Privacy Policy

Last Updated: April 11, 2026

Ojo AI, Inc. (“Ojo AI,” “we,” “us,” or “our”) provides AI-enabled video monitoring, alerting, audio deterrence, analytics, and related software and services, including our website located at ojoai.us, our dashboards, applications, integrations, communications, and related services (collectively, the “Services”).

This Privacy Policy explains how we collect, use, disclose, retain, and otherwise process personal information in connection with the Services.

1. Scope and Important Roles

This Privacy Policy applies to personal information processed by Ojo AI when:

  • you visit our website or interact with our marketing pages;

  • you request a demo, sign up for updates, contact us, or communicate with us;

  • you create, administer, or use an Ojo AI account;

  • you use or access our Services as a customer, customer user, partner, vendor, or other business contact; or

  • personal information is processed through customer-configured use of the Services.

Website Visitors and Business Contacts

For personal information we collect directly through our website, marketing pages, demos, sales process, support channels, and similar business interactions, Ojo AI generally acts as the organization responsible for that information under applicable law.

Customer Content and End-User/Recorded Individual Data

When our business customers use the Services to process video, audio, images, clips, metadata, alerts, site information, and other information they choose to submit, connect, stream, upload, or otherwise make available to the Services (“Customer Content”), Ojo AI generally acts as a processor, service provider, or similar role on behalf of the customer. The customer generally decides why and how Customer Content is collected and used, including whether cameras or microphones are deployed, where they are placed, what notices are provided, what events are monitored, and how long content is retained.

If you are an individual whose image, voice, likeness, or other personal information appears in Customer Content, your privacy rights request should usually be directed to the customer operating the relevant cameras, microphones, or monitored premises, unless applicable law requires otherwise.

Contract Controls for Customer Data

Where there is a conflict between this Privacy Policy and a written agreement between Ojo AI and a customer governing Customer Content, the written agreement will control to the extent permitted by law.

2. Personal Information We Collect

The categories of personal information we collect depend on how you interact with us and how our customers configure and use the Services.

A. Information You Provide Directly

We may collect:

  • names;

  • business email addresses and other email addresses you provide;

  • phone numbers;

  • company name, job title, role, and other business contact details;

  • account credentials and authentication-related information;

  • billing and transaction information;

  • communications you send to us, including support requests, sales inquiries, demo requests, survey responses, and feedback;

  • information you provide when you fill out forms, schedule meetings, apply to partner programs, or interact with us through chat, text, email, or phone.

B. Account, Admin, and User Information

If you or your organization uses the Services, we may collect and process:

  • user profile information;

  • account IDs;

  • permissions, roles, and workspace or site settings;

  • login and authentication events;

  • audit trail information;

  • preferences, notification settings, escalation settings, and contact methods.

C. Customer Content

Depending on customer configuration, the Services may process:

  • live video feeds;

  • recorded clips and still images;

  • audio and audio-triggered content;

  • timestamps and event metadata;

  • alert classifications, tags, summaries, escalation data, and other output generated by the Services;

  • camera identifiers, device information, network information, and site/location information supplied by the customer;

  • information visible, audible, or inferable from monitored scenes.

Customer Content may incidentally include sensitive information depending on what a camera or microphone captures, where the customer deploys it, and how the customer uses the Services.

D. Automatically Collected Information

When you visit our website, use our dashboards, or interact with our Services, we and our service providers may automatically collect certain technical and usage information, such as:

  • IP address;

  • browser type and device type;

  • operating system;

  • approximate location inferred from IP address;

  • pages viewed, referring URLs, clicks, session events, and timestamps;

  • log data, error data, crash data, and diagnostic information;

  • cookie IDs, local storage data, and similar technology data.

E. Information from Third Parties

We may receive information from:

  • our customers and their authorized users;

  • integrations, connected devices, cameras, or third-party platforms authorized by a customer;

  • analytics, hosting, payment, communications, CRM, identity, support, and other service providers;

  • marketing, event, referral, or partner sources;

  • publicly available sources;

  • advisors, resellers, channel partners, or other business counterparties.

3. Sources of Personal Information

We collect personal information:

  • directly from you;

  • automatically from your device or browser;

  • from our customers and their authorized personnel;

  • from connected cameras, devices, integrations, and software systems;

  • from our vendors and service providers;

  • from publicly available or commercial sources where permitted by law.

