Do Not Sell or Share
My Personal Information
Last Updated: April 22, 2026
Short answer: NightAI does not sell your personal information and does not share it for cross-context behavioral advertising. This page exists to satisfy legal opt-out requirements and to explain your rights under applicable state privacy laws.
1. Our Data Practices
NightAI does not sell personal information to third parties. We do not share personal information with third parties for cross-context behavioral advertising, targeted advertising, or any other commercial purpose unrelated to providing our service.
We share personal data only with our sub-processors (Twilio, OpenAI, ElevenLabs, SendGrid, Stripe, and Railway) as strictly necessary to operate the NightAI platform, and with government or law enforcement authorities when required by applicable law. In each case, sharing is governed by data processing agreements that restrict how those sub-processors may use your data.
A complete description of our data practices — including what we collect, why we collect it, how long we retain it, and who we share it with — is available in our full Privacy Policy.
2. Who This Page Applies To
This page applies to two groups of people:
Business Customers and Dashboard Users
If you are a business owner, administrator, or team member who has a NightAI account or has registered for a demo or onboarding form, NightAI is the data controller for your information. You may submit an opt-out or deletion request directly to NightAI using the contact information in Section 4 below.
You may also have the right to know what personal information we hold, to correct inaccurate data, and to request deletion. All such requests are processed within 45 days of receipt of a verifiable request, with up to a 90-day extension where required by the complexity of the request (we will notify you if an extension is needed).
Callers (End Users)
If you are someone who called a phone number powered by NightAI (in other words, a business's customer), NightAI acts as a data processor on behalf of that business — not as the data controller. The business whose number you called is the data controller for your appointment information and is responsible for responding to your privacy requests.
To exercise data rights related to a call you made:
- Contact the business directly using the contact information they provided you;
- The business will instruct NightAI to delete or retrieve your data on their behalf when they receive your request.
If you are unable to reach the business or believe your request is not being addressed, you may contact NightAI at [email protected] and we will provide what assistance we are able to offer under our data processor role.
3. Your Rights by State
The following state privacy laws provide residents with rights regarding the sale or sharing of personal information. NightAI acknowledges these rights and supports their exercise, even where we believe the rights are already satisfied by our non-sale policy.
| State | Law | Effective | Rights Covered |
|---|---|---|---|
| California | CPRA (amending CCPA) | January 1, 2023 | Right to opt out of sale; right to opt out of sharing for cross-context behavioral advertising; right to limit use of sensitive personal information |
| Colorado | Colorado Privacy Act (CPA) | July 1, 2023 | Right to opt out of sale; right to opt out of targeted advertising; right to opt out of profiling |
| Virginia | Consumer Data Protection Act (CDPA) | January 1, 2023 | Right to opt out of sale; right to opt out of targeted advertising; right to opt out of profiling for significant decisions |
| Texas | Texas Data Privacy and Security Act (TDPSA) | July 1, 2024 | Right to opt out of sale; right to opt out of targeted advertising; right to opt out of profiling |
| Connecticut | Connecticut Data Privacy Act (CTDPA) | July 1, 2023 | Right to opt out of sale; right to opt out of targeted advertising; right to opt out of profiling for significant decisions |
| Other states | Various (OR, MT, TX, IN, TN, FL, etc.) | Varies | NightAI honors opt-out requests from residents of any US state regardless of whether a specific state law mandates it |
Residents of the European Union, United Kingdom, and other jurisdictions with comprehensive data protection laws (e.g., GDPR) may also have the right to object to certain types of data processing. Please refer to our Privacy Policy for information applicable to those jurisdictions or contact us at the address below.
4. How to Submit an Opt-Out or Deletion Request
To exercise any of your privacy rights — including the right to opt out of sale, the right to know, the right to delete, or the right to correct — please email us at:
NightAI Privacy Requests
Email: [email protected]
Subject line: Do Not Sell My Info
Please include in your message:
— Your full name
— The email address or phone number associated with your NightAI account (or, for callers, the information you provided when you called)
— The specific right(s) you wish to exercise
— Your state of residence (to determine which law applies)
Response Timeline
We will respond to verifiable requests within 45 days of receipt. If we require additional time (up to 90 days total), we will notify you of the extension and the reason for it within the initial 45-day period. We will not discriminate against you — including by denying service, charging different prices, or providing a different quality of service — for exercising your privacy rights.
Verification
To protect your privacy, we may need to verify your identity before processing your request. We will ask for information that matches what we have on file. We will not ask for more information than is reasonably necessary to verify your identity. We use the information you provide for verification only, not for any other purpose.
Authorized Agents
Residents of California and certain other states may designate an authorized agent to submit privacy requests on their behalf. If you use an authorized agent, provide written documentation of the agent's authority along with your request. We may contact you directly to verify the agent's authorization.
5. Global Privacy Signals (GPC)
California's CPRA requires businesses to honor the Global Privacy Control (GPC) signal as an opt-out of sale and sharing. NightAI's website does not use third-party advertising cookies or targeted advertising trackers on which a GPC signal would have effect. If our website analytics or third-party integrations change in a way that makes GPC applicable, we will update our technical implementation and this policy accordingly.
6. Changes to This Page
NightAI may update this page as our data practices change or as new state privacy laws take effect. We will update the "Last Updated" date at the top of this page when material changes are made. We encourage you to review this page periodically.
For our full data practices, sub-processor list, retention schedules, and additional privacy rights, see our Privacy Policy. For security practices, see our Security & Acceptable Use page.
This page is intended to be a plain-language summary of your opt-out rights. It is not a substitute for legal advice. If you have questions about your specific privacy rights in your jurisdiction, consult qualified legal counsel.