1. Introduction

Otherworlds Studio, LLC, operating as "Otherworlds AI" ("Company," "we," "us," or "our"), is committed to protecting your privacy and ensuring transparency in how we collect, use, and safeguard your personal information. This Privacy Policy explains our practices regarding data collection and processing across our AI development services, SaaS platforms, web applications, mobile applications, voice AI agents, and digital product development services.

This policy applies to all users of our services, including website visitors, AI chatbot users, SaaS platform subscribers, enterprise clients, and anyone engaging with our digital products. By using our services, you consent to the data practices described in this policy.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Information We Collect

2.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, business name, job title, and mailing address when you contact us, request quotes, or sign up for services
• Account Information: Username, password, profile information, and preferences for SaaS platform accounts
• Payment Information: Billing address, payment card details (processed securely through PCI-DSS compliant third-party processors), and transaction history
• Project Information: Requirements, specifications, feedback, and communications related to custom development projects
• Voice Data: Voice recordings and transcripts when you interact with our AI voice agents or phone systems
• Chat Conversations: Messages, questions, and interactions with our AI chatbots and conversational agents

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on platform, click patterns, and navigation paths
• Device Information: IP address, browser type and version, operating system, device type, unique device identifiers
• Location Data: General geographic location based on IP address (city/state level, not precise GPS)
• Cookies & Tracking: Session data, preferences, and analytics information (see Cookie Policy for details)
• Performance Metrics: API response times, system errors, application performance data for SaaS platforms
• Security Logs: Authentication attempts, security events, and access logs for platform integrity

2.3 AI-Specific Data Collection

• Training Data: For custom AI models, we may collect and use client-provided datasets with explicit consent
• Model Inputs: Prompts, queries, and inputs submitted to AI systems for processing
• Model Outputs: Responses, predictions, and generated content from AI systems
• Interaction Patterns: How users interact with AI agents to improve accuracy and user experience
• Voice Biometrics: Voice characteristics for speaker identification in voice AI systems (only with explicit consent)

3. How We Use Your Information

We process your personal data for the following purposes:

3.1 Service Delivery

• Providing AI development services, SaaS platforms, and digital product solutions
• Processing transactions and managing billing
• Delivering customer support and technical assistance
• Managing user accounts and authentication
• Hosting and maintaining AI voice agents and chatbot systems

3.2 Product Improvement

• Analyzing usage patterns to enhance platform features and user experience
• Training and improving AI models with anonymized or aggregated data
• Conducting A/B testing and product research
• Identifying and fixing technical issues

3.3 Communication

• Responding to inquiries and support requests
• Sending service updates, security alerts, and administrative messages
• Providing marketing communications (with your consent, which can be withdrawn anytime)
• Sending project updates and milestone notifications for development clients

3.4 Legal & Security

• Complying with legal obligations and regulatory requirements
• Preventing fraud, abuse, and security threats
• Enforcing our terms of service and protecting our rights
• Responding to legal requests and court orders

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), UK, and Switzerland, we process personal data based on the following lawful grounds under GDPR Article 6:

• Contractual Necessity (Art. 6(1)(b)): Processing necessary to fulfill our service agreements and deliver contracted AI development services
• Legitimate Interests (Art. 6(1)(f)): Improving our services, preventing fraud, and ensuring platform security, balanced against your rights
• Consent (Art. 6(1)(a)): Marketing communications, non-essential cookies, and optional features requiring your explicit permission
• Legal Obligation (Art. 6(1)(c)): Compliance with tax laws, data breach reporting, and regulatory requirements
• Vital Interests (Art. 6(1)(d)): Protecting life or physical safety in emergency situations

5. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy, unless a longer retention period is required by law:

6. Your Rights and Choices

6.1 GDPR Rights (EEA, UK, Switzerland)

• Right to Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Oppose processing based on legitimate interests or for marketing
• Right to Withdraw Consent: Revoke consent at any time (doesn't affect prior processing)
• Right to Lodge a Complaint: File complaints with your national data protection authority

6.2 CCPA Rights (California Residents)

• Right to Know: What personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do not sell personal information
• Right to Non-Discrimination: Equal service regardless of privacy choices
• Authorized Agent: Designate someone to make requests on your behalf

6.3 How to Exercise Your Rights

To exercise any of these rights, contact us at:

• Email: info@otherworldsai.com
• Mail: Otherworlds Studio, LLC - Privacy Team, Colorado, United States

We will respond to verified requests within 30 days (GDPR) or 45 days (CCPA). Identity verification may be required to protect your information.

7. International Data Transfers

Otherworlds AI operates from the United States. If you access our services from outside the US, your data may be transferred to, stored, and processed in the United States and other countries where we or our service providers operate.

For EEA, UK, and Swiss data subjects, we ensure adequate protection through:

• Standard Contractual Clauses (SCCs): EU-approved data transfer agreements with service providers
• Adequacy Decisions: Transfers to countries recognized by the EU as providing adequate protection
• Additional Safeguards: Encryption, pseudonymization, and access controls for international transfers
• Data Processing Agreements: Contractual obligations with all international processors

8. Third-Party Services and Data Sharing

We may share your information with the following categories of third parties:

8.1 Service Providers

• Cloud Infrastructure: Enterprise cloud hosting providers for data storage and compute resources
• AI Services: Third-party AI platforms for language processing, voice synthesis, and machine learning
• Payment Processors: PCI-DSS compliant payment processing services for secure transactions
• Analytics: Web analytics and product analytics platforms for usage tracking
• Communication: Voice, SMS, and email delivery service providers
• Customer Support: Help desk and customer support platforms

8.2 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership or use of your personal information.

8.3 Legal Requirements

We may disclose your information when required by law, such as:

• Responding to subpoenas, court orders, or legal processes
• Protecting our rights, property, or safety
• Investigating fraud or security issues
• Complying with regulatory investigations

8.4 Data Sales

We do NOT sell your personal information to third parties for monetary consideration.

9. Security Measures

We implement industry-standard security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction:

• Encryption: AES-256 encryption at rest, TLS 1.3 for data in transit
• Access Controls: Role-based access control (RBAC), multi-factor authentication (MFA)
• Network Security: Firewalls, intrusion detection/prevention systems (IDS/IPS)
• Regular Audits: Security assessments, penetration testing, and vulnerability scans
• Employee Training: Regular security awareness training for all staff
• Incident Response: 24/7 monitoring and documented breach response procedures
• Data Backups: Encrypted backups with disaster recovery protocols
• Secure Development: Security-first development practices and code reviews

While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute security, but we continuously work to enhance our protections.

10. Data Breach Notification

In the event of a data breach involving personal information, we will:

• GDPR Compliance: Notify relevant supervisory authorities within 72 hours of becoming aware of the breach
• User Notification: Inform affected users without undue delay if the breach poses a high risk to their rights and freedoms
• Breach Details: Provide information about the nature of the breach, affected data categories, likely consequences, and mitigation measures
• Remediation: Take immediate action to contain the breach and prevent further unauthorized access
• Documentation: Maintain records of all data breaches, including facts, effects, and remedial actions

11. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

If you believe we have collected information from a child, please contact us immediately at info@otherworldsai.com.

12. Cookie Consent & Tracking Technologies

We use cookies and similar tracking technologies. Essential cookies are necessary for platform functionality. Non-essential cookies (analytics, marketing) require your consent through our cookie consent banner.

For detailed information about our cookie practices, please see our Cookie Policy.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or business operations. Material changes will be communicated through:

• Email notification to registered users
• Prominent notice on our website homepage
• In-app notifications for SaaS platform users
• Updated "Last Modified" date at the top of this policy

Continued use of our services after changes take effect constitutes acceptance of the updated policy. For material changes affecting previously collected data, we will seek your explicit consent where required by law.

14. Contact Information

For privacy-related questions, concerns, or to exercise your rights, please contact our Privacy Team:

EU Representative: For GDPR-related matters, EU residents may also contact our EU representative (if applicable based on business volume).

1. Agreement to Terms

These Terms of Service ("Terms", "Agreement") govern your access to and use of the services provided by Otherworlds Studio, LLC, operating as "Otherworlds AI" ("Company," "we," "us," or "our"), including but not limited to:

• AI development and consulting services
• Agent+ SaaS platform and AI agent solutions
• Private AI agent development and deployment
• Voice AI agents and conversational AI systems
• Web and mobile application development (agentic applications)
• Custom software development and digital product services
• All websites, platforms, and APIs operated by Otherworlds Studio, LLC

By accessing or using our Services, you agree to be bound by these Terms. If you disagree with any part of these Terms, you may not access or use our Services.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Definitions

3. Service Descriptions

3.1 AI Development Services

We provide custom AI development including machine learning models, natural language processing systems, computer vision solutions, and AI integration services. These services are delivered under project-specific agreements with defined scope, timelines, and deliverables.

3.2 Agent+ SaaS Platform

Agent+ is our subscription-based platform providing AI agent solutions including:

• Voice AI agents for phone systems and customer service
• Chatbot agents for websites and messaging platforms
• Industry-specific solutions (QSR, HVAC, etc.)
• Dashboard analytics and conversation management
• Integration with third-party voice, AI, and communication services

Agent+ services are provided on a subscription basis with monthly or annual billing. Specific features and limitations are defined in your subscription tier.

3.3 Web & Mobile Application Development

We design and build custom web and mobile applications with AI integration ("agentic applications"). These are delivered as fixed-price projects or ongoing development engagements with defined milestones.

3.4 Consulting Services

We provide strategic consulting for AI implementation, technology architecture, product development, and digital transformation. Consulting is billed hourly or through retained agreements.

4. Account Registration & Access

4.1 Account Creation

To access certain Services (such as Agent+ platform), you must register for an account. You agree to:

• Provide accurate, current, and complete information during registration
• Maintain and promptly update your account information
• Maintain the security and confidentiality of your login credentials
• Notify us immediately of any unauthorized access or security breach
• Accept responsibility for all activities under your account

4.2 Account Eligibility

You must be at least 18 years old and have the legal capacity to enter into binding contracts. If registering on behalf of a business entity, you represent that you have authority to bind that entity to these Terms.

4.3 Account Termination

We reserve the right to suspend or terminate accounts that violate these Terms, engage in fraudulent activity, or pose security risks. You may terminate your account at any time through your account settings or by contacting support.

5. Payment Terms

5.1 Pricing & Fees

Pricing for our Services varies based on service type:

• SaaS Subscriptions (Agent+): Monthly or annual recurring fees based on selected tier and usage
• Custom Development: Fixed-price projects or time-and-materials billing as specified in Statement of Work
• Consulting: Hourly rates or retained agreements with monthly fees
• Usage-Based Fees: Additional charges for API calls, voice minutes, or other consumption-based services

5.2 Payment Processing

Payments are processed through secure PCI-DSS compliant third-party payment processors. By providing payment information, you:

• Authorize us to charge the provided payment method for all fees
• Represent that you have authorization to use the payment method
• Agree to maintain valid and current payment information
• Accept that all payments are in U.S. Dollars (USD) unless otherwise specified

5.3 Billing Cycle & Invoicing

Subscription Services: Billed monthly or annually in advance on your subscription anniversary date. Invoices are sent via email.
Custom Development: Billed according to milestone schedule or payment terms in Statement of Work.
Consulting: Billed monthly in arrears based on hours worked.

