Privacy Policy

Apex Conversion Group, LLC ("Apex," "we," "us," or "our") operates the Vetra Virtual Advisor widget platform and the website located at apexconversiongroup.com. This Privacy Policy explains what information we collect, how we use it, and your choices and rights regarding that information.

By using our website or services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use our services.

1. Who This Policy Covers

This policy covers two categories of individuals:

• Shop Owners / Subscribers — Auto repair shop owners and operators who purchase and deploy the Vetra Virtual Advisor widget on their own websites.
• End Users / Widget Visitors — Customers of those auto shops who interact with the Vetra Virtual Advisor widget embedded on a shop's website.

2. Information We Collect

A. From Shop Owners (Subscribers)

• Account information: Email address and business (shop) name provided during checkout.
• Payment information: Billing details are processed and stored by Stripe, Inc. We do not store your full payment card or bank account numbers on our servers. See Section 6 for details on Stripe.
• Communication data: Any emails or messages you send to us.

B. From End Users (Widget Visitors)

When a customer interacts with the Vetra Virtual Advisor widget embedded on an auto shop's website, the following information may be collected:

• Name
• Phone number — used to deliver the soft quote and to send an SMS handoff notification to the shop owner.
• Vehicle information: Year, make, model, and mileage.
• Described symptoms and repair needs
• Photos — images of the vehicle, dashboard, or relevant damage uploaded voluntarily by the user.

C. Automatically Collected Data

• IP address, browser type, device type, and pages visited on our website — collected via standard web server logs and used solely for security and analytics purposes.

3. How We Use Your Information

For Shop Owners

• Provision, manage, and support your subscription to the Vetra platform.
• Process payments through Stripe.
• Send you account-related communications (receipts, renewal notices, service updates).
• Respond to support inquiries.

For End Users (Widget Visitors)

• Analyze the vehicle issue using our locally hosted AI and generate a soft repair estimate.
• Deliver the estimate result to the user within the widget.
• Send an SMS notification to the subscribing shop owner containing the user's name, phone number, vehicle details, described symptoms, and AI-generated estimate — so the shop can follow up directly.
• We do not send marketing messages to end users. The sole purpose of collecting the phone number is to enable the shop-to-customer follow-up.

4. SMS Communications and TCPA Compliance

Apex operates under the requirements of the Telephone Consumer Protection Act (TCPA) and applicable FCC regulations. Please read this section carefully.

SMS to Shop Owners

Shop owners who subscribe to Apex services consent to receive automated SMS notifications — the "SMS handoff" messages — containing lead details from widget interactions. These messages are operational in nature (not marketing) and are a core feature of the subscribed service. Message frequency varies based on widget traffic. Standard message and data rates may apply.

SMS Involving End Users (Widget Visitors)

The Vetra Virtual Advisor widget collects a phone number from the end user as part of the soft quote flow. By providing their phone number within the widget, the end user acknowledges that:

• Their information (including phone number, vehicle details, and symptoms) will be shared with the auto shop whose website hosts the widget.
• The auto shop may contact them via phone or text to follow up on the estimate or to schedule service.
• Apex itself does not send marketing SMS messages to end users. Any subsequent communication comes from the auto shop directly, subject to that shop's own consent practices.

Shop owners who use the Vetra platform are solely responsible for ensuring their own customer follow-up communications (calls, texts, emails) are compliant with the TCPA, including obtaining proper written consent before sending marketing or promotional text messages to end users.

Opt-Out

Shop owners receiving operational SMS notifications may reply STOP to unsubscribe or contact us at legal@apexconversiongroup.com. Unsubscribing from SMS may affect platform functionality.

5. Local AI Processing

A core design principle of the Apex platform is that AI inference — the analysis of vehicle symptoms and generation of estimates — is performed on dedicated, locally hosted hardware owned and controlled by Apex Conversion Group. This means:

• End user data (names, phone numbers, vehicle details, photos) is not sent to third-party cloud AI providers (such as OpenAI, Google, or Anthropic) for processing.
• Your shop's proprietary labor rates are not used to train any external AI models.
• Data processed by the AI remains within Apex's controlled infrastructure.

6. Payment Processing (Stripe)

All payment processing is handled by Stripe, Inc., a PCI-DSS Level 1 certified payment processor. When you complete checkout, you are interacting directly with Stripe's secure infrastructure. Apex does not receive, store, or have access to your full payment card number, bank account number, or CVV. Stripe's privacy policy is available at stripe.com/privacy.

For ACH payments, Stripe processes your bank account information under its own privacy and security standards, including Nacha Operating Rules compliance.

7. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may share information in the following limited circumstances:

• Service providers: Stripe (payments), SMS delivery infrastructure providers, and hosting providers — only as necessary to operate the service and under confidentiality obligations.
• Auto shop subscribers: End user widget data (name, phone, vehicle info, estimate) is shared with the specific shop whose widget the user interacted with. This is the core intended function of the service.
• Legal compliance: If required by law, subpoena, court order, or to protect the rights, property, or safety of Apex, our users, or the public.
• Business transfers: In the event of a merger, acquisition, or sale of substantially all assets, personal information may be transferred as part of that transaction.

8. Data Retention

• Subscriber account data is retained for the duration of the subscription plus a reasonable period thereafter for legal and accounting purposes (typically 3 years).
• End user widget interaction data (names, phone numbers, vehicle info, photos) is retained on our local infrastructure for 90 days from the date of interaction, then deleted, unless a longer retention period is legally required.
• Payment records are retained as required by Stripe and applicable tax and accounting laws.

9. Your Rights

All Users

• Request access to the personal information we hold about you.
• Request correction of inaccurate information.
• Request deletion of your personal information, subject to legal retention requirements.

California Residents (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: You may request details about what personal information we collect, use, disclose, and sell (we do not sell personal information).
• Right to Delete: You may request deletion of your personal information we have collected.
• Right to Correct: You may request correction of inaccurate personal information.
• Right to Opt-Out of Sale: We do not sell personal information. No action is required.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To submit a request, contact us at legal@apexconversiongroup.com. We will respond within 45 days.

10. Children's Privacy

Our services are intended for use by auto repair shop businesses and adult consumers. We do not knowingly collect personal information from children under the age of 13. If we become aware that a child under 13 has provided us with personal information, we will delete it promptly.

11. Security

We implement technical and organizational safeguards to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include encrypted data transmission (HTTPS/TLS), local AI processing on secured hardware, access controls, and secure payment processing via Stripe. No method of transmission over the internet is 100% secure, however, and we cannot guarantee absolute security.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will notify active subscribers via email. Continued use of the service after any changes constitutes your acceptance of the updated policy.

14. Contact Us

For privacy-related inquiries, requests, or complaints:

• Email: legal@apexconversiongroup.com
• Website: apexconversiongroup.com