Skip to main content
Last Updated: January 2026

Overview

HoopAI, Inc. (“HoopAI,” “we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website at hoopai.com, use the HoopAI platform, or interact with our services (collectively, the “Services”).

Platform Services vs. Processor Services

HoopAI provides two categories of services, and the way we handle your data differs depending on which applies:
Service typeDescriptionHoopAI role
Platform ServicesServices we provide directly to you as an account holder (account management, billing, support, marketing)Data Controller — this Privacy Policy applies in full
Processor ServicesServices where we process data on behalf of our customers (e.g., CRM contacts, customer communications, marketing campaigns)Data Processor — our customer’s privacy notice applies, not this one
When HoopAI acts as a Data Processor on behalf of our customers, we process personal data only as instructed by the customer. If you are an end user whose data is processed through a HoopAI customer’s account, please refer to that customer’s privacy notice for information about how your data is handled.
By using the HoopAI platform, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree, please do not use the Services.

1. Information we collect

We collect information in three categories: directly from you, from third parties, and automatically.

1.1 Information you provide directly

When you create an account or interact with our Services, we may collect:
  • Full name and display name
  • Email address
  • Phone number
  • Company or organization name
  • Job title and role
  • Account credentials (username and password)
  • Billing and shipping addresses
  • Credit or debit card numbers
  • Bank account details
  • Transaction and purchase history
HoopAI does not store full credit card numbers on our servers. Payment information is processed through PCI-compliant third-party payment processors.
Data you input, upload, or transmit through the platform, including CRM contacts, conversation logs, calendar bookings, payment records, AI agent configurations, website content, and marketing campaign data.
When you contact our support team, submit feedback, participate in surveys, or communicate with us through any channel, we collect the content of those communications.

1.2 Information from third parties

SourceInformation collected
Marketing partnersLead and referral information, campaign performance data
Vendors and service providersIdentity verification data, fraud screening results
Public databases and directoriesPublicly available business information, professional profiles
Events and conferencesContact information collected at trade shows, webinars, or sponsored events
OAuth and social integrationsProfile information from Google, Facebook, and other connected accounts
Referral partnersName and contact information provided by partners who refer you to HoopAI

1.3 Information collected automatically

  • IP address
  • Browser type and version
  • Operating system and device type
  • Device identifiers
  • Screen resolution and language preferences
  • Time zone settings
  • Features accessed and actions taken on the platform
  • Pages and screens viewed
  • Clicks, scrolls, and navigation patterns
  • Session duration and timestamps
  • Referring URLs and exit pages
We use cookies, web beacons, pixel tags, and similar technologies to collect information about your interactions with our Services. See Section 8 for details on the types of cookies we use and how to manage them.
Server logs that record requests made to our servers, including URL, HTTP method, referring page, response status, and timestamps.

2. How we use information

2.1 Platform functionality and development

PurposeData used
Operating and maintaining the HoopAI platformAccount information, Customer Data
Processing CRM contacts and pipelinesCRM data, contact records
Managing conversations (email, SMS, chat, social)Communication data, conversation logs
Scheduling and calendar bookingsCalendar data, contact information
Running marketing automation and campaignsMarketing data, contact lists, email content
Processing payments and invoicesPayment data, transaction records
Generating reports and analyticsUsage data, reporting data
Hosting sites, funnels, and membership contentSite and content data
Developing, testing, and improving new featuresAggregated usage data, feedback

2.2 AI features

HoopAI uses artificial intelligence to power features such as AI agents, content generation, conversation intelligence, and workflow automation.
HoopAI does not use your data to train publicly available AI models. AI features are powered by specialized AI subprocessors under strict data processing agreements. Your Customer Data is processed solely to deliver AI functionality within your account.

