Policies and Procedures

Terms & Conditions

Last Updated: September 1, 2025

These Terms are between ByrachatVentures LLC d/b/a “Byra” (“Byra,” “we,” “us”) and the entity/person agreeing to them (“Customer,” “you”). By creating an account, clicking “I agree,” or using the Services, you accept these Terms.

1. Definitions
   • Account: your registered account; User: individual you authorize;
   • Customer Data: data/content you or your Users submit;
   • Documentation: user guides/policies; Order: checkout/order form/invoice;
   • Services: Byra’s hosted software for support, messaging, chatbots, help desk, automations, APIs, and related apps/sites;
   • Third-Party Services: non-Byra tools/integrations.
2. Access; Changes; Support
   • License: non-exclusive, non-transferable right to use the Services during a paid term for internal business purposes;
   • Accounts: you’re responsible for Users and credentials;
   • Changes/Beta: we may modify features; Beta is AS IS;
   • Support/Availability: standard web/email support; maintenance/emergencies may affect availability.
3. Subscriptions, Fees, Auto-Renewal & ROSCA
   • Fees: billed in advance per Order; non-refundable except as required by law or expressly stated;
   • Auto-Renewal: renews unless canceled; for contracts ≥12 months that auto-renew >1 month, we send a clear renewal notice 30–60 days before the cancellation deadline (Fla. Stat. §501.165);
   • Express Consent & Easy Cancellation: material terms disclosed immediately adjacent to consent; we obtain express informed consent and offer a simple online cancellation path (ROSCA best practices);
   • Taxes: you pay applicable taxes (excluding our net-income taxes);
   • Overages/Add-Ons: prorated charges may apply; Late: 1.5%/mo (or legal max) + collection costs; possible suspension after notice.
4. Acceptable Use (AUP) — Florida-Aware

   No unlawful use; no Prohibited Data (PHI without BAA, full payment card data, biometric templates, precise geolocation of minors, or government ID numbers) without our prior written approval; no probing/attacking; no reverse engineering; no resale to unaffiliated third parties; no IP/privacy violations; no High-Risk activities; and no misuse of telecom/messaging features.

5. Customer Data; Privacy; Security
   • Ownership: you own Customer Data; you grant Byra a license to host/process and to create Aggregated/De-identified Data (owned by Byra) to operate, secure, and improve the Services;
   • Your Responsibilities: obtain/record required consents; provide End-User notices; comply with data, telecom, and consent laws;
   • Security: reasonable measures (see Annex C);
   • DPA: Annex A applies where we process personal data for you; includes SCCs/UK Addendum;
   • Retention/Deletion: retain through term + [60] days for export; then delete/de-identify and cycle out of backups (Annex F);
   • Integrations: enabling Third-Party Services instructs us to share data as needed; third parties’ terms apply.
6. Generative AI & Automation

   Outputs may be inaccurate or biased and are provided AS IS. You must review outputs and set guardrails; do not use outputs as professional advice.

7. IP; Feedback

   We and our licensors own the Services and Documentation. You grant us a perpetual, irrevocable, royalty-free license to use feedback.

8. Telecom, Messaging & Marketing Compliance
   • Obtain/document prior express written consent for automated marketing texts/calls to Florida residents; keep consent logs;
   • Honor Florida quiet hours (no calls/texts before 8:00 a.m. or after 8:00 p.m. local time) and “3 calls on the same subject per 24 hours” rule;
   • Implement STOP/HELP keywords; cease marketing texts within 15 days of a STOP and send one confirmation;
   • Register A2P 10DLC brand/campaigns; carriers may block/fine unregistered traffic;
   • Follow CTIA Messaging Principles; comply with CAN-SPAM and Florida email rules; maintain internal Do-Not-Call list and accurate caller ID.

   We may suspend messaging features for high complaint rates or material non-compliance; you are responsible for carrier fines or penalties arising from your campaigns.

9. Warranties; Disclaimers

   We warrant material conformance to Documentation. OTHERWISE, THE SERVICES/BETA/MATERIALS ARE PROVIDED “AS IS/AS AVAILABLE,” WITHOUT IMPLIED WARRANTIES.

10. Indemnities
    • Byra (IP): we defend against claims that the Services (as authorized) directly infringe U.S. IP; we may modify, procure rights, or refund the unused portion and terminate the affected feature;
    • You: you defend/indemnify Byra for claims arising from Customer Data, unlawful use/consent failures/marketing, or combinations with non-Byra items.
11. Liability Limits

    NO PARTY IS LIABLE FOR INDIRECT/CONSEQUENTIAL/LOST PROFITS/LOSS OF DATA. TOTAL LIABILITY IS CAPPED AT THE FEES YOU PAID FOR THE AFFECTED SERVICE IN THE PRIOR 12 MONTHS OR USD $100, WHICHEVER IS GREATER. Exclusions: your payment obligations; your indemnity (§8/§10); willful misconduct/fraud.

12. Term; Suspension; Termination

    Terms run until subscriptions end. We may suspend for non-payment, security risk, or illegal/harmful use. Either party may terminate for uncured material breach (30 days’ notice). No refunds for convenience termination. Certain sections and annexes survive.

13. Disputes; Governing Law; Venue
    • Informal Resolution: 30 days after written notice;
    • Arbitration & Class Waiver: JAMS, binding, single arbitrator in Palm Beach County, Florida, English; no class actions. Opt out within 30 days by writing to info@byrachat.com;
    • Law/Venue: Florida and U.S. law (conflicts excluded). Subject to arbitration, exclusive venue is state/federal courts in Palm Beach County, Florida; jury trial waived.
14. Export/Sanctions; Anti-Corruption

    You will comply with U.S. export/sanctions and anti-bribery laws.