4. How We Use Personal Information

We may use personal information for the following purposes:

  • to provide, operate, maintain, secure, and support the Services;

  • to authenticate users and manage accounts;

  • to configure alerts, workflows, escalations, notifications, audio deterrence, and site settings;

  • to detect, classify, review, summarize, investigate, and respond to security, safety, operational, health, or service events configured by customers;

  • to provide customer service, onboarding, implementation, troubleshooting, training, and technical support;

  • to communicate with you about your account, support issues, updates, product changes, billing, security notices, and other service-related matters;

  • to respond to inquiries, schedule demos, and manage sales, partnerships, and business relationships;

  • to monitor usage, performance, uptime, reliability, capacity, and system health;

  • to prevent, detect, investigate, and address fraud, abuse, misuse, unauthorized access, security incidents, and legal violations;

  • to enforce contracts, policies, and other legal terms;

  • to comply with legal obligations, lawful requests, court orders, and regulatory requirements;

  • to create aggregated, statistical, de-identified, or anonymized information for lawful business purposes;

  • to improve the functionality, safety, reliability, and usability of the Services.

5. AI, Automated Analysis, and Human Review

Our Services may use automated systems, including machine learning or other AI-enabled tools, to analyze customer-configured video, audio, images, metadata, and related inputs for security, safety, operational, or service-related events.

This may include automated detection, scoring, classification, alerting, summarization, escalation, or routing. Depending on the customer’s configuration and the nature of the issue, outputs may also be reviewed by authorized human personnel for support, quality, safety, security, abuse prevention, incident investigation, legal compliance, or service delivery purposes.

Unless we expressly state otherwise in a separate written agreement, product notice, or customer setting, Ojo AI does not use Customer Content to train public, shared, or generalized models for unrelated third parties. We may, however, use Customer Content as necessary to provide the Services, maintain and improve the Services for our own customers, detect abuse, troubleshoot issues, support safety and security, and generate aggregated or de-identified insights where permitted by law and contract.

We do not intentionally use Customer Content to perform facial recognition, biometric identification, or cross-context identity profiling unless expressly disclosed and separately enabled in writing.

6. Cookies and Similar Technologies

We may use cookies, pixels, SDKs, local storage, log files, and similar technologies to:

  • enable website and dashboard functionality;

  • keep users signed in where applicable;

  • remember preferences;

  • secure sessions and detect abuse;

  • understand traffic and usage patterns;

  • measure performance and improve the Services.

Where required by law, we will provide notice and/or obtain consent before using non-essential cookies or similar technologies. You can also manage certain cookies through your browser settings. Blocking some technologies may affect functionality.

7. How We Disclose Personal Information

We may disclose personal information to the following categories of recipients, subject to applicable law and contractual restrictions:

A. Service Providers and Contractors

We may disclose personal information to vendors, subprocessors, contractors, and service providers that help us operate the Services and our business, such as providers of:

  • cloud hosting and infrastructure;

  • data storage and content delivery;

  • authentication and account security;

  • communications and email;

  • SMS and notification delivery;

  • analytics and performance monitoring;

  • customer support and ticketing;

  • CRM, sales, and marketing systems;

  • billing and payments;

  • implementation, integrations, and technical operations.

These parties are generally authorized to access personal information only as reasonably necessary to perform services for us and subject to appropriate contractual or legal restrictions.

B. Customers and Their Authorized Users

If you use the Services through an organization, personal information associated with your use of that organization’s account may be disclosed to the organization and its authorized admins, users, personnel, contractors, and representatives.

Customer Content and related outputs may be accessible to the applicable customer and its authorized users in accordance with the customer’s configuration and rights settings.

C. Affiliates and Corporate Transactions

We may disclose personal information to our current or future affiliates or in connection with an actual or proposed financing, merger, acquisition, restructuring, reorganization, sale of assets, bankruptcy, diligence process, or other corporate transaction.

D. Professional Advisors

We may disclose personal information to lawyers, auditors, accountants, insurers, financing sources, and other professional advisors where reasonably necessary.

E. Legal, Safety, and Protection Purposes

We may disclose personal information where we believe in good faith that doing so is necessary or appropriate to:

  • comply with law, regulation, legal process, or lawful governmental request;

  • enforce our agreements and policies;

  • detect, investigate, prevent, or respond to fraud, security incidents, or unlawful activity;

  • protect the rights, property, safety, or security of Ojo AI, our customers, users, personnel, or others;

  • establish, exercise, or defend legal claims.

F. With Consent or Direction

We may disclose personal information with your consent, at your direction, or as otherwise instructed by the customer that controls the applicable data.

8. No Sale or Sharing for Cross-Context Behavioral Advertising

At the time of this Privacy Policy, Ojo AI does not sell personal information for money and does not share personal information for cross-context behavioral advertising as those terms are used in certain U.S. privacy laws.

We also do not knowingly use Customer Content for third-party advertising purposes.