2.3 Customer support

  • Responding to support tickets, live chat, and phone inquiries
  • Diagnosing and resolving technical issues
  • Providing onboarding assistance and training

2.4 Business operations

  • Internal business analytics and reporting
  • Capacity planning and infrastructure management
  • Vendor and partner management

2.5 Communications

  • Sending transactional messages (account confirmations, password resets, billing receipts)
  • Product updates, feature announcements, and educational content
  • Marketing communications (with your consent, where required by law)
  • Event invitations and community updates

2.6 Protecting and securing the platform

  • Detecting, preventing, and responding to fraud, abuse, and security threats
  • Enforcing our Terms of Service and Acceptable Use Policy
  • Monitoring for unauthorized access and suspicious activity
  • Performing security audits and vulnerability assessments

2.7 Advertising and marketing

  • Measuring the effectiveness of our advertising campaigns
  • Delivering relevant advertisements on third-party platforms
  • Personalizing marketing content based on your interests and interactions

2.8 Statistical purposes

  • Aggregating and de-identifying data for statistical analysis
  • Generating industry benchmarks and trend reports
  • Conducting research to improve our Services
  • Complying with applicable laws, regulations, and legal processes
  • Responding to lawful requests from government authorities
  • Establishing, exercising, or defending legal claims
  • Meeting tax, accounting, and financial reporting obligations
For users located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process personal data under the following legal bases as required by the General Data Protection Regulation (GDPR):
Legal basisWhen it appliesExamples
ConsentWhen you have given clear, affirmative consent for a specific purposeMarketing emails, optional cookies, certain AI features
Contract performanceWhen processing is necessary to fulfill our contractual obligations to youProviding the platform, processing payments, account management
Legal obligationWhen processing is required to comply with applicable lawsTax records, regulatory reporting, law enforcement requests
Legitimate interestsWhen processing serves our legitimate business interests and does not override your rightsSecurity, fraud prevention, service improvement, analytics
Data Controller vs. Data Processor: HoopAI acts as a Data Controller when processing your data for Platform Services (account management, billing, marketing to you). HoopAI acts as a Data Processor when processing data on behalf of our customers through Processor Services (customer CRM data, end-user communications). For Processor Services, the customer is the Data Controller.

4. How we protect information

HoopAI implements comprehensive administrative, technical, and organizational security measures to protect the confidentiality, integrity, and availability of your information.

Technical safeguards

  • Encryption at rest: All Customer Data is encrypted using AES-256 encryption
  • Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS v1.2 or higher
  • Access controls: Role-based access controls, multi-factor authentication, and least-privilege principles
  • Infrastructure security: SOC 2 Type II compliant hosting infrastructure with regular security audits
  • Network security: Firewalls, intrusion detection and prevention systems, DDoS mitigation

Administrative safeguards

  • Regular security awareness training for all employees
  • Background checks for personnel with access to personal data
  • Documented security policies and procedures
  • Regular security risk assessments
  • Vendor security assessments for all subprocessors

Organizational safeguards

  • Dedicated security team with 24/7 monitoring
  • Documented incident response procedures with defined escalation paths
  • Regular penetration testing and vulnerability scanning
  • Business continuity and disaster recovery planning

Data breach notification

In the event of a data breach affecting your personal information, HoopAI will:
  • Notify affected individuals without undue delay and within 72 hours of discovery where required by law
  • Provide details about the nature of the breach, data affected, and remediation steps
  • Notify relevant supervisory authorities as required by applicable law
  • Cooperate fully with any resulting investigations
While we implement robust security measures, no method of transmission or storage is 100% secure. You are responsible for maintaining the security of your account credentials and controlling access to your account.

5. When we share information

We share information only in the following circumstances:

5.1 Affiliates and subsidiaries

We may share information with HoopAI affiliates and subsidiaries for internal business purposes, including shared infrastructure, support services, and corporate operations.

5.2 Service providers

We share information with trusted third-party service providers who perform services on our behalf:
Provider categoryPurposeData shared
Cloud hostingInfrastructure and data storageCustomer Data (encrypted)
Payment processingBilling and payment collectionPayment information
Email deliveryTransactional and marketing emailsEmail addresses, email content
SMS and voice providersText message and call deliveryPhone numbers, message content
AI subprocessorsPowering AI featuresInteraction data under strict DPAs
AnalyticsUsage analytics and performance monitoringAggregated usage data
Customer supportHelp desk and support ticket managementAccount and communication data
All service providers are bound by data processing agreements and are prohibited from using your data for any purpose other than providing services to HoopAI.

5.3 Partners

We may share limited information with technology partners, resellers, and integration partners as necessary to provide joint services or enable integrations you have authorized.