5.4 Late Payments

Late payments are subject to:

• Service suspension after 7 days past due
• Late fees of 1.5% per month (18% annually) or maximum allowed by law
• Account termination after 30 days past due
• Collection costs and legal fees if collections are necessary

5.5 Taxes

All fees are exclusive of taxes. You are responsible for all sales, use, value-added, and similar taxes except those based on our net income. We will add applicable taxes to invoices when required by law.

6. Intellectual Property Rights

6.1 Company IP (Pre-Existing)

All intellectual property created by Otherworlds Studio, LLC prior to any engagement, including but not limited to:

• Agent+ platform and all related code, designs, and documentation
• Proprietary frameworks, libraries, and development tools
• Brand assets, logos, and marketing materials
• Documentation, methodologies, and processes

Remains the exclusive property of Otherworlds Studio, LLC. Clients receive licenses to use Company IP as necessary to utilize Services, but no ownership transfer occurs unless explicitly stated in writing.

6.2 Custom Development IP

For Custom Development projects:

• Upon Full Payment: Client receives full ownership of Deliverables specifically created for the project
• Background IP: Pre-existing Company IP used in the project remains our property; Client receives perpetual license to use
• Third-Party IP: Open-source and third-party components are licensed under their respective terms
• Work Product: We retain right to use project learnings, techniques, and non-confidential concepts in other work

6.3 User Content

You retain ownership of User Content. By using our Services, you grant us a limited license to:

• Process and store User Content to provide Services
• Use anonymized/aggregated User Content for service improvement
• Display User Content within the Platform as necessary for functionality
• Make backup copies for disaster recovery

We will not use User Content to train AI models without explicit consent, except for platform functionality and improvement with anonymized data.

6.4 Feedback & Suggestions

Any feedback, suggestions, or ideas you provide about our Services become our property. We may use them without compensation or attribution.

7. Acceptable Use Policy

You agree NOT to use our Services to:

7.1 Prohibited Activities

• Violate any laws, regulations, or third-party rights
• Transmit malware, viruses, or malicious code
• Engage in fraudulent, deceptive, or misleading practices
• Harass, abuse, or harm individuals or groups
• Infringe intellectual property rights
• Spam, phish, or send unsolicited communications
• Reverse engineer, decompile, or hack our Services
• Overload, disrupt, or attack our infrastructure
• Access accounts or data without authorization
• Resell or redistribute Services without permission

7.2 AI-Specific Restrictions

• Generate illegal, harmful, or dangerous content
• Impersonate individuals or organizations deceptively
• Create deepfakes or synthetic media to deceive
• Violate privacy rights through AI-generated content
• Use AI agents for automated scams or fraud
• Scrape or train competing AI models on our Services

7.3 Rate Limits & Fair Use

We implement rate limits and usage quotas to ensure platform stability. Excessive use beyond reasonable limits may result in throttling, additional charges, or service suspension.

7.4 Enforcement

Violation of this policy may result in:

• Content removal or filtering
• Account suspension or termination
• Legal action and referral to law enforcement
• Liability for damages caused by violations

8. Service Availability & Support

8.1 Uptime & Availability

We strive to maintain high availability for SaaS Services (Agent+ platform) but do not guarantee uninterrupted access. Scheduled maintenance will be announced in advance when possible. See our Service Level Agreement for specific uptime commitments.

8.2 Service Modifications

We reserve the right to:

• Modify, update, or discontinue Services with 30 days notice (when feasible)
• Add or remove features from the Platform
• Change API endpoints, data formats, or integrations
• Update pricing with 60 days notice for existing subscribers

8.3 Customer Support

Support availability varies by service tier:

• Basic Tier: Email support, 48-hour response time
• Professional Tier: Email and chat support, 24-hour response time
• Enterprise Tier: Priority support, dedicated account manager, 4-hour response time
• Custom Development Clients: Support terms defined in project agreement

9. Data & Privacy

Your use of our Services is also governed by our Privacy Policy, which is incorporated into these Terms by reference.

9.1 Data Processing

We process your data as described in our Privacy Policy. For enterprise clients with specific data protection requirements, we offer Data Processing Agreements (DPA) compliant with GDPR, CCPA, and other regulations.

9.2 Data Security

We implement industry-standard security measures (AES-256 encryption, TLS 1.3, MFA, access controls) to protect your data. However, no system is 100% secure. You accept the inherent security risks of internet transmission.

9.3 Data Retention & Deletion

We retain data according to retention schedules in our Privacy Policy. Upon account termination, we will delete or anonymize your data within 90 days unless legally required to retain it longer.

9.4 Data Portability

You may export your data at any time through Platform tools or by requesting a data export. We provide data in machine-readable formats (JSON, CSV) when technically feasible.

10. Warranties & Disclaimers

10.1 Limited Warranty

We warrant that:

• Services will be performed in a professional and workmanlike manner
• We have the right to provide the Services
• Custom Development Deliverables will substantially conform to specifications in the Statement of Work
• Services will not knowingly violate third-party intellectual property rights

10.2 Disclaimer of Warranties

10.3 AI Outputs Disclaimer

AI-generated content may be inaccurate, incomplete, biased, or inappropriate. You are responsible for reviewing, verifying, and determining the suitability of all AI outputs before use. We are not liable for decisions made based on AI recommendations or outputs.

11. Limitation of Liability

11.1 Exclusion of Damages

IN NO EVENT SHALL OTHERWORLDS STUDIO, LLC, ITS OFFICERS, DIRECTORS, EMPLOYEES, OR AGENTS BE LIABLE FOR:

• Indirect, incidental, special, consequential, or punitive damages
• Loss of profits, revenue, data, or business opportunities
• Costs of procurement of substitute services
• Business interruption or system failures
• Damages from unauthorized access or data breaches
• Damages from AI-generated content or outputs
• Third-party services, integrations, or provider failures

11.2 Liability Cap

Our total aggregate liability arising from or related to these Terms or Services shall not exceed:

• SaaS Subscriptions: Fees paid in the 12 months preceding the claim
• Custom Development: Total project fees paid
• Consulting: Fees paid in the 6 months preceding the claim
• Minimum: $100 USD

11.3 Exceptions

These limitations do not apply to:

• Our gross negligence or willful misconduct
• Death or personal injury caused by our negligence
• Fraud or fraudulent misrepresentation
• Violations of intellectual property rights we knowingly committed
• Liabilities that cannot be excluded under applicable law

12. Indemnification

You agree to indemnify, defend, and hold harmless Otherworlds Studio, LLC, its officers, directors, employees, contractors, and agents from and against any claims, liabilities, damages, losses, costs, or expenses (including reasonable attorneys' fees) arising from:

• Your use or misuse of the Services
• Your violation of these Terms
• Your violation of any laws, regulations, or third-party rights
• User Content you provide or generate
• Your negligence or willful misconduct
• Unauthorized access to your account due to your failure to secure credentials

We reserve the right to assume exclusive defense and control of any matter subject to indemnification, at your expense. You will cooperate with our defense of such claims.

13. Term & Termination

13.1 Term

SaaS Subscriptions: Continue until you cancel or we terminate according to these Terms.
Custom Development: Term specified in Statement of Work or project agreement.
Consulting: Ongoing until terminated by either party with notice.

13.2 Termination by You

You may terminate:

• SaaS Subscriptions: Cancel through account settings; effective at end of billing period
• Custom Development: Per termination clause in project agreement
• Consulting: 30 days written notice (or as specified in agreement)

13.3 Termination by Us

We may terminate or suspend your access immediately without notice for:

• Violation of these Terms or Acceptable Use Policy
• Non-payment of fees
• Fraudulent or illegal activity
• Security threats or abuse of Services
• Requests from law enforcement or legal requirements

13.4 Effects of Termination

Upon termination:

• Your right to access and use Services immediately ceases
• We may delete your data after 90-day grace period
• Unpaid fees become immediately due and payable
• No refunds for unused subscription time (except as required by law)
• Sections of these Terms that should survive (IP, liability, disputes) remain in effect

13.5 Data Export

You have 90 days from termination to export your data. After this period, we may permanently delete all data. We are not obligated to provide data after the 90-day period.

14. Dispute Resolution

14.1 Informal Resolution

Before initiating formal proceedings, you agree to contact us at info@otherworldsai.com to attempt informal resolution. We commit to working in good faith to resolve disputes within 30 days.

14.2 Governing Law

These Terms are governed by the laws of the State of Colorado and the United States, without regard to conflict of law principles. You consent to the exclusive jurisdiction of state and federal courts located in Colorado for resolution of any disputes.

14.3 Arbitration (Optional)

For enterprise clients with contracts exceeding $50,000, disputes may be resolved through binding arbitration under the American Arbitration Association (AAA) Commercial Arbitration Rules, if mutually agreed in writing.

14.4 Class Action Waiver

You agree to bring claims only in your individual capacity and not as a class representative or member in any class or representative action. This waiver does not apply where prohibited by law.

15. General Provisions

15.1 Entire Agreement

These Terms, together with our Privacy Policy, Cookie Policy, Acceptable Use Policy, and any applicable Statement of Work or project agreement, constitute the entire agreement between you and Otherworlds Studio, LLC.

15.2 Amendments

We may modify these Terms at any time by posting updated Terms on our website. Material changes will be communicated via email to registered users 30 days in advance. Continued use of Services after changes take effect constitutes acceptance.

15.3 Assignment

You may not assign or transfer these Terms without our written consent. We may assign these Terms in connection with a merger, acquisition, or sale of assets with notice to you.

15.4 Force Majeure

Neither party is liable for failure to perform due to circumstances beyond reasonable control, including natural disasters, acts of government, labor disputes, internet failures, or third-party service outages.

15.5 Severability

If any provision of these Terms is found unenforceable, the remaining provisions remain in full effect. Unenforceable provisions will be modified to the minimum extent necessary to make them enforceable.

15.6 Waiver

Our failure to enforce any provision does not constitute a waiver of that provision or any other provision. No waiver is effective unless in writing signed by authorized representatives.

15.7 Notices

Notices to you may be sent to the email address associated with your account. Notices to us must be sent to info@otherworldsai.com or our physical mailing address.

15.8 Third-Party Services

Our Services integrate with third-party AI, voice, communication, and payment services. Use of these services is subject to their respective terms. We are not responsible for third-party service failures, changes, or terms.

15.9 Export Compliance

You agree to comply with all export and import laws. You may not use Services in countries subject to U.S. embargo or by individuals on U.S. denied-party lists.

15.10 Relationship

These Terms do not create a partnership, joint venture, employment, or agency relationship. You may not bind Otherworlds Studio, LLC or represent yourself as our agent.

16. Contact Information

For questions about these Terms of Service or to report violations, please contact our Legal Team:

1. Introduction

This Cookie Policy explains how Otherworlds Studio, LLC, operating as "Otherworlds AI" ("we," "us," or "our"), uses cookies and similar tracking technologies on our websites, applications, and services. This policy should be read in conjunction with our Privacy Policy.

By using our Services, you consent to the use of cookies as described in this policy. You can control cookie preferences through our cookie consent banner and your browser settings.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. What Are Cookies?

