Effective Date: 08/12/2025
Atlas Nexus USA, a registered DBA of La Antigua Imports LLC, a Texas limited liability company ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with our website, voice services, AI receptionist platform, supporting infrastructure, and related tools. By accessing or using our services, you acknowledge and agree to the practices described in this policy. This policy applies to all information collected through our services, unless a different privacy notice is provided in connection with a specific product, tool, or contractual agreement.
We may collect and process information in several ways, depending on how you interact with our systems, applications, and services.
For California residents, and where applicable under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), we disclose that the categories of personal information we may collect include:
– Identifiers (e.g., name, email address, phone number, account ID)
– Commercial information (e.g., service history, billing records)
– Internet or network activity (e.g., browser type, IP address, site interactions)
– Professional or employment-related information (e.g., company name, role)
– Audio or similar information (only if enabled and stored in the Client’s connected platform)
– Inferences drawn from other personal information to create profiles for service delivery. Additional disclosures required by CCPA/CPRA, including sources of personal information, business/commercial purposes, and categories of third parties with whom information is shared, are available upon request or in applicable supplemental notices. For CCPA/CPRA compliance, we disclose that the sources of personal information include:
(i) information you provide directly,
(ii) information automatically collected during service usage, and
(iii) information obtained from integrated third-party platforms at your direction. The purposes for collection correspond to service delivery, support, compliance, and improvement.
We collect any information you provide in connection with configuring, customizing, or operating an AI voice agent for business or personal use. This includes, but is not limited to, your contact details, business information, scheduling preferences, call handling instructions, and any messages or content submitted through our forms, phone services, or email communications. Where applicable, we may also collect regulated data, including but not limited to protected health information (PHI) and financial identifiers—in accordance with applicable laws and only under a valid agreement.
We collect limited technical and operational metadata necessary to deliver and support the Services (e.g., timestamps, action results, and usage/minute logs). We do not collect, store, or host call audio or transcripts. If enabled, such content is generated and retained exclusively within the Client’s connected platform account, under the Client’s ownership and control. Atlas Nexus USA operates under a Client-Controlled Data Architecture, meaning we have no standing access to recordings or transcripts after initial setup. Temporary, content-level access is only granted when explicitly authorized in writing by the Client for a defined troubleshooting purpose, and such access is strictly time-bound and fully logged. Browser/device identifiers and site interaction data may be collected on our website for security and performance analytics.
We use the information we collect to deliver, maintain, and improve our services. This includes, but is not limited to, responding to inquiries, facilitating AI-powered call handling, and enabling appointment scheduling, rescheduling, cancellation, and communication. We may also send confirmations and reminders via email or SMS, create or update internal contact records, and analyze usage patterns to enhance the accuracy and performance of our systems. In certain cases, we may process your data to comply with legal obligations or support internal compliance and risk management efforts.
Where the General Data Protection Regulation (GDPR) applies, the legal bases for our processing activities include:
– Contact details: performance of a contract
– Usage and integration data: legitimate interests (security, service improvement)
– Regulated data (PHI, payment): legal obligation and/or contractual necessity under a Compliance Addendum
In regulated use cases, we may process personal or sensitive data in accordance with applicable laws and the terms of a specific client agreement, including but not limited to a Business Associate Agreement (BAA) or Data Processing Addendum (DPA).
For clarity: we do not use call audio or transcripts because we do not store them. Where troubleshooting requires content-level review in a regulated deployment, access occurs only under a signed Compliance Addendum and is limited, logged, and time‐bound.
We do not sell or rent your personal information to third parties. We may share limited operational data with secure third-party service providers strictly as necessary to operate our platform and deliver essential functionality. This may include routing calls, storing appointment and contact history, delivering transactional messages, processing payments or billing information (if applicable), and analyzing usage to improve service quality.
Under our Client-Controlled Data Architecture, Atlas Nexus USA does not process or store the content of call recordings or transcripts. If enabled, such content is generated and stored solely within the Client’s connected platform account, under the Client’s ownership and control. Atlas Nexus USA has no standing access to such content after initial setup. Any temporary, content-level access must be explicitly authorized in writing by the Client for a specific troubleshooting purpose, is strictly time-bound, and fully logged.
For clients operating under specific legal or industry frameworks, we offer services and processing terms tailored to those compliance requirements. Where applicable, and only under a valid contractual agreement, we facilitate the processing of regulated data in accordance with the following:
– HIPAA: For healthcare industry clients, protected health information (PHI) is processed within the Client’s connected platform account in compliance with HIPAA, subject to a fully executed Business Associate Agreement (BAA) naming the platform provider as the data processor.
– GDPR: For clients or data subjects in the European Economic Area, personal data is processed in accordance with GDPR, including honoring data access, rectification, erasure, and transfer rights, where applicable.
– CCPA/CPRA: For clients subject to the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), we comply with obligations related to consumer disclosures, opt-out rights, and limited data use.
– PCI DSS: Where applicable, we follow data handling practices consistent with the Payment Card Industry Data Security Standard (PCI DSS). We do not directly store or process cardholder data within Atlas Nexus USA systems.
– GLBA/ABA or Other Financial Regulations: For financial services or legal industry clients, we implement controls consistent with the Gramm-Leach-Bliley Act (GLBA), American Bar Association (ABA) guidance, and other applicable industry-specific standards, where contractually required.
All service providers we engage are bound by confidentiality obligations and, where applicable, must implement safeguards consistent with the Client’s regulatory framework. These obligations apply only in circumstances where such compliance is contractually required and explicitly agreed to by both parties.