5.4 Advertising and marketing

We may share de-identified or aggregated information with advertising partners to measure campaign effectiveness and deliver relevant advertisements. We do not share personally identifiable information with advertisers without your consent.

5.5 Third-party integrations

When you connect third-party services to your HoopAI account (e.g., payment processors, email services, social media platforms, calendar apps), information may be shared with those services as necessary to enable the integration. Each third-party service is governed by its own privacy policy.

5.6 Sales, mergers, and acquisitions

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such transfer and any changes to this Privacy Policy. We may disclose information when we believe in good faith that disclosure is necessary to:
  • Comply with applicable law, regulation, or legal process
  • Respond to lawful requests from public authorities
  • Protect the rights, property, or safety of HoopAI, our customers, or the public
  • Enforce our Terms of Service
We may share your information with third parties when you give us explicit consent to do so.
Phone number consent: We do NOT share your phone number or opt-in consent with third parties for marketing purposes unless we have received your express written consent.

6. Data retention

We retain your information only as long as reasonably necessary to fulfill the purposes for which it was collected, taking into account the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and the purposes for which we process it.

Retention periods

Data categoryRetention period
Account informationDuration of account plus 30 days after termination
Customer DataDuration of account plus 30 days (available for export prior to deletion)
Billing and payment records7 years (as required for tax and accounting compliance)
Usage and log data24 months
Support communications3 years after resolution
Marketing interaction data24 months from last interaction
Cookie dataVaries by cookie type (see Section 8)
AI agent interaction logsDuration of account plus 30 days

Requesting deletion

You may request deletion of your personal information at any time by contacting privacy@hoopai.com. We will process your request subject to any legal retention obligations.
Customer Data stored within the HoopAI platform (CRM contacts, conversations, etc.) can be deleted by you at any time through the platform’s built-in tools. After the applicable retention period, remaining data is permanently deleted or irreversibly anonymized.

7. Children’s privacy

The HoopAI platform is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16, we will promptly delete that information and terminate any associated account.If you believe a child under 16 has provided us with personal information, please contact us immediately at privacy@hoopai.com.

8. Cookies and tracking technologies

Types of cookies

Cookie typePurposeDurationCan you opt out?
Strictly necessaryEssential for platform functionality (authentication, security, preferences)Session or up to 1 yearNo
PerformanceAnalytics and performance monitoring (page load times, error rates)Up to 2 yearsYes
FunctionalRemember your preferences and settingsUp to 1 yearYes
MarketingTrack advertising effectiveness and deliver relevant advertisementsUp to 2 yearsYes
You can manage your cookie preferences through: For more information about the specific cookies we use, please see our Cookie Policy.
The HoopAI platform and website may contain links to third-party websites, services, or applications that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through links on our platform.

10. Do Not Track

The HoopAI platform does not currently respond to “Do Not Track” (DNT) browser signals, as there is no industry-standard technology for recognizing or honoring DNT signals. If a standard is adopted in the future, we will update this Privacy Policy accordingly.

11.1 European privacy rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation:
You have the right to request a copy of the personal data we hold about you and information about how we process it.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
You have the right to request correction of inaccurate or incomplete personal data.
You have the right to request deletion of your personal data where there is no compelling reason for its continued processing.
You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
You have the right to request that we restrict processing of your personal data in certain circumstances (e.g., while we verify accuracy of data you have contested).
You have the right to lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated.

11.2 U.S. privacy rights

Residents of states with comprehensive privacy laws (including California, Virginia, Colorado, Connecticut, Utah, and others) have the following rights:
You have the right to opt out of:
  • The sale of your personal information
  • Sharing of your personal information for targeted advertising
  • Profiling in furtherance of decisions that produce legal or similarly significant effects
HoopAI does not sell personal information. To submit an opt-out request, contact privacy@hoopai.com.
You have the right to:
  • Request disclosure of the categories and specific pieces of personal information we have collected
  • Request correction of inaccurate personal information
  • Request deletion of your personal information, subject to certain exceptions
We will not discriminate against you for exercising your privacy rights. You will not receive different pricing, service quality, or access levels.
If we deny your privacy request, you have the right to appeal our decision. To appeal, contact privacy@hoopai.com with “Privacy Appeal” in the subject line.
You may designate an authorized agent to exercise your privacy rights on your behalf. We may require the agent to provide proof of authorization and may verify your identity directly.
We collect certain categories of sensitive personal data (e.g., account credentials, payment information) only as necessary to provide the Services. We do not use sensitive data for purposes beyond what is reasonably necessary.
CategoryExamplesCollected
IdentifiersName, email, phone, IP address, account IDYes
Personal informationBilling address, payment details, phone numberYes
Commercial informationSubscription plan, transaction and purchase historyYes
Internet or network activityUsage data, browsing activity on hoopai.com, feature interactionsYes
Geolocation dataIP-based approximate locationYes
Professional or employment informationJob title, company name, industryYes
InferencesUser preferences, feature usage patterns, account health indicatorsYes