Cookies are small text files stored on your device (computer, tablet, smartphone) when you visit a website. They help websites remember your preferences, improve user experience, and provide analytics about site usage.

2.1 Types of Cookies by Duration

• Session Cookies: Temporary cookies that expire when you close your browser. Used for essential site functionality like maintaining your login session.
• Persistent Cookies: Remain on your device for a set period or until manually deleted. Used to remember your preferences across visits.

2.2 Types of Cookies by Source

• First-Party Cookies: Set by Otherworlds Studio, LLC directly on our domain (otherworldsai.com). We have full control over these cookies.
• Third-Party Cookies: Set by external services we use (Google Analytics, payment processors, etc.). These are governed by the third party's privacy policies.

3. How We Use Cookies

3.1 Essential Cookies (Strictly Necessary)

These cookies are required for our website to function properly. They cannot be disabled and do not require consent under GDPR as they are necessary for providing services you request.

• Authentication: Keeping you logged into Agent+ platform and custom development portals
• Security: Protecting against cross-site request forgery (CSRF) and other security threats
• Session Management: Maintaining your browsing session and form inputs
• Load Balancing: Distributing traffic across our servers for optimal performance

3.2 Analytics Cookies (Performance)

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. Requires consent.

• Web Analytics: Tracks page views, session duration, bounce rates, and user flows
• Product Analytics: Analyzes feature usage and user engagement on Agent+ platform
• UX Analytics: Records heatmaps and session recordings to improve user experience (anonymized)
• Custom Analytics: Our internal analytics for service improvement

3.3 Functional Cookies (Preferences)

These cookies enable enhanced functionality and personalization. Requires consent.

• Language Preferences: Remembering your language selection
• UI Preferences: Storing dark mode, font size, and layout preferences
• Form Auto-fill: Remembering form inputs for convenience
• Chat Widget State: Maintaining AI chatbot conversation history

3.4 Marketing Cookies (Targeting/Advertising)

These cookies track your activity across websites to deliver relevant advertisements. Requires explicit consent.

• Search Advertising: Displaying relevant ads and measuring campaign effectiveness
• B2B Advertising: Business-to-business advertising and conversion tracking
• Social Media Advertising: Social platform advertising and retargeting
• Retargeting Pixels: Showing ads to visitors who previously viewed our services

Note: Marketing cookies are only set if you explicitly consent through our cookie banner.

4. Cookie Details Table

Note: This table is regularly updated. Additional cookies may be used as we integrate new services. You'll be notified through our cookie banner when new non-essential cookies are added.

5. Third-Party Services & Cookies

We use third-party services that may set cookies on your device. These services have their own privacy policies and cookie practices:

6. Your Cookie Choices & Controls

6.1 Cookie Consent Banner

When you first visit our website, you'll see a cookie consent banner allowing you to:

• Accept All: Consent to all cookies including analytics and marketing
• Reject Non-Essential: Only essential cookies will be used
• Customize Preferences: Choose specific cookie categories (Analytics, Functional, Marketing)

Your choice is stored for 12 months. You can change preferences anytime through the cookie settings link in our footer.

6.2 Browser Settings

You can control cookies through your browser settings:

• Chrome: Settings → Privacy and Security → Cookies and other site data
• Firefox: Settings → Privacy & Security → Cookies and Site Data
• Safari: Preferences → Privacy → Manage Website Data
• Edge: Settings → Cookies and site permissions → Cookies and site data

Warning: Blocking essential cookies may prevent parts of our website from functioning properly.

6.3 Do Not Track (DNT)

Some browsers offer a "Do Not Track" (DNT) signal. Currently, there is no industry standard for responding to DNT signals. We respect DNT signals for analytics cookies when technically feasible, but essential cookies required for functionality will still be used.

6.4 Opt-Out Tools

You can opt out of specific tracking:

• Web Analytics: Use browser extensions or opt-out tools provided by analytics vendors
• Advertising: Visit Digital Advertising Alliance opt-out page
• Social Media Ads: Adjust ad preferences in your social media platform settings

7. Mobile App & In-App Tracking

Our mobile applications (Agent+ mobile app, custom client apps) use similar tracking technologies:

7.1 Mobile Device Identifiers

• iOS: Identifier for Advertisers (IDFA) - requires user consent per Apple's App Tracking Transparency
• Android: Advertising ID - can be reset in device settings
• Device Fingerprinting: We do NOT use device fingerprinting for tracking

7.2 Mobile Analytics

We use mobile analytics platforms for in-app usage tracking. You can opt out through:

• iOS: Settings → Privacy → Tracking → Disable "Allow Apps to Request to Track"
• Android: Settings → Privacy → Ads → Opt out of Ads Personalization
• In-App: App Settings → Privacy → Disable Analytics

8. Cookie Retention Periods

9. GDPR & CCPA Compliance

9.1 GDPR Rights (EEA, UK, Switzerland)

Under GDPR, you have the right to:

• Consent Withdrawal: Withdraw cookie consent at any time without affecting lawfulness of prior processing
• Access: Request information about cookies we've set on your device
• Erasure: Delete cookies through browser settings or our cookie preferences
• Object: Object to processing via cookies for marketing purposes

9.2 CCPA Rights (California Residents)

California residents have the right to:

• Know: What personal information is collected via cookies
• Delete: Request deletion of personal information collected through cookies
• Opt-Out: We do not sell personal information collected via cookies
• Non-Discrimination: Equal service regardless of cookie choices

To exercise these rights, contact us at info@otherworldsai.com or use the "Cookie Preferences" link in our website footer.

10. Changes to This Cookie Policy

We may update this Cookie Policy to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated through:

• Updated cookie consent banner on your next visit
• Email notification to registered users (for significant changes)
• Updated "Last Modified" date at the top of this policy
• Notice on our website homepage

When we add new non-essential cookies, we will request your consent through our cookie banner before setting them.

11. Contact Us About Cookies

For questions about our use of cookies or to exercise your rights, please contact us:

1. Introduction

This Acceptable Use Policy ("AUP") defines prohibited activities and usage guidelines for all services provided by Otherworlds Studio, LLC, operating as "Otherworlds AI" ("we," "us," or "our"). This policy applies to all users of our AI development services, SaaS platforms (including Agent+), websites, applications, and related services.

By using our Services, you agree to comply with this AUP. Violations may result in service suspension, account termination, or legal action. This policy should be read in conjunction with our Terms of Service.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. General Prohibited Activities

You may NOT use our Services to:

3. AI-Specific Prohibited Uses

Given the nature of our AI services, the following uses are strictly prohibited:

3.1 Deceptive AI Practices

• Deepfakes for Deception: Creating synthetic media (audio, video, images) to deceive, defame, or impersonate without clear disclosure
• Impersonation: Using AI agents to impersonate real individuals, organizations, or government entities without authorization
• Misinformation: Generating or spreading false information, fake news, or propaganda at scale
• Academic Dishonesty: Using AI to complete academic work without disclosure or in violation of institution policies

3.2 Harmful AI Content Generation

• Illegal Content: Generating content that depicts illegal activities, CSAM, or extreme violence
• Malicious Code: Using AI to generate malware, exploits, or attack vectors
• Manipulative Content: Creating content designed to manipulate elections, stock markets, or public opinion through deception
• Scam Content: Generating phishing emails, fake websites, or fraudulent communications

3.3 Restricted AI Applications

• Autonomous Weapons: Developing AI for autonomous weapons systems or military applications without proper authorization
• Biometric Surveillance: Mass surveillance systems violating privacy rights or used for social scoring without consent
• Discriminatory Systems: AI systems designed to discriminate based on protected characteristics (race, gender, religion, etc.)
• Medical Diagnosis: Using AI for medical diagnosis without proper medical oversight and regulatory compliance

3.4 AI Model Misuse

• Model Extraction: Attempting to steal, reverse engineer, or extract our AI models
• Training Competitor Models: Using our AI outputs to train competing AI systems without permission
• Prompt Injection Attacks: Attempting to manipulate AI systems through adversarial prompts
• Resource Exhaustion: Deliberately overloading AI systems to cause service degradation

4. Content Standards

4.1 User-Generated Content

Content you create, upload, or generate through our Services must comply with the following standards:

• Truthful: Not contain deliberate misinformation or fraud
• Legal: Comply with all applicable laws and regulations
• Non-Harmful: Not promote violence, harm, or illegal activities
• Respectful: Not harass, threaten, or abuse others
• Original: Respect intellectual property rights of others

4.2 Commercial Content

• Transparent Advertising: Clearly disclose sponsored content and advertisements
• No Scams: Products and services must be legitimate and as described
• Fair Practices: No deceptive marketing, bait-and-switch, or pyramid schemes
• Regulated Industries: Comply with industry-specific regulations (healthcare, finance, legal, etc.)

4.3 AI Disclosure Requirements

When using AI-generated content publicly, you should:

• Disclose AI generation where required by law or when material to consumers
• Not represent AI-generated content as human-created when authenticity matters (news, reviews, testimonials)
• Clearly label AI voice agents in customer service interactions
• Comply with platform-specific AI disclosure requirements

5. Technical & Resource Usage

5.1 Fair Use & Rate Limits

• Rate Limits: Respect API rate limits and usage quotas for your subscription tier
• No Abuse: Do not circumvent rate limits or usage restrictions
• Resource Sharing: Do not monopolize shared resources to the detriment of other users
• Caching: Implement reasonable caching to minimize unnecessary API calls

5.2 System Integrity

• No Interference: Do not interfere with or disrupt our services, servers, or networks
• Security Testing: Conduct security testing only with explicit written permission
• Bug Reporting: Report discovered vulnerabilities responsibly to info@otherworldsai.com
• No Exploits: Do not exploit bugs, glitches, or vulnerabilities for advantage

5.3 Account Sharing & Resale

• Personal Use: Accounts are for your use only; do not share credentials
• No Resale: Do not resell or redistribute our services without authorization
• One Account: Do not create multiple accounts to circumvent restrictions
• Enterprise Options: Contact us for multi-user or white-label arrangements

6. Industry-Specific Restrictions

6.1 Healthcare & Medical

If using our services for healthcare applications:

• Comply with HIPAA, HITECH, and applicable healthcare regulations
• Do not use AI for diagnosis without qualified medical oversight
• Maintain appropriate Business Associate Agreements (BAAs)
• Implement required safeguards for protected health information (PHI)

6.2 Financial Services

• Comply with financial regulations (SOX, GLBA, PCI-DSS, etc.)
• Do not provide unauthorized financial advice
• Maintain required licenses and registrations
• Implement anti-money laundering (AML) procedures

6.3 Legal Services

• AI-generated legal content is not a substitute for licensed attorneys
• Disclose AI use in legal documents where required
• Maintain attorney-client privilege where applicable
• Comply with bar association rules on technology use

6.4 Children & Education

• Comply with COPPA and FERPA when serving minors
• Obtain parental consent for users under 13
• Protect student educational records
• Implement age-appropriate content filtering

7. Monitoring & Enforcement

7.1 Monitoring Practices

We reserve the right to monitor usage of our Services to ensure compliance with this AUP:

• Automated Systems: We use automated systems to detect abuse, spam, and policy violations
• Manual Review: Flagged content may be reviewed by our team
• User Reports: We investigate user reports of violations
• No Guarantee: Monitoring does not guarantee detection of all violations

7.2 Enforcement Actions

Violations of this AUP may result in:

7.3 Appeals Process

If you believe an enforcement action was made in error:

1. Email info@otherworldsai.com with subject "AUP Appeal"
2. Provide your account details and explanation
3. We will review appeals within 3-5 business days
4. Our decision is final for enforcement actions

8. Reporting Violations

8.1 How to Report

If you become aware of AUP violations, please report them to us:

8.2 Legal Reporting Requirements

For certain serious violations, we may be required to report to authorities:

• CSAM: Reported to National Center for Missing & Exploited Children (NCMEC)
• Terrorism: Reported to FBI and Department of Homeland Security
• Financial Crimes: Reported to FinCEN for money laundering or fraud
• Other Crimes: Reported to appropriate law enforcement as required by law

8.3 Whistleblower Protection

We do not retaliate against users who report violations in good faith. False reports made with malicious intent may result in account termination.