If our practices materially change, we will update this Privacy Policy and provide any notices or choices required by applicable law.

9. De-Identified and Aggregated Information

We may create, derive, use, disclose, and otherwise process de-identified, aggregated, anonymous, or statistical information that does not reasonably identify an individual and is not reasonably capable of being associated with an individual, household, or device, for lawful purposes including analytics, benchmarking, security, business intelligence, service improvement, product development, reporting, and research.

We will not attempt to re-identify de-identified information except as permitted by law.

10. Data Retention

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, comply with law, enforce agreements, resolve disputes, maintain security, and operate our business.

Retention periods vary based on the type of information, context, customer settings, contractual commitments, and legal requirements.

Examples:

  • Sales, marketing, and business contact data: retained for as long as reasonably necessary to manage the relationship, respond to inquiries, keep records, or pursue legitimate business interests, unless deletion is required by law.

  • Account and admin data: retained while the account is active and for a reasonable period thereafter for security, backup, legal, tax, audit, fraud prevention, and recordkeeping purposes.

  • Customer Content: retained according to customer settings, applicable contracts, backup cycles, legal hold obligations, and operational requirements. Customers are generally responsible for choosing retention settings for their environments.

  • Logs and security records: retained as reasonably necessary for performance, troubleshooting, abuse prevention, investigations, and legal compliance.

We may retain information longer where required or permitted by law, including for legal holds, dispute resolution, tax and accounting obligations, or defense of claims.

11. Security

We use administrative, technical, organizational, and physical safeguards designed to protect personal information appropriate to the nature of the information and the risks involved. These measures may include encryption in transit, access controls, authentication mechanisms, logging, monitoring, segmentation, least-privilege access practices, vendor management, training, and incident response processes.

However, no system, network, device, software, or method of transmission or storage is completely secure. We therefore cannot guarantee absolute security.

Customers are responsible for their own lawful deployment and configuration of cameras, microphones, devices, networks, signage, notices, retention settings, administrator permissions, credentials, and security practices within their environment.

12. Cross-Border Processing and International Transfers

Ojo AI is based in the United States and may process or store personal information in the United States and other jurisdictions where we or our service providers operate.

If you are located in Canada or another jurisdiction outside the United States, your personal information may be transferred to, stored in, and processed in jurisdictions that may have privacy laws different from those in your jurisdiction and may be accessible to courts, law enforcement, national security authorities, or regulators in those jurisdictions as permitted by law.

Where required by applicable law, we will use appropriate safeguards for cross-border transfers.

13. Customer Responsibilities for Monitored Premises

Customers that use the Services to monitor premises, people, vehicles, property, or operations are responsible for their own compliance with applicable laws and regulations, including laws relating to:

  • video surveillance;

  • audio recording;

  • employment and workplace monitoring;

  • consent;

  • signage and notice;

  • tenant, visitor, and public-facing disclosures;

  • sector-specific rules;

  • law-enforcement cooperation;

  • retention and deletion decisions;

  • lawful basis for collection and processing.

Ojo AI does not control where customers place cameras or microphones, what they monitor, what notices they provide, or what legal basis they rely on. Individuals with questions about surveillance at a specific customer site should contact the site operator or customer directly where appropriate.

14. Your Privacy Rights and Choices

Subject to applicable law and verification requirements, you may have rights regarding personal information we control about you, including rights to:

  • know or access certain personal information;

  • correct inaccurate personal information;

  • request deletion of certain personal information;

  • obtain a portable copy of certain personal information;

  • withdraw consent where processing is based on consent;

  • object to or restrict certain processing in some jurisdictions;

  • opt out of marketing communications;

  • complain to a regulator where applicable.

These rights are not absolute and may be limited by law, contract, privilege, security requirements, technical feasibility, or other exceptions.

Marketing Communications

You may opt out of non-transactional marketing emails by using the unsubscribe link in the message or by contacting us. Even if you opt out of marketing communications, we may still send service-related, transactional, security, support, legal, and account communications.

Customer Content Requests

For requests relating to Customer Content processed on behalf of a business customer, we may refer you to the relevant customer, since that customer generally controls the data and is best positioned to respond.

Identity Verification

Before responding to certain privacy requests, we may need to verify your identity and authority. We may request additional information only as reasonably necessary to verify the request and protect personal information from unauthorized disclosure, deletion, or alteration.

15. Additional U.S. State Privacy Disclosures

This section applies only where required by applicable U.S. state privacy law.

