Otto AI Privacy Policy

Otto AI Privacy Policy

Last updated: September 10, 2025

1. Information We Collect

We collect the following categories of information when you use our Services: personal details (name, email, phone, business info), financial information (bank data, invoices, receipts, contracts, tax docs), communications (messages, support chats, call recordings), technical data (device identifiers, IP, cookies), and social logins (e.g., Google, Stripe).

2. How We Process Your Information

We use your information to provide, personalize, and improve the Services; process financial transactions; enable AI-powered features; provide support; and comply with legal obligations. We may also use de-identified or aggregated data to improve AI models, generate benchmarks, or publish product insights.

3. AI Accountability

Otto AI uses artificial intelligence to enhance your workflows.

  • Explainability: You can request an explanation of why a transaction was categorized in a certain way.
  • User control: You may opt out of having your data included in any future AI training by emailing privacy@joinotto.com.
  • Limitations: AI outputs are advisory only and should not replace certified financial, tax, or legal advice.
  • Human oversight: No human review occurs unless explicitly requested or required by law.

4. Cookies & Tracking

We use cookies and similar technologies for site performance and analytics. Otto AI does not use your data for third-party advertising or behavioral retargeting. You can manage preferences through our Cookie Preference Center [insert link].

5. Data Retention & Deletion

We retain your data only as long as necessary:

  • Financial records: 7 years (tax/accounting compliance).
  • Support communications: 24 months.
  • Inactive accounts: deleted or anonymized after 3 years.

You may request deletion by emailing privacy@joinotto.com. Verified requests are fulfilled within 30 days unless retention is required by law.

6. Data Security

We protect your data with encryption (TLS 1.2+ in transit, AES-256 at rest), role-based access controls, monitoring, and audit logging. Independent audits are in progress, including SOC 2 Type II. Payments are handled by PCI-DSS–compliant providers; Otto AI does not store raw payment card details.

7. Customer Support Access

Authorized Otto AI personnel may access your data for troubleshooting or compliance. Access is role-based, logged, and bound by confidentiality agreements.

8. Where Is Your Data Stored?

Your data is primarily stored in the United States. Our cloud providers may replicate data across regions for resilience. International transfers are safeguarded by Standard Contractual Clauses (SCCs) or equivalent mechanisms.

9. Subprocessors & Vendors

We engage trusted service providers for hosting, analytics, AI, and payments. A current list is available at: [insert link].

10. Sharing of Information

We share information with subprocessors, to comply with law, in mergers/acquisitions, or with your consent.

11. Children’s Data

Services are not directed to children under 13 (or 16 in some regions). If we learn we have collected such data, we delete it promptly.

12. Your Privacy Rights

Depending on where you live, you may have rights to access, correct, delete, and port your data; opt out of automated decision-making; and appeal denied requests. We honor GDPR, CCPA/CPRA, and other state laws (Virginia, Colorado, Connecticut).

13. Incident Response & Breach Notification

If a breach impacts your data, we will notify you promptly and in accordance with applicable law.

14. Business Continuity & Account Closure

If Otto AI ceases operations, merges, or is acquired, your data will be transferred only under terms consistent with this policy. You will be notified and may export your data. Unless required by law, we delete data within 90 days of closure.

15. Regulatory Compliance

We retain tax-related records per IRS requirements, apply safeguards consistent with GLBA, and comply with relevant U.S. state privacy laws.

16. Changes to This Policy

We may update this policy from time to time. Material changes will be notified via Services or email.

17. Contact Us

If you have questions, contact us at:
Otto AI
Email: privacy@joinotto.com