11.3 Australian privacy rights

If you are located in Australia, your personal information is protected under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). You have the right to:
  • Access your personal information held by HoopAI
  • Request correction of inaccurate, out-of-date, or incomplete information
  • Lodge a complaint about our handling of your personal information with the Office of the Australian Information Commissioner (OAIC)

11.4 Canadian privacy rights

If you are located in Canada, your personal information is protected under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. You have the right to:
  • Access your personal information held by HoopAI
  • Challenge the accuracy and completeness of your information and request amendments
  • Withdraw consent to the collection, use, or disclosure of your personal information (subject to legal or contractual restrictions)
  • Lodge a complaint with the Office of the Privacy Commissioner of Canada

11.5 Exercising your rights

To exercise any of your privacy rights, contact us at: We will verify your identity before processing any request and respond within the timeframe required by applicable law (typically 30 days for GDPR, 45 days for U.S. state privacy laws).

12. International data transfers

HoopAI, Inc. is based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored in, and processed in the United States or other countries where our service providers maintain facilities. For transfers of personal data from the EEA, UK, or Switzerland to the United States, we rely on:
  • EU-U.S. Data Privacy Framework (DPF) — HoopAI is certified under the EU-U.S. Data Privacy Framework
  • UK Extension to the EU-U.S. DPF — for transfers from the United Kingdom
  • Swiss-U.S. Data Privacy Framework — for transfers from Switzerland
  • Standard Contractual Clauses (SCCs) approved by the European Commission, as a supplementary transfer mechanism
  • Additional safeguards such as encryption and access controls

13. Data Privacy Framework

HoopAI, Inc. and HoopAI Communications LLC comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.
HoopAI has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF.
HoopAI has certified to the U.S. Department of Commerce that it adheres to the UK Extension to the EU-U.S. DPF Principles with regard to the processing of personal data received from the United Kingdom (and Gibraltar) in reliance on the UK Extension.
HoopAI has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
The Federal Trade Commission has jurisdiction over HoopAI compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, HoopAI may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may contact our U.S.-based third-party dispute resolution provider (free of charge). Under certain conditions, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
HoopAI is responsible for the processing of personal data it receives under each Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. HoopAI remains liable under the DPF Principles if its agent processes such personal data in a manner inconsistent with the Principles, unless HoopAI proves it is not responsible for the event giving rise to the damage.

14. Privacy Policy updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes:
  • We will post the updated Privacy Policy on hoopai.com with a new “Last Updated” date
  • We will notify you via email or in-platform notification for material changes
  • We will obtain your consent where required by law
Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
We recommend reviewing this Privacy Policy periodically. Prior versions are available upon request by contacting privacy@hoopai.com.

15. Contact us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:
Contact methodDetails
Privacy inquiriesprivacy@hoopai.com
Legal departmentlegal@hoopai.com
General supportsupport@hoopai.com
Mailing addressHoopAI, Inc., Dallas, Texas, United States
Websitehoopai.com

UK representative

For individuals located in the United Kingdom, you may contact our UK representative for data protection matters. Please email privacy@hoopai.com with “UK Representative” in the subject line for current representative contact details.

EU representative

For individuals located in the European Economic Area, you may contact our EU representative for data protection matters. Please email privacy@hoopai.com with “EU Representative” in the subject line for current representative contact details. For GDPR-related complaints, you also have the right to lodge a complaint with your local data protection supervisory authority.
Last modified on March 6, 2026