15. Publicity

    Unless you opt out via info@byrachat.com, we may use your name/logo as a customer.

16. E-Sign Consent (Florida & Federal)

    You consent to transact electronically. Electronic records/signatures have legal effect under Florida UETA (Fla. Stat. §668.50) and the federal E-SIGN Act.

17. Notices

    Legal notices to: info@byrachat.com. We may notify you via Account email or in-product messages.

18. Assignment; Force Majeure; Independent Contractors

    You need our consent to assign (not unreasonably withheld). We may assign to an Affiliate or in a corporate transaction. Neither party is liable for events beyond reasonable control. The parties are independent contractors.

19. Entire Agreement; Order; Updates

    These Terms + Orders + Annexes/Documentation (including DPA, SLA, Security/IR, Telecom Add-On, HIPAA/PCI Statement, Records Schedule) are the entire agreement. Order → Terms → Annexes (SCCs/IDTA control for transfers) → Documentation. We may update; material changes take effect on renewal or as required by law (with notice).

Annex A — Data Processing Addendum (DPA)

• Roles: Customer = controller/business; Byra = processor/service provider.
• Scope: provide, secure, support Services; create Aggregated/De-identified data.
• Subprocessors: authorized per live list; 30 days’ advance notice for material changes; good-faith objections; if unresolved, terminate affected Services pro-rata.
• Security: measures in Annex C.
• International Transfers: EU SCCs (2021/914) Modules 2/3; UK Addendum/IDTA; appropriate safeguards and supplementary measures.
• Assistance: DSRs, DPIAs, consultations; Audits: SOC2/pen-test summaries; targeted audits on 30 days’ notice.
• Breach: notify without undue delay and cooperate; Florida timelines summarized in Annex C §4.
• Deletion/Return: delete or return on termination/request; backups cycle out per retention.
• Order of Precedence: SCCs/IDTA → this Annex → Terms.

Annex A-1 (Description): Subjects—your agents, end-customers, visitors. Data—identifiers, contact info, chat/tickets, files, device/IP, usage, consent logs. Purpose—hosting, storage, routing, search, analytics, deliverability, logging, support, AI (if enabled). Retention—see Annex F.

Annex B — Service Level Addendum (SLA)

• Uptime: 99.9% monthly (excludes maintenance, force majeure, your networks/integrations, carrier/Third-Party outages, DDoS beyond reasonable mitigation, Beta).
• Credits: <99.9% ≥99.0% → 10%; <99.0% ≥97.0% → 25%; <97.0% → 50% of monthly fees for the affected Service. Credits are your sole downtime remedy.
• Maintenance: up to 2 hrs/week during Sundays 02:00–04:00 ET. Measured by Byra multi-region monitoring.

Annex C — Security & Incident Response (Florida-Aware)

• Program: least-privilege/SSO/MFA; TLS1.2+/AES-256; key mgmt; WAF; EDR; secure SDLC; vuln mgmt with SLAs; logging/SIEM; backups; DR; vendor risk; employee training/background checks; incident playbooks.
• FIPA Overview: individual notice no later than 30 days after determination (law-enforcement delay and limited extensions permitted); AG notice if ≥500 residents; CRA notice if >1,000 individuals are notified; third-party agents notify covered entity within 10 days; secure disposal required when PI is no longer retained.

Annex D — Telecom/Messaging Add-On

Integrated into §8 (consent, quiet hours/3-in-24, STOP-within-15-days, A2P 10DLC, CTIA, CAN-SPAM, Florida email law).

Annex E — HIPAA/PCI/Sensitive Data Statement

• PHI: not permitted unless a Business Associate Addendum (BAA) is executed.
• Payment Cards: don’t store full PANs/CVV/sensitive auth data; use PCI-validated processors; Byra uses tokens.
• Other Sensitive: government IDs, biometric templates, precise geolocation of minors, etc., require prior written approval.

Annex F — Records Retention & Destruction (Baseline)

Record Type	Default Retention	Notes
Chat/ticket content	24 months	Configurable (shorter = safer)
System/auth/admin logs	12 months	Extendable for forensics
Billing/invoices	7 years	Tax/finance obligations
Consent & opt-out logs (SMS/Email)	4 years	Defend FTSA/TCPA claims
Support attachments	12 months	Auto-purge where feasible
Backups	30–45 days rolling	Encrypted; cycle out

Destruction: shred/erase/make unreadable per Florida law.

Cookie Policy

Last Updated: September 1, 2025

1. What Are Cookies?

   Small files placed on your device that store information. Related technologies include pixels, SDKs, local storage, and device IDs.

2. Types of Cookies We Use
   • Strictly Necessary: authentication, load balancing, security;
   • Functional/Preference: remember settings;
   • Analytics/Performance: understand usage and improve the Service;
   • Advertising/Targeting (if enabled): measure campaigns and personalize ads;
   • Third-Party Cookies: set by providers (analytics, support, A/B testing, identity, deliverability).
3. How We Use Cookies
   • Sign you in, maintain sessions, and secure your account;
   • Remember preferences and personalize experiences;
   • Analyze traffic, trends, and performance;
   • Support marketing campaigns and measure effectiveness (if enabled);
   • Support integrations you enable.
4. Your Choices
   • Consent Banner: choose Accept All, Reject Non-Essential, or Manage by category (some regions require consent before setting non-essential cookies);
   • Browser Controls: block/delete cookies (some features may break);
   • Global Privacy Control/Do Not Track: honored where legally required;
5. Retention

   Session cookies expire when you close your browser. Persistent cookies last up to [e.g., 13 months] unless you delete them sooner.

6. Updates

   We may update this Policy and cookie categories/descriptions; material changes will be communicated via the banner or our site.

7. Contact

   Email: info@byrachat.com