Categories of Personal Information

Depending on how you interact with us, we may collect the following categories of personal information:

  • identifiers and contact information;

  • commercial or transaction information;

  • internet or network activity information;

  • device information and online identifiers;

  • approximate or precise geolocation information supplied by the customer or derived from use of the Services;

  • audio, visual, and similar information;

  • professional or employment-related information;

  • account credentials and similar account information;

  • inferences or classifications generated from information processed through the Services;

  • sensitive personal information where applicable, such as precise geolocation or information contained in audio/visual content, to the extent processed by the Services.

Purposes

We collect and use these categories for the purposes described in Section 4 above.

Disclosures

We disclose these categories to the recipient categories described in Section 7 above.

Retention

We retain these categories as described in Section 10 above.

Rights for Residents of California and Certain Other States

Residents of California and, where applicable, residents of certain other U.S. states may have rights to:

  • confirm whether we process their personal information;

  • access or know the categories and/or specific pieces of personal information we process;

  • correct inaccuracies;

  • delete personal information, subject to exceptions;

  • obtain a portable copy of certain personal information;

  • opt out of the sale of personal information, targeted advertising, or certain profiling, where applicable;

  • appeal a refusal to act on a privacy request, where applicable;

  • not be discriminated against for exercising applicable privacy rights.

To submit a privacy request, contact us at liam@ojoai.us with the subject line Privacy Request. If we deny your request and you have a right to appeal under applicable law, you may appeal by replying to the denial or by emailing liam@ojoai.us with the subject line Privacy Appeal within a reasonable time after receiving our decision.

Because we do not currently sell personal information or share it for cross-context behavioral advertising, we do not currently offer a “Do Not Sell or Share” link. If that changes, we will update this Privacy Policy and provide any required opt-out mechanism.

16. Additional Canadian Privacy Disclosures

If Canadian privacy law applies, including the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and substantially similar provincial laws, the following additional terms apply.

Consent

Where required, we collect, use, and disclose personal information with consent or as otherwise permitted or required by law. Depending on the circumstances and the sensitivity of the information, consent may be express or implied as permitted by law.

You may withdraw consent to certain processing on reasonable notice, subject to legal, contractual, technical, fraud-prevention, and operational limitations. Withdrawal of consent may affect our ability to provide some Services.

Privacy Officer

Ojo AI has designated a Privacy Officer for privacy questions, requests, and complaints:

Privacy Officer
Ojo AI, Inc.
1235 Pennsylvania Ave SE, Unit #1138
Washington, DC 20003
Email: liam@ojoai.us

Cross-Border Transfers

Canadian individuals acknowledge that personal information may be processed outside Canada, including in the United States, as described in Section 12.

Complaints and Breach Notices

Where required by applicable law, we will provide required breach notifications and maintain required records of security incidents. You may also have the right to complain to the Office of the Privacy Commissioner of Canada or the applicable provincial privacy regulator.

17. SMS, Calls, and Similar Communications

We may send transactional or service-related calls, emails, or text messages, including account verification messages, support messages, service notices, security notices, system updates, and customer-configured alerts.

Where required by law, we will obtain consent before sending marketing communications by email or text. Message frequency may vary. Message and data rates may apply. You can follow the instructions in the message, such as replying STOP where supported, to opt out of non-essential text messaging programs.

Consent to receive non-essential marketing communications is not a condition of purchasing our Services.

18. Children’s Privacy

The Services are intended for businesses and are not directed to children. We do not knowingly collect personal information directly from children in a manner that would require verifiable parental consent under applicable law.

Because customers may use cameras in environments where minors are present, Customer Content may incidentally include information about children. In such cases, the applicable customer is generally responsible for the lawful operation of the monitored environment and for providing any notices or obtaining any consents required by law.

If you believe we have unlawfully collected personal information from a child where we control that information, contact us at liam@ojoai.us.

19. Third-Party Services and Links

The Services may link to or integrate with third-party websites, platforms, devices, software, and services that we do not own or control. This Privacy Policy does not apply to the privacy practices of those third parties, and we are not responsible for them. You should review the privacy policies of those third parties separately.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the revised version and update the “Last Updated” date. Where required by law, we will also provide additional notice or obtain consent.

21. Contact Us

For privacy questions, requests, appeals, complaints, or concerns, contact:

Privacy Officer
Ojo AI, Inc.
1235 Pennsylvania Ave SE, Unit #1138
Washington, DC 20003
liam@ojoai.us

22. No Creation of Extra Contractual Rights

This Privacy Policy is intended to provide transparency about our data practices. Except where required by applicable law, this Privacy Policy does not create contractual promises, third-party beneficiary rights, or duties beyond those imposed by law or by an applicable written agreement with Ojo AI.

© All right reserved

© All right reserved