Private beta customers use founder-led onboarding to map lead sources, workflow boundaries, and safe human takeover before launch.

Yes. All data is encrypted in transit (TLS) and at rest (AES-256). Each organization's data is fully isolated. We never sell your data.

What integrations are supported?

QuickBooks for accounting, Google Calendar for scheduling, Twilio for SMS, Yelp, Thumbtack, Google LSA, Microsoft 365 email, provider-agnostic voice adapters, Trustindex reviews, and Zapier for custom workflows.

How do AI-assisted replies work?

Messages from Yelp, Thumbtack, SMS, email, and website chat can land in one unified inbox. AI uses your knowledge base for context, drafts replies, schedules reviewed follow-ups, and moves the lead through your pipeline while preserving human takeover.

Does Bazas AI have a Voice AI receptionist?

Yes. Bazas connects calls into your CRM through provider-agnostic voice adapters. The voice agent uses your knowledge base to answer missed calls, book appointments, create CRM contacts, and store transcripts. Default agent: Anna, customizable or replaceable per tenant.

Can I use Bazas AI on my phone?

Bazas is designed for mobile-friendly CRM workflows so service operators can manage messages, jobs, scheduled follow-ups, and AI insights while in the field.

What is the AI Knowledge Base?

Bazas AI uses RAG (Retrieval-Augmented Generation) to build a knowledge graph from your conversations, call transcripts, reviews, and business data. This makes the AI smarter over time — it learns your pricing, policies, and customer patterns to give increasingly accurate responses.

Is Bazas AI suitable for teams?

Yes. Bazas AI supports role-based access (Owner, Admin, Partner, Dispatcher, Contractor), team messaging with internal notes, and multi-tenant architecture for managing multiple businesses from one platform.

Privacy Policy

Effective date: May 19, 2026

1. Introduction

Bazas AI ("Bazas," "we," "us," or "our") is an AI-powered CRM platform for service businesses, operated by Repair ASAP LLC, a New York limited liability company. This Privacy Policy explains how we collect, use, share, and protect information when you use our website (bazas.ai), web application, mobile application, and related services (collectively, the "Services").

By using our Services, you agree to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree, please do not use our Services.

2. Information We Collect

2.1 Information You Provide Directly

Account information: name, email address, phone number, password, company name, and role when you create an account.
Business data: contacts, leads, jobs, invoices, estimates, receipts, messages, notes, and other operational data you enter into the platform.
Communications: SMS messages, emails, and voice calls sent or received through the platform on your behalf.
Payment information: billing details processed securely through Stripe. We do not store full credit card numbers.
Waitlist/contact form: email address, name, company, phone number, and message when you join our waitlist or contact us.

2.2 Information Collected Through Third-Party Integrations

Financial data (Plaid): When you choose to connect your bank account via Plaid, we receive account information such as account name, type, balance, and transaction history. We access this data only with your explicit consent and use it solely to provide financial features within the platform. See Section 8 for details on Plaid.
Accounting data (QuickBooks): invoice, payment, and customer data synced at your request via OAuth-authenticated connection.
Calendar data (Google Calendar): event information synced at your request for scheduling features.

2.3 Information Collected Automatically

Usage data: pages visited, features used, actions taken, timestamps, and session duration.
Device information: browser type, operating system, device type, screen resolution, and IP address.
Cookies: we use essential cookies for authentication and session management. We use Google Analytics 4 for aggregated usage statistics and Microsoft Clarity for website experience analytics such as heatmaps and session replay. See Section 10.

3. How We Use Your Information

We use the information we collect to:

Provide, operate, and maintain the Services.
Process and manage your business operations (contacts, jobs, invoices, messaging).
Generate AI-powered suggestions, auto-replies, and analytics within your organization.
Send transactional communications (account verification, password resets, billing receipts).
Provide customer support and respond to your inquiries.
Improve and develop new features based on aggregated usage patterns.
Detect, prevent, and address fraud, abuse, and security issues.
Comply with legal obligations.

We do not use your data to train AI models. AI features (powered by OpenAI GPT-4o) process your data to generate responses but do not retain or learn from it. OpenAI's API terms prohibit using API inputs for model training.

4. How We Share Your Information

We do not sell, rent, or trade your personal information. We share data only in the following circumstances:

Service providers (sub-processors): We use trusted third-party services to operate the platform. Each sub-processor processes only the minimum data necessary. See Section 7 for the full list.
At your direction: When you connect integrations (QuickBooks, Plaid, Google Calendar) or send messages (SMS, email), data is shared with the respective provider as required to perform the action.
Legal requirements: We may disclose data if required by law, subpoena, court order, or government request.
Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will notify you before this occurs.

