Legal

Privacy Policy

We keep this simple: here's what information we collect, why we collect it, who helps us process it, and the choices you have. No legalese walls — just the facts.

Effective date: June 12, 2026

01Who we are

Cret.ai is an AI automation agency based in Pleasanton, California. We build AI agents, AI-powered websites, and business automation for small businesses. This policy explains how we handle personal information collected through our website at https://cret.ai. Questions? Email us anytime at [email protected].

02What we collect

  • Contact form submissions — your name, email, and business type, plus anything optional you choose to share (phone number, website URL, business goals).
  • Exit-popup form submissions — the fields you fill in if you use the popup form before leaving the site.
  • Chat messages — messages you send to the AI assistant on our site, used to generate replies and (if you ask about our services) to help us follow up.
  • Usage data — standard analytics collected via Google Analytics, such as pages visited, approximate location, device and browser type, and cookies. See the Cookies section below.

We only collect what you give us or what standard analytics tools record. We don't collect payment details through this website.

03How we use your information

  • Respond to your audit request or other inquiry — this is the main reason we collect anything.
  • Provide and improve our services, including understanding how visitors use the site so we can make it better.
  • Send relevant follow-ups about your inquiry or our services. You can opt out anytime.
  • Phone follow-up — if you give us your phone number, we use it only to follow up on your inquiry, and only with your consent.

04Who processes your data

We use a small number of trusted third-party services ("processors") to run our business:

  • Google Analytics — website usage analytics.
  • Google Apps Script — handles our form submissions.
  • Our CRM — stores inquiry details so we can respond and follow up.
  • AI model providers — power the chat assistant on our site. Messages you send to the assistant are processed by these providers to generate replies.

These services process data on our behalf to deliver the functions above. We share only what's needed for each service to do its job. For more on how the AI assistant works and how we use AI generally, see our AI Disclosure.

05What we don't do

We do not sell your personal information. Not to advertisers, not to data brokers, not to anyone. We also don't share your information with third parties for their own marketing.

06Cookies & analytics

Our site uses Google Analytics, which sets cookies to help us understand site traffic — things like which pages people visit and how they found us. This data is aggregated and doesn't tell us who you are personally.

You can opt out by:

The site works fine with cookies disabled.

07Your California privacy rights (CCPA/CPRA)

If you're a California resident, you have the right to:

  • Know what personal information we've collected about you.
  • Delete the personal information we hold about you.
  • Correct inaccurate personal information.
  • Opt out of the sale or sharing of personal information (note: we don't sell it in the first place).

To exercise any of these rights, email [email protected] with your request. We'll verify your identity and respond within the timeframes required by law. We will never discriminate against you — no different pricing, no reduced service — for exercising your privacy rights.

08SMS & communications consent

By providing your phone number through one of our forms, you agree that we may contact you by phone or text message about your inquiry. We won't use your number for anything unrelated.

To stop receiving texts, reply STOP to any message from us, or email [email protected]. Message and data rates from your carrier may apply.

09How long we keep your data

We keep your information only as long as we need it: to respond to your inquiry, to provide services if you become a client, and to meet any legal or accounting obligations. When we no longer need it, we delete it. You can request deletion at any time by emailing [email protected].

10Security

We use industry-standard measures to protect your information, including encrypted connections (HTTPS) and access controls on the systems that store your data. That said, no method of transmission or storage is 100% secure, and we can't guarantee absolute security. If we ever become aware of a breach affecting your data, we'll notify you as required by law.

11Children's privacy

Our services are for businesses and aren't directed at children under 13. We don't knowingly collect personal information from children. If you believe a child has provided us information, email us and we'll delete it.

12Changes to this policy

If we update this policy, we'll post the new version here and update the effective date at the top. For significant changes, we'll make a reasonable effort to notify you (for example, by email if we have your address). Continued use of the site after changes means you accept the updated policy.

13Contact us

Questions about this policy or your data? We're happy to help — and a real person reads every email.