9. Cooperation with Law Enforcement

We cooperate with law enforcement investigations and legal processes:

• Lawful Requests: We respond to valid subpoenas, court orders, and legal requests
• Emergency Disclosure: We may disclose information without legal process in emergency situations involving threats to life or safety
• Data Preservation: We preserve relevant data when legally required
• Transparency Reports: We publish transparency reports on law enforcement requests (annually)

10. Liability for Violations

You are responsible for your use of our Services and any violations of this AUP:

• Indemnification: You agree to indemnify us for damages caused by your violations (see Terms of Service)
• Legal Costs: You may be liable for legal fees and costs incurred due to your violations
• Third-Party Claims: You are responsible for claims by third parties harmed by your violations
• No Waiver: Our failure to enforce any provision doesn't waive our right to enforce it later

11. Changes to This Policy

We may update this Acceptable Use Policy to address new technologies, threats, or legal requirements:

• Material changes will be communicated via email and platform notifications
• Updated "Last Modified" date will be shown at the top
• Continued use after changes constitutes acceptance
• If you disagree with changes, you may terminate your account

12. Contact Us

For questions about this Acceptable Use Policy or to report violations:

1. Introduction

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Definitions

• "Personal Data" means any information relating to an identified or identifiable natural person that is processed by us on your behalf.
• "Data Controller" means you (the Client), who determines the purposes and means of processing Personal Data.
• "Data Processor" means Otherworlds Studio, LLC, who processes Personal Data on behalf of the Data Controller.
• "Sub-processor" means any third-party data processor engaged by us to process Personal Data.
• "Data Subject" means the individual to whom Personal Data relates (e.g., your customers, employees, users).
• "Processing" means any operation performed on Personal Data (collection, storage, use, disclosure, deletion, etc.).
• "GDPR" means the General Data Protection Regulation (EU) 2016/679.
• "Data Protection Laws" means GDPR, CCPA, and all applicable data protection and privacy laws.

3. Scope of Processing

3.1 Nature and Purpose

We process Personal Data solely to provide the Services specified in our agreement with you, including:

• Operating and maintaining Agent+ SaaS platform
• Providing AI voice agent and chatbot services
• Custom AI development and deployment
• Analytics and performance monitoring
• Customer support and technical assistance
• Security monitoring and incident response

3.2 Types of Personal Data

Personal Data we may process on your behalf includes:

• Contact Information: Names, email addresses, phone numbers
• Voice Data: Voice recordings and transcripts from AI voice agents
• Chat Data: Conversational data from AI chatbots
• Usage Data: Interaction patterns, timestamps, session data
• Technical Data: IP addresses, device information, logs
• Custom Data: Any other data you provide through our Services

3.3 Categories of Data Subjects

• Your customers and end-users
• Your employees and contractors
• Website visitors and platform users
• Business contacts and prospects

4. Data Controller & Processor Obligations

4.1 Your Obligations (Data Controller)

As Data Controller, you warrant and agree to:

• Comply with all Data Protection Laws applicable to you
• Have lawful basis for processing and transferring Personal Data to us
• Obtain necessary consents from Data Subjects
• Provide accurate and complete processing instructions
• Inform us promptly of any processing restrictions or data subject requests
• Conduct Data Protection Impact Assessments (DPIAs) where required
• Maintain records of processing activities

4.2 Our Obligations (Data Processor)

As Data Processor, we agree to:

• Process Personal Data only on your documented instructions
• Ensure personnel processing data are bound by confidentiality
• Implement appropriate technical and organizational security measures
• Engage Sub-processors only with your prior authorization
• Assist with Data Subject rights requests
• Assist with security incidents and breach notifications
• Delete or return Personal Data upon termination
• Make available information necessary to demonstrate compliance

5. Security Measures

We implement appropriate technical and organizational measures to ensure security appropriate to the risk, including:

5.1 Technical Measures

• Encryption: AES-256 encryption at rest, TLS 1.3 in transit
• Access Controls: Role-based access control (RBAC), multi-factor authentication (MFA)
• Network Security: Firewalls, intrusion detection/prevention systems (IDS/IPS)
• Monitoring: 24/7 security monitoring and logging
• Vulnerability Management: Regular security assessments and penetration testing
• Secure Development: Security-first development practices and code reviews

5.2 Organizational Measures

• Staff Training: Regular security awareness training for all personnel
• Access Management: Principle of least privilege, regular access reviews
• Background Checks: Pre-employment screening for personnel with data access
• Incident Response: Documented incident response procedures
• Business Continuity: Disaster recovery and backup procedures
• Vendor Management: Due diligence on Sub-processors

5.3 Certifications & Compliance

We maintain alignment with:

• ISO 27001 security standards (alignment)
• SOC 2 Type II principles (preparation)
• NIST Cybersecurity Framework
• OWASP security best practices

6. Sub-processors

6.1 Authorization

You authorize us to engage the Sub-processors listed below. We will:

• Impose data protection obligations on Sub-processors equivalent to this DPA
• Remain liable for Sub-processor compliance
• Provide 30 days notice before adding or changing Sub-processors
• Allow you to object to new Sub-processors on reasonable grounds

6.2 Current Sub-processors

Current as of January 2025. For updates, see our Sub-processor List.

7. Data Subject Rights

We will assist you in fulfilling Data Subject rights requests under GDPR and other laws:

7.1 Rights We Support

• Right of Access: We'll provide Personal Data we hold about the Data Subject
• Right to Rectification: We'll correct inaccurate Personal Data upon your instruction
• Right to Erasure: We'll delete Personal Data upon your instruction (subject to legal retention)
• Right to Restriction: We'll restrict processing upon your instruction
• Right to Data Portability: We'll provide data in machine-readable format (JSON, CSV)
• Right to Object: We'll cease processing upon your instruction

7.2 Assistance Process

1. Forward Data Subject request to info@otherworldsai.com
2. We'll acknowledge within 24 hours and provide assistance within 5 business days
3. You remain responsible for responding to Data Subjects
4. We may charge reasonable fees for excessive or repetitive requests

8. Data Breach Notification

8.1 Notification Obligations

If we become aware of a Personal Data breach, we will:

• Notify You: Within 72 hours of becoming aware of the breach
• Provide Details: Nature of breach, affected data categories, approximate number of Data Subjects
• Mitigation: Measures taken to contain and remediate the breach
• Contact Point: Our Data Protection Officer contact for further information

8.2 Your Responsibilities

You are responsible for:

• Notifying supervisory authorities as required by GDPR (within 72 hours)
• Notifying affected Data Subjects where required
• Documenting the breach and remedial actions

8.3 Cooperation

We will cooperate with you and provide reasonable assistance in investigating and remediating the breach, including forensic analysis and evidence preservation.

9. International Data Transfers

9.1 Transfer Mechanisms

When transferring Personal Data from the EEA, UK, or Switzerland to the United States, we rely on:

• Standard Contractual Clauses (SCCs): EU Commission-approved data transfer agreements
• Supplementary Measures: Additional safeguards including encryption, pseudonymization, access controls
• Transfer Impact Assessment: Assessment of data protection in destination country

9.2 Data Localization Options

For enterprise clients with specific requirements, we offer:

• EU Data Residency: Option to store data exclusively in EU data centers
• UK Data Residency: Available for UK clients
• US Data Residency: Default option for US clients

Contact us at info@otherworldsai.com to discuss data residency requirements.

10. Data Retention & Deletion

10.1 Retention

We retain Personal Data only as long as necessary to provide Services or as instructed by you, unless longer retention is required by law.

10.2 Deletion Upon Termination

Upon termination of our agreement:

• 90-Day Grace Period: Data retained for 90 days to allow data export
• Deletion: After 90 days, we will delete or anonymize all Personal Data
• Certification: We will provide written certification of deletion upon request
• Exceptions: Data required for legal, regulatory, or contractual obligations may be retained longer

10.3 Data Return

Before deletion, you may request return of Personal Data in machine-readable format (JSON, CSV). Requests must be made within the 90-day grace period.

11. Audits & Compliance

11.1 Audit Rights

You have the right to audit our compliance with this DPA, subject to:

• Notice: 60 days advance written notice
• Frequency: Once per year unless breach suspected
• Scope: Limited to processing activities relevant to your data
• Confidentiality: Auditors must sign NDAs
• Timing: During business hours with minimal disruption
• Cost: You bear audit costs unless non-compliance found

11.2 Documentation

We will make available documentation necessary to demonstrate compliance, including:

• Security policies and procedures
• Staff training records
• Sub-processor agreements
• Incident response logs
• Third-party audit reports (summary form)

11.3 Alternative Assurance

In lieu of on-site audits, we may provide:

• SOC 2 Type II reports (when available)
• ISO 27001 certificates (when obtained)
• Self-assessment questionnaires
• Third-party security audit summaries

12. Liability & Indemnification

12.1 Liability

Each party is liable to the other for damages caused by breach of this DPA, subject to limitations in our Terms of Service.

12.2 Indemnification

We will indemnify you against claims by Data Subjects arising from our breach of this DPA, subject to:

• Prompt written notice of the claim
• Our sole control of defense and settlement
• Your reasonable cooperation in the defense
• Limitation to direct damages

13. Term & Termination

This DPA:

• Effective: Upon commencement of Services involving Personal Data processing
• Duration: Remains in effect for the duration of our service agreement
• Survival: Provisions regarding data deletion, confidentiality, and liability survive termination
• Amendment: May be amended to comply with Data Protection Laws; material changes require your consent

14. Governing Law & Disputes

This DPA is governed by:

• Governing Law: Colorado law (USA) for contract interpretation
• GDPR Compliance: Where GDPR applies, GDPR provisions take precedence
• Supervisory Authority: Data Subjects in EEA may lodge complaints with supervisory authorities
• Dispute Resolution: Disputes resolved per Terms of Service

15. Contact Information

For DPA-related questions or data protection inquiries:

1. Introduction

This Service Level Agreement ("SLA") defines the performance commitments, uptime guarantees, and support terms for services provided by Otherworlds Studio, LLC, operating as "Otherworlds AI" ("we," "us," or "our").

