  • HubSpot: For marketing automation, CRM functionality, and analytics
  • Meta (Facebook): For advertising pixels and conversion tracking
  • Google Analytics: For website analytics and user behavior tracking

These third parties may collect information about your online activities over time and across different websites.

Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to view and delete cookies, block third-party cookies, block all cookies, and receive warnings before cookies are stored. Note that blocking or deleting cookies may affect your ability to use certain features of our website.

Do Not Track Signals

Our website does not currently respond to "Do Not Track" signals from browsers.

13. Third-Party Links

Our website may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties. This Privacy Policy does not apply to information collected by third parties through their own websites or services. We encourage you to review the privacy policies of any third-party sites you visit before providing them with personal information.

14. Client Responsibilities

For Our Business Clients

Mecha AI acts as a service provider and, in some cases, a data processor for our business clients. Our clients retain certain responsibilities:

  • Client Privacy Policies: Clients must maintain their own privacy policies that govern their collection and use of personal information
  • Caller and Message Recipient Notification: Clients are responsible for providing appropriate notice to callers and text message recipients about our services and how their information will be used
  • SMS Consent: Clients are responsible for ensuring that proper consent has been obtained from individuals before requesting that Mecha AI send text messages on their behalf, in compliance with the TCPA and all applicable state and federal laws
  • Legal Compliance: Clients must comply with all applicable privacy laws, including call recording consent requirements and text messaging consent requirements, in their use of our services
  • Data Controller Responsibilities: For calls and messages processed through our system, clients typically act as the data controller and are responsible for determining how information is used

Data Processing Relationship

We are open to entering into Data Processing Agreements (DPAs) with clients that define the roles, responsibilities, and obligations for handling personal information. Clients may request a DPA by contacting us at privacy@gomecha.ai.

Client Use of Data

Clients receive call recordings, transcripts, message logs, and other data from our system. How clients use, store, and share this data is governed by their own privacy policies and practices. We are not responsible for our clients' handling of data once it has been provided to them.

15. International Data Transfers

Our services are provided from and operate within the United States. Personal information we collect is stored and processed in the United States. If you are accessing our services from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States. By using our services, you consent to this transfer.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You of Changes

When we make changes to this Privacy Policy, we will update the "Last Updated" date at the top of this policy and post the revised policy on our website at gomecha.ai/privacy-policy. Your continued use of our services after changes are posted constitutes your acceptance of the revised policy.

Material Changes

For material changes that significantly affect your rights or how we handle personal information, we will provide prominent notice on our website.

17. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: privacy@gomecha.ai
Mail:
Mecha AI LLC
6207 Northrop Way
Clarksville, MD 21029

We will respond to your inquiry as soon as reasonably possible.

Definitions

  • Personal Information: Information that identifies, relates to, describes, or could reasonably be linked with a particular individual or household.
  • Caller: An individual who calls a phone number serviced by our voice AI system.
  • Client: A business entity that uses our voice AI services to handle calls and/or send messages on their behalf.
  • Processing: Any operation performed on personal information, including collection, storage, use, disclosure, or deletion.
  • Service Provider: A third party that processes personal information on our behalf for business purposes.
  • Data Controller: The entity that determines the purposes and means of processing personal information.
  • Data Processor: The entity that processes personal information on behalf of a data controller.
  • SMS/Text Message: Short message service (SMS) or multimedia messaging service (MMS) communications sent to a mobile phone number.
  • TCPA: The Telephone Consumer Protection Act, a federal law governing telemarketing calls, auto-dialed calls, pre-recorded calls, text messages, and unsolicited faxes.