5. Data Security

We implement industry-standard security measures to protect your data:

Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS 1.3.
Encryption at rest: All data stored in our databases is encrypted using AES-256.
Multi-tenant isolation: Each organization's data is strictly isolated at the database level. No cross-tenant access is possible.
Access control: Role-based access control (RBAC) with five levels: Owner, Admin, Partner, Dispatcher, Contractor.
Password security: All passwords are hashed using bcrypt with a cost factor of 12. We never store plaintext passwords.
API authentication: All API endpoints require authentication via secure session tokens or JWTs.
Infrastructure: Hosted on enterprise-grade providers (Railway, Vercel, Supabase) with automated backups and SSL-encrypted database connections.

For more details, visit our Security page.

6. Data Retention and Deletion

We retain your data for as long as your account is active or as needed to provide the Services. Specifically:

Active accounts: All business data is retained for the duration of your subscription.
Account deletion: When you delete your account, all associated data (contacts, messages, jobs, invoices, files) is permanently deleted within 30 days. Backups containing your data are purged within 90 days.
Waitlist data: Email addresses collected via the waitlist are retained until the user unsubscribes or requests deletion.
Financial data (Plaid): Bank account information received from Plaid is retained only as long as the connection is active. When you disconnect, all financial data is deleted within 30 days.
Logs and analytics: Server logs are retained for 90 days. Aggregated, anonymized analytics may be retained indefinitely.

You may request deletion of your data at any time by contacting privacy@bazas.ai.

7. Sub-Processors

We use the following third-party service providers to operate the platform:

Provider	Purpose	Data
Railway	Application hosting	All application data (encrypted)
Supabase	Database & authentication	Business data, user accounts
Vercel	Website hosting	No business data
OpenAI	AI features (GPT-4o)	Message content (not stored/trained on)
Plaid	Bank account connectivity	Financial account data, transactions
Twilio	SMS & voice	Phone numbers, message content
Vapi	Voice AI	Call audio, transcripts
Resend	Email delivery	Email addresses, email content
Stripe	Payment processing	Payment data (PCI DSS compliant)
Intuit	QuickBooks integration	Invoices, payments (at user request)
Google	Analytics, Calendar, OAuth	Usage data, calendar events
Microsoft	Clarity website analytics	Website usage data, device/browser data, heatmaps, session replay
Cloudflare	CDN, file storage (R2)	Uploaded files (photos, documents)

8. Plaid Integration

Our platform uses Plaid Inc. ("Plaid") to connect your financial accounts. When you use Plaid Link within our application:

You provide your bank credentials directly to Plaid — we never see or store your bank login credentials.
Plaid transmits your financial data (account balances, transaction history) to us via secure, encrypted APIs.
We use this data solely to provide financial features (expense tracking, income visibility) within the platform.
We do not sell, share, or use your financial data for advertising or any purpose other than providing Services to you.
You can revoke Plaid access at any time through your account settings, and we will delete the associated financial data within 30 days.

Plaid's use of your data is governed by Plaid's End User Privacy Policy.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data. You can also delete your account directly from the platform.
Data portability: Export your data in CSV format at any time from within the platform.
Opt-out: Unsubscribe from marketing emails using the link in any email, or contact us.
Withdraw consent: Disconnect any third-party integration at any time.

To exercise any of these rights, contact us at privacy@bazas.ai. We will respond within 30 days.

10. Cookies and Tracking

We use a minimal set of cookies:

Essential cookies: Required for authentication and session management. Cannot be disabled.
Analytics (Google Analytics 4): Collects anonymized usage data to help us improve the product. Does not track individual users across sites. You may opt out via your browser settings or a cookie blocker extension.
Website experience analytics (Microsoft Clarity): Helps us understand how visitors use the marketing site through aggregated behavior analytics, heatmaps, and session replay so we can improve usability and conversion paths. Clarity may collect interaction, device, browser, and approximate location data. We do not use Clarity for advertising or retargeting.

We do not use advertising cookies or retargeting pixels.

11. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 18, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Effective date" at the top of this page and notify registered users via email. Continued use of the Services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

Email: privacy@bazas.ai
Company: Repair ASAP LLC dba Bazas AI
Address: 350 Northern Blvd Ste 324 #1412, Albany, NY 12204