This SLA applies primarily to our Agent+ SaaS platform and other subscription-based services. Custom development projects have separate timelines defined in project agreements.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Service Availability

2.1 Uptime Commitment

We commit to the following minimum uptime percentages for Agent+ SaaS platform (measured monthly):

2.2 Uptime Calculation

Uptime is calculated as:

2.3 Exclusions from Uptime Calculation

Downtime is NOT counted when caused by:

• Scheduled Maintenance: Announced at least 48 hours in advance (max 4 hours/month)
• Emergency Maintenance: Critical security patches or urgent fixes
• Third-Party Failures: Cloud infrastructure, AI platforms, communication service outages
• Force Majeure: Natural disasters, acts of war, internet backbone failures
• Client-Side Issues: Your network, browser, or configuration problems
• DDoS Attacks: Malicious attacks on our infrastructure
• Beta Features: Features marked as beta, alpha, or experimental

3. Support Response Times

We provide technical support via email, chat, and phone (tier-dependent) during specified hours:

3.1 Severity Definitions

• Critical: Complete service outage affecting all users, security breach, data loss
• High: Major feature unavailable, significant performance degradation, affecting multiple users
• Medium: Minor feature issues, workaround available, single user affected
• Low: Cosmetic issues, questions, feature requests, documentation

3.2 Support Channels

• Email: info@otherworldsai.com (all tiers)
• Chat: In-platform chat widget (Professional & Enterprise)
• Phone: +1 (720) 240-9188 (Enterprise only, critical issues)
• Dedicated Slack Channel: Enterprise tier with contracts >$50K/year

4. Scheduled Maintenance

4.1 Maintenance Windows

• Frequency: Typically once per month
• Duration: Maximum 4 hours per maintenance window
• Timing: Usually Sunday 2am-6am Mountain Time (lowest traffic period)
• Notice: 48 hours advance notice via email and in-platform notification

4.2 Emergency Maintenance

For critical security issues or system failures, we may perform emergency maintenance with minimal or no advance notice. We will:

• Notify active users via email and platform banner as soon as feasible
• Provide status updates every 30 minutes during outage
• Complete post-mortem analysis and share findings
• Offer service credits for extended emergency downtime (>2 hours)

5. Performance Metrics

5.1 API Response Times

Note: Response times exclude third-party AI processing which may add 1-5 seconds depending on complexity and provider performance.

5.2 Dashboard Load Times

• Initial Page Load: <3 seconds on broadband connection
• Subsequent Navigation: <1 second (client-side routing)
• Data Refresh: <2 seconds for analytics updates

6. Service Credits

6.1 Credit Eligibility

If we fail to meet uptime commitments, you are eligible for service credits:

6.2 Claiming Service Credits

1. Request credits within 30 days of the affected month
2. Email info@otherworldsai.com with subject "SLA Credit Request"
3. Include account details and affected time period
4. We will review and apply credits within 10 business days

6.3 Credit Terms

• Application: Credits applied to next invoice automatically
• Expiration: Credits must be used within 12 months
• No Cash Value: Credits cannot be redeemed for cash
• Sole Remedy: Service credits are your sole remedy for SLA violations
• Maximum: Total credits capped at 100% of monthly fee per incident

7. Incident Management

7.1 Incident Detection

• Monitoring: 24/7 automated monitoring of all critical systems
• Alerting: On-call engineers receive immediate alerts for outages
• Status Page: Real-time status at status.otherworldsai.com
• User Reports: Report issues via info@otherworldsai.com or platform

7.2 Incident Response

When incidents occur:

1. Detection: Automated systems detect issue or user reports received
2. Acknowledgment: Within 15 minutes (Critical), 1 hour (High)
3. Updates: Status updates every 30 minutes during active incident
4. Resolution: Team works until incident resolved
5. Post-Mortem: Root cause analysis within 5 days for Critical/High incidents

7.3 Communication Channels

• Status Page: Public updates at status.otherworldsai.com
• Email Notifications: Sent to all affected users
• In-Platform Banner: Alert banner when logged into Agent+ platform
• Enterprise Direct Contact: Phone/Slack updates for Enterprise tier

8. Data Backup & Recovery

8.1 Backup Schedule

• Continuous Replication: Real-time data replication across multiple availability zones
• Daily Backups: Full database backups every 24 hours
• Retention: Backups retained for 30 days
• Encryption: All backups encrypted with AES-256
• Geographic Distribution: Backups stored in multiple regions for redundancy

8.2 Recovery Objectives

• Recovery Time Objective (RTO): 4 hours maximum for service restoration
• Recovery Point Objective (RPO): Maximum 1 hour of data loss
• Disaster Recovery: Full disaster recovery plan tested quarterly

9. Reporting & Transparency

9.1 Monthly Reports

Professional and Enterprise tiers receive monthly reports including:

• Actual uptime percentage
• Total incidents and resolution times
• API response time metrics
• Support ticket statistics
• Any SLA violations and credits issued

9.2 Quarterly Business Reviews

Enterprise clients receive quarterly business reviews covering:

• Service performance trends
• Capacity planning and scaling recommendations
• Security posture and compliance updates
• Roadmap and upcoming features
• Optimization opportunities

10. Limitations & Exclusions

10.1 SLA Limitations

This SLA does not apply to:

• Free trials or free tier services
• Beta, alpha, or experimental features
• Custom development projects (governed by project agreement)
• Services provided at no charge or promotional pricing
• Issues caused by client's misuse or violation of terms

10.2 Force Majeure

We are not liable for service failures caused by events beyond our reasonable control, including those listed in Section 2.3 (Exclusions from Uptime Calculation).

11. Contact Information

1. Introduction

This Intellectual Property Policy ("IP Policy") clarifies ownership rights and licensing terms for all intellectual property created, used, or exchanged in connection with services provided by Otherworlds Studio, LLC, operating as "Otherworlds AI" ("we," "us," or "our").

This policy ensures transparency and protects the rights of both our company and our clients. Different IP rules apply depending on the service type (SaaS platform, custom development, consulting).

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Otherworlds Studio IP (Pre-Existing)

2.1 Company-Owned IP

All intellectual property created by Otherworlds Studio, LLC prior to any client engagement remains our exclusive property, including:

Clients receive licenses to use Company IP as necessary to utilize our Services, but no ownership transfer occurs unless explicitly stated in a written agreement signed by authorized officers.

3. Custom Development Projects

3.1 Client-Owned IP (Deliverables)

For custom development projects with defined deliverables:

• Upon Full Payment: Client receives full ownership and all rights to custom-created Deliverables specified in Statement of Work (SOW)
• Work for Hire: Custom code, designs, and materials created specifically for your project are considered "work made for hire" and transfer to you upon final payment
• IP Assignment: We assign all rights, title, and interest in project-specific Deliverables to you
• Copyright Transfer: Copyright in custom Deliverables transfers to you upon payment completion

3.2 Background IP (Company-Retained)

Elements incorporated into your project that are pre-existing or reusable remain our property:

• Proprietary Frameworks: Our development frameworks, libraries, and tools
• Reusable Components: Generic components, utilities, and modules
• Methodologies: Development processes and best practices
• Improvements: Enhancements to our Background IP during the project

License Granted: You receive a perpetual, worldwide, non-exclusive, royalty-free license to use Background IP incorporated in your Deliverables.

3.3 Third-Party IP

• Open Source: Open-source components are licensed under their respective licenses (MIT, Apache, GPL, etc.)
• Commercial Libraries: Third-party commercial software requires separate licenses
• APIs: Third-party AI, voice, and communication APIs governed by respective provider terms
• Disclosure: We disclose all third-party IP used in your project

3.4 Payment Contingency

4. Agent+ SaaS Platform IP

4.1 Platform Ownership

The Agent+ platform, including all code, designs, features, and functionality, is owned exclusively by Otherworlds Studio, LLC. Subscribers receive:

• License Only: Non-exclusive, non-transferable license to access and use the platform during subscription
• No Source Code: No access to source code or underlying technology
• Termination: License terminates upon subscription cancellation
• Updates: Automatic access to platform updates and improvements

4.2 User Data & Content

You retain ownership of all data and content you input into Agent+ platform:

• Your Data: Customer conversations, voice recordings, analytics data, configurations
• Limited License to Us: You grant us license to process your data to provide Services
• No Training Use: We will not use your data to train AI models without explicit consent
• Export Rights: You can export your data at any time

4.3 Custom Configurations

Custom configurations, workflows, and agent personalities you create within Agent+ platform:

• Your Ownership: You own your custom configurations and prompts
• Export: Can be exported and used with other platforms
• Anonymized Learning: We may learn from anonymized/aggregated usage patterns to improve platform

5. Trademarks & Branding

5.1 Our Trademarks

The following are trademarks or service marks of Otherworlds Studio, LLC:

• "Otherworlds AI"
• "Otherworlds Studio"
• "Agent+" and related branding
• Otherworlds logos and design marks
• Product names and slogans

5.2 Limited Trademark License

Clients may use our trademarks only:

• To indicate use of our Services ("Powered by Otherworlds AI")
• In accordance with our brand guidelines
• With our prior written approval for promotional use
• Without modification, alteration, or combination with other marks

5.3 Client Trademarks

We may use client names and logos:

• As case studies or portfolio examples (with permission)
• In client lists on our website (with permission)
• For testimonials and references (with permission)

You may opt out of being listed as a client at any time by emailing info@otherworldsai.com.

6. Confidential Information & Trade Secrets

6.1 Confidentiality Obligations

Both parties agree to protect each other's confidential information:

• Definition: Non-public information marked "Confidential" or reasonably understood to be confidential
• Protection: Use same degree of care as for own confidential information (minimum: reasonable care)
• Non-Disclosure: Not disclose to third parties without consent
• Limited Use: Use only for purposes of providing/receiving Services
• Duration: Obligations continue for 5 years after disclosure or termination

6.2 Exceptions

Confidentiality obligations do not apply to information that:

• Was publicly known before disclosure
• Becomes publicly known through no breach by receiving party
• Was independently developed without use of confidential information
• Was rightfully received from a third party without restriction
• Must be disclosed under court order or legal requirement (with notice)

7. Open Source Software

7.1 Open Source Usage

We use open-source software components in our Services. Common licenses include:

• Permissive Licenses: MIT, Apache 2.0, BSD (allow commercial use with attribution)
• Copyleft Licenses: GPL, AGPL (require derivative works to be open-sourced)
• Weak Copyleft: LGPL, MPL (limited copyleft obligations)

7.2 Compliance

We ensure open-source compliance by:

• Maintaining inventory of open-source components
• Respecting license terms and providing required attributions
• Disclosing open-source components in custom development projects
• Not using GPL/AGPL in proprietary client deliverables (unless requested)

7.3 Open Source Contributions

We may contribute to open-source projects. Our contributions:

• Are licensed under the project's existing license
• Do not include client confidential information
• Do not transfer client IP to open-source projects
• Benefit the broader developer community

8. AI-Generated Content Ownership

8.1 AI Outputs

For content generated by third-party AI systems through our Services:

• You Own AI Outputs: Content generated in response to your prompts is owned by you, subject to third-party AI provider terms
• Third-Party Terms: OpenAI, ElevenLabs, and other providers have their own terms regarding AI-generated content
• Non-Exclusive: Similar outputs may be generated for other users using similar prompts
• No Guarantee of Uniqueness: AI may generate similar content for different users

8.2 AI Training Data

Regarding use of client data for AI training:

• Default: We do NOT use client data to train AI models
• Opt-In Only: Training data use requires explicit written consent
• Anonymization: If consented, data is anonymized before use
• Third-Party Policies: AI service providers have their own data usage policies

9. Infringement Claims

9.1 IP Indemnification (Our Services)

We will defend you against claims that our Services infringe third-party intellectual property rights, provided:

• You notify us promptly of the claim
• We have sole control of defense and settlement
• You cooperate reasonably in the defense
• Infringement wasn't caused by your modifications or misuse

9.2 Your Indemnification (Your Content)

You will defend us against claims that your content, data, or use of Services infringes third-party rights, including:

• Copyright infringement in content you provide
• Trademark violations in your branding
• Trade secret theft in data you upload
• Patent infringement in applications you build

9.3 Remedies for Infringement

If our Services are found to infringe, we may, at our option:

• Obtain license for you to continue using the Services
• Modify Services to be non-infringing
• Replace infringing components with non-infringing alternatives
• Terminate Services and refund pro-rated fees (last resort)

10. Copyright & DMCA

10.1 Copyright Policy

We respect intellectual property rights and comply with the Digital Millennium Copyright Act (DMCA).