All outbound messaging activity, including SMS and email communications, is subject to our A2P Messaging & SMS Compliance Policy, which governs sender obligations, consent, and carrier regulations.
We may use cookies and similar tracking technologies to enhance your experience with our services. These technologies help maintain session state, remember user preferences, analyze website performance and user behavior, and support essential security and authentication functions. You can disable or restrict cookies through your browser settings at any time. However, please note that doing so may impact the functionality or availability of certain features on our website or platform. Where required by law, we provide additional options to manage or opt out of non-essential tracking.
We implement physical, technical, and administrative safeguards to protect your data from unauthorized access, alteration, disclosure, or loss. These measures include encrypted transmission of sensitive information, role-based access controls, secure audit logging, and other safeguards consistent with industry standards, including SOC 2–audited controls provided by our platform provider. Under our Client-Controlled Data Architecture, Atlas Nexus USA does not have standing content-level access to Client call audio or transcripts. Such content—if enabled—is stored solely within the Client’s connected platform account, under the Client’s ownership and control. Any temporary, content-level access must be explicitly authorized in writing by the Client, is strictly time-bound, and fully logged. While no system can guarantee absolute security, we continuously monitor, assess, and refine our operational and contractual safeguards to reduce risk and preserve the confidentiality, integrity, and availability of data entrusted to us. Breach Notification: In the event we become aware of a security incident affecting personal data we have access to, we will notify the affected Client without undue delay and, where applicable, within the timelines required by relevant laws (e.g., HIPAA – 60 days, certain state laws – 30 days). Where the incident involves data stored solely in the Client’s connected platform account, we will promptly inform the Client and, if possible, facilitate the platform provider’s notification process.
We retain operational metadata (e.g., account details, integration settings, usage/minute logs) for no longer than 12 months from the date of collection or the end of the client’s active service term, whichever is later, unless a longer period is required by law or a valid contractual agreement. Call recordings and transcripts—if enabled—are never stored by Atlas Nexus USA and remain in the Client’s connected platform account, subject to their configured retention and purge schedules. Retention and deletion of any call recordings or transcripts are entirely controlled within the Client’s connected platform account, under the Client’s ownership and configuration. Where a Compliance Addendum applies, Atlas Nexus USA follows the Client’s configured retention and purge schedules within that platform and does not keep independent copies. When other data in our possession is no longer required, it is securely deleted, anonymized, or archived in accordance with our internal retention policies and any applicable legal or contractual requirements.
We may collect your mobile phone number in connection with your use of our Services. By providing your mobile number, you consent to receive SMS or MMS text messages from us for transactional, service-related, or informational purposes, including appointment confirmations, reminders, and service updates. Messages will be sent only to individuals who have given prior express consent to receive them. You may opt out of receiving text messages at any time by replying “STOP” to any message you receive from us. For assistance, reply “HELP” or contact us using the information provided in this Privacy Policy. Message and data rates may apply, and message frequency will vary based on your interactions with our Services. We do not sell, rent, or share your mobile number with unaffiliated third parties for their own marketing purposes. All messaging practices are intended to comply with applicable laws, including the Telephone Consumer Protection Act (TCPA), the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), and industry standards such as the CTIA Messaging Principles and Best Practices.
Subject to applicable laws and contractual obligations, you may have certain rights regarding your personal information. These rights include, but are not limited to, the right to access, correct, update, or delete your data, and to request information about how your data is collected, used, stored, and disclosed. You may also have the right to restrict certain types of processing, object to the receipt of direct marketing or non-essential communications, or request data portability where required by law. To exercise any of these rights, please contact us at [email protected]. We may require identity verification prior to fulfilling any such request in order to protect your privacy and maintain data integrity. Please note that some rights may be subject to limitations or exceptions under applicable law or the terms of a specific service agreement.
Our services are not directed to individuals under the age of 13, and we do not knowingly collect, use, or store personal information from anyone in that age group. This includes, but is not limited to, names, contact information, call recordings, or any other data that could be used to identify a child. If you believe that a child has provided us with personal information, please contact us immediately at [email protected]. We will investigate the matter promptly and take appropriate action in accordance with applicable laws and our internal policies.
If you access or use our services from outside the United States, you acknowledge and agree that your data may be transferred to, processed, and stored in the United States or other jurisdictions where data protection laws may differ from those in your country of residence. These jurisdictions may have privacy laws that provide different, fewer, or less comprehensive protections than those in your country of residence, including but not limited to limitations on access rights, erasure, or legal recourse. By continuing to use our services, you consent to this cross-border transfer and processing of your information. We do not actively market, localize, or tailor our services to specific international jurisdictions unless explicitly stated in a client agreement.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other operational considerations. When updates are made, the “Effective Date” at the top of this page will be revised accordingly. We encourage you to review this policy periodically to stay informed about how we protect your information. Your continued use of our services after any update constitutes your acknowledgment and acceptance of the revised terms. Unless otherwise stated, any modifications will apply to information previously collected and information collected after the effective date of the updated policy. Atlas Nexus USA is committed to providing accessible services and web content in compliance with applicable accessibility laws, including the Americans with Disabilities Act (ADA) and WCAG 2.1 guidelines, and will provide reasonable accommodations upon request.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you may contact us at:
Atlas Nexus USA
A DBA of La Antigua Imports LLC
Texas Limited Liability Company
📧 [email protected]
📞 +1 (507) 652-5333
Last updated: 08/12/2025