Legal

Privacy Policy

Last updated: May 16, 2026

This Privacy Policy explains how Hoshi Brands, based in Tallinn, Estonia ("we", "us", or "our"), collects, uses, and shares personal data in connection with the HVACRelay website and services (the "Service"). For purposes of EU/EEA data protection law, Hoshi Brands is the data controller for personal data collected through our website and acts as a data processor for personal data we process on behalf of our business customers.

1. Data We Collect

1.1 Information you provide

• Account & subscribe form: name, work email, phone number, and selected plan.
• Billing: billing details processed by Stripe (we do not store full card numbers).
• Support communications: messages you send us by email or through forms.

1.2 Information collected automatically

• Usage and device data: pages viewed, referrers, IP address, browser, device information, and timestamps.
• Cookies & similar technologies: for site functionality, analytics, and marketing measurement.
• Marketing pixels: Meta Pixel events such as PageView, AddToCart, and InitiateCheckout (subject to your cookie/marketing preferences where applicable).

1.3 Customer-call data (processed on behalf of business customers)

• Call audio, transcripts, and metadata from inbound calls handled by your AI receptionist.
• Caller-provided details such as name, phone number, address, and job description.
• Workflow data exchanged with your CRM, dispatch, or messaging tools.

Where we process this data on behalf of a business customer, that customer is the data controller and is responsible for the lawful basis (including any required call-recording or call-monitoring consents) and for providing notices to data subjects.

2. How We Use Data

• To provide, maintain, and improve the Service.
• To process subscriptions, setup fees, and billing.
• To respond to inquiries and provide customer support.
• To monitor security, prevent fraud, and ensure service integrity.
• To measure marketing effectiveness and improve our website (subject to your preferences where required by law).
• To comply with legal obligations and enforce our Terms.

3. Legal Bases (EU/EEA users)

Where the GDPR applies, we rely on: (a) contract to provide the Service you have signed up for; (b) legitimate interests to operate, secure, and improve the Service; (c) consent for non-essential cookies and marketing pixels where required; and (d) legal obligations for compliance and record-keeping.

4. How We Share Data

We share personal data only where appropriate, including with:

• Service providers that host our infrastructure, process payments (Stripe), provide telephony, AI/voice models, analytics, and email delivery.
• Business customers whose AI receptionist handled a call, including the call data associated with that customer.
• Marketing platforms such as Meta, where you have provided any required consent.
• Authorities or other parties when required by law or to protect rights, safety, and the integrity of the Service.
• Acquirers in the context of a corporate transaction (e.g., merger, acquisition, asset sale), subject to appropriate confidentiality terms.

We do not sell personal data.

5. International Transfers

Personal data may be processed in countries outside your own, including outside the EU/EEA. Where required, we use appropriate safeguards (such as the European Commission's Standard Contractual Clauses) for international transfers.

6. Retention

We retain personal data for as long as necessary to provide the Service, to comply with legal, tax, and accounting obligations, and to resolve disputes. Customer-call data is retained according to our agreement with the relevant business customer; after termination of that customer's account, we delete or return the data within a reasonable period unless retention is required by law.

7. Your Rights

Depending on where you live, you may have the right to access, correct, delete, or port your personal data, to object to or restrict certain processing, and to withdraw consent. EU/EEA users may also lodge a complaint with their local data protection authority. To exercise these rights, contact us at support@hvacrelay.com. If your data is processed by us on behalf of a business customer, please contact that customer directly; we will assist them in responding to your request.

8. Security

We use technical and organizational measures designed to protect personal data against unauthorized access, loss, alteration, or disclosure. No system is 100% secure, but we work to continuously improve our safeguards.

9. Cookies & Tracking

We use cookies and similar technologies for essential site functionality, analytics, and marketing measurement (including the Meta Pixel). You can control cookies via your browser settings, and where required by law we will obtain your consent before setting non-essential cookies.

10. Children

The Service is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us personal data, please contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page with a new "Last updated" date and, where required by law, provide additional notice.

12. Contact

Questions or requests can be sent to support@hvacrelay.com.

Hoshi Brands
Sepapaja 6
15551 Tallinn
Harju Maakond
Estonia
VAT ID: EE102546747