10.2 DMCA Takedown Procedure

To report copyright infringement, send a DMCA notice to info@otherworldsai.com with:

1. Identification of copyrighted work claimed to be infringed
2. Location of infringing material (URL, account details)
3. Your contact information (name, email, phone, address)
4. Statement of good faith belief that use is unauthorized
5. Statement that information is accurate and you're authorized to act
6. Physical or electronic signature

10.3 Counter-Notice

If your content was removed due to DMCA takedown and you believe it was mistaken, you may file a counter-notice with the same information above plus statement that material was removed by mistake.

10.4 Repeat Infringer Policy

Accounts with multiple substantiated infringement claims will be terminated per our Repeat Infringer Policy.

11. Portfolio & Marketing Rights

11.1 Portfolio Usage

Unless you opt out, we may showcase completed projects:

• Case Studies: Describing the project, challenges, and solutions
• Screenshots: Visual representations of work (with sensitive data removed)
• Client Logo: Displaying your logo in "Clients" section
• Testimonials: Using your feedback and reviews

11.2 Confidential Projects

For projects under NDA or confidentiality:

• We will NOT showcase or disclose project details
• Generic descriptions only ("Fortune 500 company," "Healthcare provider")
• No screenshots, data, or identifying information
• Requires your explicit permission to showcase

11.3 Opt-Out

To opt out of portfolio usage, email info@otherworldsai.com with subject "Portfolio Opt-Out". We will remove your project within 5 business days.

12. Feedback & Suggestions

Any feedback, ideas, suggestions, or recommendations you provide about our Services become our property without compensation or attribution:

• Unrestricted Use: We may use feedback for any purpose without restriction
• No Obligation: We are not obligated to implement suggestions
• No Compensation: No payment or credit for implemented suggestions
• Assignment: You assign all rights in feedback to us

13. Contact Information

1. Introduction

This Security Policy outlines the comprehensive security measures, practices, and commitments implemented by Otherworlds Studio, LLC, operating as "Otherworlds AI" ("we," "us," or "our"), to protect our systems, infrastructure, and client data.

Information security is fundamental to our business. We implement defense-in-depth strategies across physical, technical, and organizational domains to ensure the confidentiality, integrity, and availability of data and services.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Security Framework & Standards

2.1 Alignment with Industry Standards

Our security program is aligned with internationally recognized frameworks:

• ISO 27001: Information Security Management System (ISMS) controls
• SOC 2 Type II: Trust Services Criteria (Security, Availability, Confidentiality)
• NIST Cybersecurity Framework: Identify, Protect, Detect, Respond, Recover
• OWASP Top 10: Web application security best practices
• CIS Controls: Critical security controls for cyber defense

2.2 Compliance Requirements

• GDPR: European data protection regulation compliance
• CCPA: California Consumer Privacy Act compliance
• PCI-DSS: Payment Card Industry standards (via third-party processors)
• HIPAA: Available for healthcare clients with Business Associate Agreements

3. Data Encryption

3.1 Encryption at Rest

• Algorithm: AES-256 encryption for all stored data
• Database Encryption: Full database encryption using transparent data encryption (TDE)
• File Storage: All files encrypted in enterprise cloud storage systems
• Backup Encryption: All backups encrypted with separate keys
• Key Management: Enterprise key management services for encryption key storage and rotation

3.2 Encryption in Transit

• TLS 1.3: Latest TLS protocol for all data transmission
• HTTPS Everywhere: All web traffic encrypted with TLS
• API Security: All API calls require TLS/SSL encryption
• VPN: Internal communications via encrypted VPN tunnels
• Certificate Management: Automated certificate renewal and monitoring

3.3 Encryption Key Management

• Key Rotation: Encryption keys rotated quarterly
• Key Storage: Keys stored in hardware security modules (HSM)
• Access Control: Strict access controls on key management systems
• Audit Logging: All key access logged and monitored

4. Access Controls & Authentication

4.1 Authentication Mechanisms

• Multi-Factor Authentication (MFA): Required for all admin and privileged accounts
• Password Requirements: Minimum 12 characters, complexity requirements enforced
• SSO Integration: Support for SAML and OAuth 2.0 single sign-on (Enterprise tier)
• Session Management: Automatic logout after 30 minutes of inactivity
• Passwordless Options: Biometric, hardware tokens, magic links supported

4.2 Role-Based Access Control (RBAC)

• Principle of Least Privilege: Users granted minimum permissions necessary
• Role Definitions: Clear roles with defined permissions (Admin, User, Developer, Support)
• Access Reviews: Quarterly review of user access rights
• Separation of Duties: Critical operations require multiple approvals
• Temporary Access: Time-limited access for contractors and temporary staff

4.3 Access Monitoring

• Login Monitoring: All authentication attempts logged
• Anomaly Detection: Automated detection of unusual access patterns
• Failed Logins: Account lockout after 5 failed attempts
• Privileged Access: All admin actions logged and auditable

5. Network Security

5.1 Perimeter Security

• Firewalls: Next-generation firewalls (NGFW) with deep packet inspection
• DDoS Protection: Enterprise DDoS mitigation and protection services
• WAF: Web Application Firewall to protect against common attacks
• Rate Limiting: API rate limiting to prevent abuse
• IP Whitelisting: Available for enterprise clients

5.2 Intrusion Detection & Prevention

• IDS/IPS: Real-time intrusion detection and prevention systems
• Network Monitoring: 24/7 monitoring of network traffic
• Threat Intelligence: Integration with threat intelligence feeds
• Automated Response: Automatic blocking of malicious IPs

5.3 Network Segmentation

• DMZ: Demilitarized zone for public-facing services
• Internal Networks: Segmented networks for different security levels
• Database Isolation: Databases on separate protected networks
• Microsegmentation: Container-level network isolation

6. Application Security

6.1 Secure Development Lifecycle (SDL)

• Security by Design: Security requirements defined at project inception
• Code Reviews: Peer review of all code changes with security focus
• Static Analysis: Automated SAST tools scan code for vulnerabilities
• Dynamic Testing: DAST tools test running applications
• Dependency Scanning: Automated scanning for vulnerable dependencies
• Security Training: Developers receive OWASP security training

6.2 Input Validation & Sanitization

• Input Validation: All user inputs validated and sanitized
• SQL Injection Prevention: Parameterized queries, ORM usage
• XSS Prevention: Output encoding and Content Security Policy (CSP)
• CSRF Protection: Anti-CSRF tokens on all state-changing operations
• File Upload Security: Virus scanning, type validation, size limits

6.3 API Security

• Authentication: API keys, OAuth 2.0, JWT tokens
• Authorization: Granular permissions on API endpoints
• Rate Limiting: Prevents API abuse and DDoS
• Input Validation: Strict schema validation on all API requests
• Versioning: Secure deprecation of old API versions

7. Infrastructure Security

7.1 Cloud Security

• Cloud Providers: Enterprise-grade cloud infrastructure providers
• Multi-Region: Data replicated across multiple regions for redundancy
• Virtual Private Cloud: Isolated VPC networks for production environments
• Security Groups: Restrictive firewall rules at network level
• Instance Hardening: Minimal OS installations, regular patching

7.2 Container & Orchestration Security

• Container Scanning: Images scanned for vulnerabilities before deployment
• Runtime Protection: Container runtime security monitoring
• Network Policies: Kubernetes network policies restrict container communication
• Secrets Management: Enterprise-grade encrypted secrets storage and management

7.3 Physical Security

While we use cloud infrastructure, our cloud providers maintain:

• Data Center Security: 24/7 surveillance, biometric access controls
• SOC 2 Certified: Cloud providers maintain SOC 2 Type II certification
• Redundancy: Geographically distributed data centers
• Environmental Controls: Fire suppression, climate control, power redundancy

8. Vulnerability Management

8.1 Vulnerability Scanning

• Frequency: Automated vulnerability scans weekly
• Scope: All web applications, APIs, and infrastructure
• Tools: Commercial and open-source scanning tools
• Remediation: Critical vulnerabilities patched within 24 hours, high within 7 days

8.2 Penetration Testing

• Frequency: Annual third-party penetration testing
• Scope: External and internal networks, applications, APIs
• Methodology: OWASP Testing Guide, PTES standards
• Remediation: Findings addressed based on severity
• Reporting: Executive summaries available to enterprise clients

8.3 Patch Management

• Critical Patches: Applied within 24 hours of availability
• Security Patches: Applied within 7 days
• Regular Updates: Monthly patching schedule for non-critical updates
• Testing: Patches tested in staging before production deployment

9. Incident Response

9.1 Security Incident Response Plan

We maintain a documented incident response plan covering:

1. Preparation: Incident response team, tools, and procedures ready
2. Detection: 24/7 monitoring, automated alerting, user reports
3. Containment: Isolate affected systems to prevent spread
4. Eradication: Remove threat, patch vulnerabilities
5. Recovery: Restore services and verify integrity
6. Post-Incident: Root cause analysis, lessons learned, improvements

9.2 Data Breach Response

In the event of a data breach:

• Notification: Affected clients notified within 72 hours (GDPR requirement)
• Authorities: Relevant supervisory authorities notified per legal requirements
• Affected Users: End users notified if high risk to rights and freedoms
• Remediation: Immediate action to contain breach and prevent recurrence
• Documentation: Complete records maintained of breach and response

9.3 Security Incident Reporting

To report security incidents or vulnerabilities:

• Email: info@otherworldsai.com (Subject: "SECURITY INCIDENT")
• Response Time: Acknowledged within 1 hour, investigation begins immediately
• Bug Bounty: Responsible disclosure encouraged, rewards for valid findings

10. Employee & Organizational Security

10.1 Personnel Security

• Background Checks: Pre-employment screening for all staff with data access
• Confidentiality Agreements: All employees sign NDAs and acceptable use policies
• Security Training: Annual security awareness training for all staff
• Phishing Simulations: Regular phishing tests and awareness campaigns
• Off-boarding: Immediate access revocation upon termination

