Last updated: 10 June 2026
OZOO.ai is an AI conversation platform for BFSI lenders, built and operated by Habilelabs, Sec-93 Agarwal Farm, Mansarovar, Jaipur, Rajasthan, India, 302020 ("OZOO.ai", "we", "us"). This policy explains what personal data we collect, why we collect it, and the choices you have.
It covers two situations: (1) when you visit this website, request a demo or contact us; and (2) when personal data — such as call recordings and transcripts — is processed through the OZOO.ai platform on behalf of our customers.
When you submit our contact or demo form we collect your name, work email address, contact number, and the subject and message you provide. We use this only to respond to your enquiry, scope a demo or pilot, and follow up about OZOO.ai. We do not sell this information.
Like most websites, we also collect routine technical information — IP address, browser type, pages viewed and timestamps — through analytics tools (Google Tag Manager, Google Analytics and Microsoft Clarity). This is used in aggregate to understand how the site is used and to improve it.
We use cookies and similar technologies for analytics and to measure the effectiveness of our pages. You can control or delete cookies through your browser settings; the site remains usable with non-essential cookies disabled.
When a bank, NBFC or lender uses the OZOO.ai platform, that customer is the data controller and OZOO.ai acts as a data processor. Personal data processed on the customer's behalf may include call recordings, transcripts, chat messages, derived analytics and customer-supplied identifiers.
This processing is governed by our Data Processing Addendum (DPA), which covers sub-processors, data residency, retention, deletion and breach notification. PII such as card numbers, Aadhaar, PAN, mobile numbers and account IDs is redacted before persistence by default. If you are an end customer of one of our clients and have questions about your data, please contact that institution first — they control the purposes of processing.
Data is encrypted in transit (TLS 1.2+) and at rest (AES-256), with role-based access controls, multi-factor authentication for privileged users and audit logging. The platform runs on AWS infrastructure. Details of our security posture, certifications and attestations in progress are published on our Security page.
We do not sell personal data. We share data only with the sub-processors needed to operate the platform and this website (for example, AWS for hosting and analytics providers for site measurement), under contracts that bind them to equivalent protections. A list of platform sub-processors is available on request, with 30-day notice of material changes as described in the DPA.
Website enquiry data is retained for as long as needed to handle your enquiry and for legitimate business records. Platform data is retained per tenant-configurable retention windows defined with each customer, and deleted within 30 days of contract termination by default.
Subject to applicable law — including the Digital Personal Data Protection Act, 2023 (India), and where applicable the GDPR — you may request access to, correction of, or deletion of your personal data, withdraw consent, or object to certain processing. To exercise these rights, write to legal@ozoo.ai. We will respond within the timelines required by applicable law.
We may update this policy as the product and applicable law evolve. Material changes will be reflected on this page with an updated date below.
Privacy questions and rights requests: legal@ozoo.ai. Security reports: security@ozoo.ai. See also our Terms of Service and Data Processing Addendum.