10.2 Security Awareness Program

• Annual Training: Mandatory security training for all employees
• Topics Covered: Phishing, social engineering, password security, data handling
• Developer Training: OWASP Top 10, secure coding practices
• Incident Response Drills: Quarterly tabletop exercises

10.3 Third-Party Risk Management

• Vendor Assessment: Security review before onboarding vendors
• Contracts: Security requirements in all vendor contracts
• Monitoring: Ongoing monitoring of vendor security posture
• Compliance: Vendors must maintain relevant certifications

11. Data Security & Privacy

11.1 Data Classification

• Public: Information intended for public disclosure
• Internal: Business information for internal use only
• Confidential: Sensitive business data requiring protection
• Restricted: Personal data, credentials, encryption keys (highest protection)

11.2 Data Handling

• Data Minimization: Collect only necessary data
• Retention: Data retained only as long as needed (see Privacy Policy)
• Secure Deletion: Cryptographic wiping of deleted data
• Data Masking: Sensitive data masked in non-production environments
• Anonymization: Personal data anonymized for analytics when possible

11.3 Privacy by Design

• Privacy Built-In: Privacy considerations in all system designs
• Consent Management: Granular consent controls for data processing
• Data Portability: Easy export of user data
• Right to Erasure: Automated data deletion on request

12. Logging & Monitoring

12.1 Security Logging

• Comprehensive Logs: Authentication, authorization, data access, system changes
• Centralized Logging: All logs aggregated in SIEM (Security Information and Event Management)
• Log Retention: Security logs retained for minimum 1 year
• Log Protection: Logs encrypted and tamper-proof
• Clock Synchronization: NTP for accurate timestamps

12.2 24/7 Monitoring

• Real-Time Monitoring: Continuous monitoring of security events
• Automated Alerts: Immediate alerts for anomalies and threats
• On-Call Team: Security team on-call 24/7/365
• Threat Detection: Machine learning-based anomaly detection

13. Business Continuity & Disaster Recovery

13.1 Backup Strategy

• Continuous Replication: Real-time data replication to secondary region
• Daily Backups: Full database backups every 24 hours
• Incremental Backups: Every 6 hours for critical data
• Backup Testing: Quarterly restore tests to verify integrity
• Retention: Backups retained for 30 days, critical data for 90 days

13.2 Disaster Recovery

• RTO (Recovery Time Objective): 4 hours maximum
• RPO (Recovery Point Objective): 1 hour maximum data loss
• Failover: Automated failover to secondary region
• DR Testing: Annual disaster recovery drills
• Documentation: Detailed DR runbooks maintained

13.3 High Availability

• Load Balancing: Traffic distributed across multiple servers
• Auto-Scaling: Automatic scaling to handle traffic spikes
• Health Checks: Continuous health monitoring of all services
• No Single Point of Failure: Redundancy at every layer

14. Compliance & Auditing

14.1 Security Audits

• Internal Audits: Quarterly internal security audits
• External Audits: Annual third-party security assessments
• Penetration Tests: Annual external penetration testing
• Code Audits: Security-focused code reviews for critical systems

14.2 Compliance Programs

• SOC 2: Working toward SOC 2 Type II certification
• ISO 27001: Alignment with ISO 27001 controls
• GDPR: Full compliance with European data protection
• CCPA: California privacy law compliance

14.3 Audit Trail

• Complete Audit Logs: All privileged actions logged
• Tamper-Proof: Logs cannot be modified after creation
• Retention: Audit logs retained for 1 year minimum
• Availability: Logs available for client audit (enterprise tier)

15. Your Security Responsibilities

15.1 Account Security

You are responsible for:

• Strong Passwords: Using strong, unique passwords
• MFA Enabled: Enabling multi-factor authentication
• Credential Protection: Keeping login credentials confidential
• Unauthorized Access: Reporting suspected unauthorized access immediately
• Session Management: Logging out when finished, especially on shared devices

15.2 Data Security

• Classification: Properly classifying data you upload
• Encryption: Encrypting sensitive data before upload (for maximum security)
• Access Control: Granting appropriate permissions to team members
• Data Validation: Not uploading malware or malicious content

15.3 Reporting Security Issues

If you discover a security vulnerability, please:

1. Report immediately to info@otherworldsai.com with subject "SECURITY VULNERABILITY"
2. Provide detailed description and steps to reproduce
3. Do not publicly disclose until we've had time to fix (responsible disclosure)
4. We'll acknowledge within 24 hours and work with you on resolution

16. Security Certifications & Future Plans

16.1 Current Status (2025)

• ISO 27001: Aligned with controls, certification in progress
• SOC 2 Type II: Audit preparation underway, expected Q3 2025
• GDPR: Fully compliant
• CCPA: Fully compliant

16.2 Planned Certifications

• ISO 27001: Target certification by Q4 2025
• SOC 2 Type II: Target certification by Q3 2025
• HIPAA: BAA available for healthcare clients (current)
• PCI-DSS: Via certified third-party payment processors

17. Contact Information

1. Introduction

This Refund Policy explains the terms and conditions under which Otherworlds Studio, LLC, operating as "Otherworlds AI" ("we," "us," or "our"), provides refunds for our services and products. This policy should be read in conjunction with our Terms of Service.

We strive for customer satisfaction and maintain fair refund practices for all our service types: SaaS subscriptions (Agent+), custom development projects, consulting services, and digital products.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Agent+ SaaS Subscription Refunds

2.1 Monthly Subscriptions

• 30-Day Money-Back Guarantee: First-time subscribers can request a full refund within 30 days of initial purchase if not satisfied with the service.
• Cancellation: You may cancel at any time through your account settings. Cancellation is effective at the end of the current billing period.
• No Pro-Rated Refunds: Monthly subscriptions are non-refundable after the 30-day guarantee period. You retain access until the end of the paid period.
• Usage Fees: Usage-based charges (API calls, voice minutes, SMS) are non-refundable as they represent consumed resources.

2.2 Annual Subscriptions

• 60-Day Money-Back Guarantee: Full refund available within 60 days of annual subscription purchase.
• Pro-Rated Refunds: After 60 days, pro-rated refunds available if you cancel with at least 3 months remaining, minus a 15% processing fee.
• Service Downgrade: If you downgrade during an annual term, no refund is provided for the difference. The new tier takes effect at renewal.

2.3 Refund Exclusions - SaaS

Refunds are not available for:

• Violations of Terms of Service or Acceptable Use Policy
• Account termination due to fraud or abuse
• Third-party service failures (AI platform, voice services, communication provider outages)
• User error or misunderstanding of features
• Buyer's remorse after the guarantee period
• Force majeure events (natural disasters, internet outages, etc.)

3. Custom Development Project Refunds

3.1 Milestone-Based Projects

For projects with defined milestones and deliverables:

• Milestone Approval: Payment for each milestone is due upon completion and client review. Once approved, milestone payments are non-refundable.
• Rejection Period: Clients have 7 business days to review and request revisions for each milestone deliverable.
• Cancellation Before Completion: If you cancel mid-project:
  • Completed milestones: Non-refundable
  • Work-in-progress: Refund of 50% of milestone payment
  • Future milestones: Full refund
• Deposit: Initial project deposits (typically 25-50%) are non-refundable after project kickoff and requirements gathering.

3.2 Fixed-Price Projects

• Cancellation Within 7 Days: Full refund if you cancel before active development begins (after proposal acceptance but before kickoff).
• Cancellation After Development Starts: Refund calculated based on percentage of work completed, minus 20% administrative fee.
• Project Delivery: Once final deliverables are accepted and project is marked complete, payments are non-refundable.

3.3 Change Requests & Scope Changes

Additional charges for scope changes and change requests are non-refundable once work begins on the requested changes.

3.4 Quality Guarantee

If deliverables do not meet specifications outlined in the Statement of Work (SOW):

• We will revise at no additional cost until deliverables meet specifications
• If we cannot meet specifications after reasonable attempts, partial refund will be provided
• Refund amount based on unmet deliverables, determined through good-faith negotiation

4. Consulting Services Refunds

4.1 Hourly Consulting

• Time Worked: Fees for hours already worked are non-refundable.
• Prepaid Packages: Unused hours in prepaid consulting packages can be refunded within 90 days of purchase, minus a 10% processing fee.
• Cancellation Policy: Cancel or reschedule sessions with 48 hours notice to avoid charges.

4.2 Retained Consulting

• Monthly Retainers: Non-refundable. Cancellation is effective at end of current month.
• Unused Hours: Unused retainer hours do not roll over month-to-month unless explicitly stated in agreement.

5. Digital Products & Training Refunds

5.1 Online Courses & Training Materials

• 14-Day Guarantee: Full refund within 14 days of purchase if less than 25% of content has been accessed.
• No Refunds After Access: If more than 25% of content accessed, no refund available (prevents content theft).

5.2 Templates, Code Libraries, & Digital Downloads

• No Refunds: Digital downloads and code templates are non-refundable once downloaded due to their nature.
• Defective Products: If product is technically defective or not as described, we'll provide a replacement or full refund.

6. Refund Request Process

6.1 How to Request a Refund

1. Email Request: Send refund request to info@otherworldsai.com
2. Include Details:
   • Order/Invoice number
   • Service or product name
   • Reason for refund request
   • Purchase date
3. Response Time: We respond to refund requests within 2 business days
4. Verification: We may request additional information to verify your identity and purchase

6.2 Refund Processing Time

• Approval: Refund requests are reviewed and approved/denied within 5 business days
• Processing: Approved refunds are processed within 7-10 business days
• Bank Processing: Your financial institution may take an additional 3-5 business days to credit your account
• Refund Method: Refunds issued to original payment method (credit card, PayPal, etc.)

6.3 Partial Refunds

Partial refunds may be issued in situations such as:

• Partially completed custom development work
• Unused portion of prepaid consulting hours
• Pro-rated refunds for annual subscriptions (after 60-day guarantee)
• Good-faith resolution of disputes

7. Chargebacks & Payment Disputes

7.1 Chargeback Policy

• Immediate suspension of access to all services
• Termination of account and all associated data
• Ban from future purchases
• Chargeback fees ($25-50) passed to customer if chargeback is found to be invalid

7.2 Fraudulent Chargebacks

We actively dispute fraudulent chargebacks ("friendly fraud"). If services were delivered as agreed and a chargeback is initiated without contacting us, we will:

• Provide evidence of service delivery to payment processor
• Pursue legal action for amounts over $500 if necessary
• Report to fraud prevention networks

7.3 Billing Disputes

For billing errors or unauthorized charges, contact us immediately:

• Email: info@otherworldsai.com with subject "Billing Dispute"
• Response Time: We investigate billing disputes within 24-48 hours
• Resolution: Legitimate billing errors are corrected immediately with full refund

8. Service Credits (Alternative to Refunds)

In some situations, we may offer service credits as an alternative to cash refunds:

8.1 When Service Credits Are Offered

• SLA violations (extended downtime beyond our commitments)
• Service disruptions caused by us
• Goodwill gestures for minor inconveniences
• Compensation for delayed deliverables

8.2 Service Credit Terms

• Value: Service credits typically equal 150% of affected fees
• Expiration: Credits must be used within 12 months
• Non-Transferable: Credits cannot be transferred or sold
• No Cash Value: Credits cannot be redeemed for cash
• Application: Automatically applied to future invoices

9. Force Majeure & Service Interruptions

No refunds are provided for service interruptions caused by events beyond our reasonable control:

• Natural disasters (earthquakes, floods, hurricanes)
• Acts of government or war
• Internet service provider failures
• Third-party service outages (cloud infrastructure, AI platforms, communication services)
• DDoS attacks or cyber attacks on our infrastructure
• Pandemic or public health emergencies

However, we may offer service credits or extensions for significant force majeure events at our discretion.

10. Cancellation Procedures

10.1 SaaS Subscription Cancellation

1. Log into your Agent+ account
2. Navigate to Account Settings → Billing
3. Click "Cancel Subscription"
4. Confirm cancellation (access continues until end of billing period)
5. Optional: Export your data before cancellation

10.2 Custom Development Cancellation

1. Email project manager or info@otherworldsai.com
2. Provide written notice of cancellation
3. We'll provide final invoice for work completed
4. Refund calculated according to Section 3 above
5. Deliverables provided for completed work

10.3 Data Retention After Cancellation

After cancellation:

• 90-Day Grace Period: Your data is retained for 90 days in case you change your mind
• Data Export: You can export your data during the 90-day period
• Permanent Deletion: After 90 days, data is permanently deleted and cannot be recovered
• Legal Retention: Some data may be retained longer for legal/compliance reasons (invoices, contracts)

11. Dispute Resolution

11.1 Informal Resolution

We encourage resolving refund disputes through informal discussion before escalating:

1. Contact info@otherworldsai.com with your concerns
2. We'll schedule a call within 48 hours to discuss
3. Most disputes are resolved within 7 days through good-faith negotiation

11.2 Formal Dispute Process

If informal resolution fails:

• Disputes are governed by our Terms of Service
• Colorado law applies
• Mediation or arbitration may be required for disputes over $5,000

12. Changes to Refund Policy

We may update this Refund Policy to reflect changes in our services or legal requirements. Material changes will be communicated through:

• Email notification to active subscribers
• Notice on website and in Agent+ platform
• Updated "Last Modified" date

Changes do not apply retroactively to purchases made before the policy update.

13. Contact Us About Refunds

For refund requests or questions about this policy, please contact us:

1. Introduction

Otherworlds Studio, LLC, operating as "Otherworlds AI" ("we," "us," or "our"), is committed to ensuring digital accessibility for people with disabilities. We are continually improving the user experience for everyone and applying the relevant accessibility standards.

This Accessibility Policy outlines our commitment, standards, and ongoing efforts to make our websites, applications, and services accessible to all users, including those with disabilities.

Effective Date: January 1, 2025
Last Updated: January 9, 2025
Legal Entity: Otherworlds Studio, LLC
Jurisdiction: Colorado, United States

2. Accessibility Commitment

We believe that digital accessibility is a right, not a privilege. Our commitment includes:

• Inclusive Design: Building accessibility into our design and development process from the start, not as an afterthought
• WCAG Compliance: Adhering to Web Content Accessibility Guidelines (WCAG) 2.1 Level AA standards
• Continuous Improvement: Regular testing, monitoring, and enhancement of accessibility features
• User Feedback: Actively seeking and responding to feedback from users with disabilities
• Training: Ensuring our team understands and implements accessibility best practices

3. Accessibility Standards

3.1 WCAG 2.1 Level AA Compliance

Our digital properties aim to meet or exceed WCAG 2.1 Level AA success criteria across four key principles:

4. Assistive Technology Compatibility

4.1 Supported Assistive Technologies

Our services are designed to work with:

• Screen Readers: JAWS, NVDA, VoiceOver, TalkBack, Narrator
• Screen Magnification: ZoomText, MAGic, built-in OS magnifiers
• Speech Input: Dragon NaturallySpeaking, OS voice control
• Alternative Input: Switch controls, eye-tracking devices, adaptive keyboards
• Browser Extensions: Color contrast adjusters, dyslexia-friendly fonts

4.2 Keyboard Navigation

• Full Keyboard Access: All functionality accessible via keyboard
• Logical Tab Order: Tab navigation follows visual and logical flow
• Visible Focus Indicators: Clear visual indicators for keyboard focus
• Keyboard Shortcuts: Documented shortcuts for common actions
• No Keyboard Traps: Users can navigate in and out of all components

4.3 Mobile Accessibility

• Touch Target Size: Minimum 44×44 pixels for tap targets
• Gesture Alternatives: Single-tap alternatives for complex gestures
• Screen Reader Support: VoiceOver (iOS) and TalkBack (Android) compatible
• Orientation Support: Works in portrait and landscape modes

5. Visual & Content Accessibility

5.1 Color & Contrast

• Contrast Ratios: Minimum 4.5:1 for normal text, 3:1 for large text (WCAG AA)
• Color Independence: Information not conveyed by color alone
• Dark Mode Support: High-contrast dark mode available
• Colorblind Friendly: Patterns and labels supplement color coding

5.2 Typography & Readability

• Resizable Text: Text can be resized up to 200% without loss of functionality
• Readable Fonts: Clear, legible fonts with good letter spacing
• Line Height: Adequate line spacing (minimum 1.5× font size)
• Plain Language: Clear, concise language avoiding jargon where possible
• Headings: Proper heading hierarchy (H1-H6) for structure

5.3 Multimedia Accessibility

• Video Captions: Closed captions for all video content
• Audio Transcripts: Text transcripts for audio content and podcasts
• Audio Descriptions: Descriptions for important visual information in videos
• Controls: Accessible play/pause controls with keyboard support
• Auto-Play Prevention: No auto-playing audio or video

6. Agent+ Platform Accessibility

6.1 Voice AI Accessibility

• Speech-to-Text: Voice conversations automatically transcribed
• Text-to-Speech: Chat interfaces with TTS for visually impaired users
• Clear Audio: High-quality voice output with adjustable speed
• Visual Alternatives: Text chat as alternative to voice calls
• Hearing Impaired: Visual indicators for audio cues

6.2 Dashboard Accessibility

• Screen Reader Compatible: All dashboard elements properly labeled
• Keyboard Navigation: Full keyboard access to all features
• Data Visualization: Charts include text alternatives and data tables
• Form Accessibility: Clear labels, error messages, and instructions
• Focus Management: Logical focus order for modal dialogs and popups

6.3 AI Chat Interface

• ARIA Live Regions: Screen readers announce new messages
• Keyboard Shortcuts: Send messages, navigate history with keyboard
• High Contrast: Chat bubbles meet contrast requirements
• Time Limits: No strict time limits for typing responses

7. Testing & Evaluation

7.1 Testing Methods

• Automated Testing: Industry-standard accessibility auditing tools in CI/CD pipeline
• Manual Testing: Human review of accessibility features quarterly
• Screen Reader Testing: Testing with industry-standard screen readers (Windows, Mac, mobile)
• Keyboard-Only Testing: Complete site navigation using keyboard only
• User Testing: Testing with real users who have disabilities

7.2 Testing Frequency

• Continuous: Automated tests run on every code deployment
• Quarterly: Comprehensive manual accessibility audits
• Annual: Third-party accessibility audit by certified experts
• Major Releases: Full accessibility review before launching new features

7.3 Accessibility Tools

• Browser Extensions: Professional accessibility testing tools for developers
• Automated Scanners: WCAG compliance scanners integrated in build pipeline
• Screen Readers: Industry-standard screen readers for validation
• Color Contrast Analyzers: Tools ensuring WCAG contrast requirements

8. Remediation Process

8.1 Issue Prioritization

Accessibility issues are prioritized by severity:

8.2 Remediation Workflow

1. Issue Reported: Via feedback form or discovered in testing
2. Triage: Issue assessed and prioritized within 3 business days
3. Assignment: Issue assigned to appropriate team member
4. Fix Development: Solution developed and tested
5. Verification: Fix verified with assistive technology testing
6. Deployment: Fix deployed to production
7. Notification: Reporter notified of resolution

9. Third-Party Content & Services

9.1 Third-Party Accessibility

We use third-party AI, voice, communication, and payment services that have their own accessibility features:

• Vendor Selection: We prioritize vendors with strong accessibility commitments
• API Integration: We implement accessible interfaces to third-party APIs
• Limitations: Some third-party limitations may exist beyond our control
• Alternatives: We provide accessible alternatives where third-party accessibility is limited

9.2 User-Generated Content

While we provide accessible tools, we cannot guarantee accessibility of user-generated content:

• Guidance: We provide accessibility guidelines for content creators
• Tools: Built-in tools to add alt text, captions, and descriptions
• Moderation: We encourage accessible content creation but cannot enforce it

10. Training & Awareness

10.1 Team Training

• Onboarding: All new team members receive accessibility training
• Annual Refresher: Yearly accessibility training for all staff
• Developer Training: WCAG 2.1, ARIA, semantic HTML training
• Designer Training: Accessible design principles, color contrast, typography
• Content Team: Plain language, alt text, caption writing

10.2 Accessibility Champions

• Dedicated Team: Accessibility champions in each department
• Expertise: Ongoing education and certification (IAAP CPACC, WAS)
• Advocacy: Champions advocate for accessibility in all projects
• Review: Champions review all major features before launch

11. Accessibility Feedback & Support

11.1 How to Report Issues

If you encounter accessibility barriers on our platforms, please let us know:

11.2 Alternative Access

If you need content or functionality in an alternative format:

• Document Formats: We can provide documents in accessible formats (text, large print, audio)
• Phone Support: Alternative to web-based support at +1 (720) 240-9188
• Email Support: Text-based support as alternative to chat/phone
• Custom Accommodations: Contact us for specific accommodation needs

12. Ongoing Improvement

12.1 Accessibility Roadmap

Our commitment to accessibility includes continuous improvement:

• 2025 Goals: Achieve WCAG 2.1 Level AA compliance across all properties
• Advanced Features: Exploring WCAG 2.2 and Level AAA where feasible
• AI Accessibility: Developing AI-powered accessibility features (auto-captioning, alt text generation)
• User Research: Regular sessions with users who have disabilities

12.2 Regular Audits

• Quarterly Reviews: Internal accessibility reviews every quarter
• Annual External Audit: Third-party WCAG compliance audit annually
• User Feedback Integration: Incorporating feedback into product roadmap
• Industry Standards: Staying current with evolving accessibility standards

13. Legal Compliance

13.1 Applicable Laws & Regulations

We comply with accessibility laws including:

• ADA: Americans with Disabilities Act (Title III)
• Section 508: Rehabilitation Act requirements (for government contracts)
• CVAA: 21st Century Communications and Video Accessibility Act
• European Standards: EN 301 549 for EU accessibility
• AODA: Accessibility for Ontarians with Disabilities Act (for Canadian clients)

13.2 Accessibility Statement Updates

This policy is reviewed and updated:

• Annually: Comprehensive review every January
• After Major Changes: Updated when significant features are added
• Legal Updates: Updated when accessibility laws change
• User Feedback: Updated based on community input

14. Contact Information

For accessibility questions, feedback, or to request accommodations: