Carefree Computing

Legal

Privacy Policy

Effective Date: May 25, 2026 · Last Updated: May 25, 2026

Legal
Privacy Policy
Terms & Conditions

This Privacy Policy describes how Carefree Computing, a division of Aivorys LLC ('Carefree Computing,' 'Aivorys LLC,' 'we,' 'us,' or 'our'), collects, uses, processes, discloses, and safeguards personal information. Carefree Computing operates across two domains — www.carefreecomputing.com and www.carefreecomputing.cloud — both of which are divisions of Aivorys LLC and are treated as a single legal entity for all privacy and data-protection purposes (collectively, the 'Site'). This Policy covers all services, platforms, software, and related infrastructure we provide, including but not limited to Remote IT Management (RustDesk), Real-Time Security Monitoring (Wazuh), Nextcloud CRM & Collaboration, Private AI, SearxNG Private Search, Multilingual Chatbot and AI Automation, and Custom Web Design services (collectively, the 'Services').

By accessing or using our Site or Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree, please discontinue use of our Site and Services immediately.

1. Information We Collect

1.0 Corporate Entity

Carefree Computing is a division of Aivorys LLC. Both carefreecomputing.com and carefreecomputing.cloud are divisions of Aivorys LLC and are operated as a single legal entity for all privacy, data-protection, and contractual purposes. Any reference to 'Carefree Computing' in this Privacy Policy includes Aivorys LLC and both of its operating domains.

1.1 Information You Provide Directly

  • Contact and inquiry information: name, email address, phone number, company name, job title, and any message content submitted through our contact forms, audit request forms, or chatbot interfaces.
  • Account and billing information: name, billing address, payment method details (processed via third-party payment processors), and subscription preferences.
  • Configuration and technical data: infrastructure preferences, deployment region selections (U.S., EU, or local), device information, and service customization requirements.
  • Communications: correspondence with our support team, email exchanges, and chat transcripts.

1.2 Information Collected Automatically

  • Log and usage data: IP addresses, browser type and version, operating system, referring URLs, pages viewed, time and date of access, and session duration.
  • Device identifiers: unique device IDs, hardware model, and network information.
  • Cookies and tracking technologies: session cookies, preference cookies, analytics tokens, and similar technologies (see Section 10 for details).
  • Interaction data: how you navigate and interact with our Site, features accessed, and search queries entered via Aivorys Private Search.

1.3 Information From Third Parties

  • Integration data: when you connect our Services to third-party platforms (e.g., WhatsApp, Instagram, Facebook Messenger, Google Sheets), we may receive data transmitted through those integrations as configured by you.
  • Business partner data: information shared by referral partners or resellers for account setup purposes.

1.4 Information Generated Through Service Delivery

  • Security monitoring data: system event logs, threat alerts, and endpoint telemetry generated by our Wazuh-based security monitoring services.
  • Remote session data: connection logs and session metadata generated through our RustDesk remote IT management platform.
  • AI interaction data: inputs and outputs from our Private AI Assistant and Multilingual Chatbot, which may include business content, customer messages, and lead information.
  • Search queries: anonymized or pseudonymized queries submitted through our SearxNG private search engine. By design, SearxNG is built to minimize data retention and avoid user profiling.

2. Methods of Collection

  • Directly from you when you submit forms, request a free systems audit, sign up for our Services, or communicate with our team.
  • Automatically through standard web server technologies, analytics tools, and cookies placed on your device when you visit our Site.
  • Through third-party platform integrations that you authorize as part of your service configuration.
  • Through our deployed software and infrastructure components (RustDesk, Wazuh, Nextcloud, Open WebUI) operating on your behalf within your contracted environment.

3. Legal Bases for Processing Personal Data

For individuals located in the European Union, United Kingdom, or other jurisdictions with similar requirements, we rely on the following legal bases to process personal data:

  • Performance of a contract: processing necessary to fulfill our obligations under a service agreement with you, including deploying infrastructure, providing support, and billing.
  • Legitimate interests: processing necessary for our legitimate business interests, such as improving our Services, maintaining security, preventing fraud, marketing our Services, and communicating with prospects, provided such interests are not overridden by your fundamental rights.
  • Consent: where required by applicable law, we obtain your explicit consent prior to processing (e.g., placing non-essential cookies or sending marketing communications). You may withdraw consent at any time.
  • Compliance with legal obligations: processing required to comply with applicable laws, regulations, court orders, or governmental requests.

4. How We Use Your Information

4.1 Service Delivery and Operations

  • To provision, configure, deploy, and manage our Services on your behalf, including RustDesk remote access, Wazuh security monitoring, Nextcloud CRM, Private AI, SearxNG search, and chatbot solutions.
  • To authenticate users, manage account access, and ensure service availability and uptime.
  • To process payments, generate invoices, and manage billing.

4.2 Customer Support and Communication

  • To respond to inquiries, service requests, system audit requests, and support tickets.
  • To provide onboarding, technical configuration assistance, and ongoing managed service support.
  • To send transactional communications such as service confirmations, invoices, and scheduled maintenance notices.

4.3 Security and Fraud Prevention

  • To monitor, detect, investigate, and respond to security threats, unauthorized access, and abuse of our platform.
  • To enforce our Terms and Conditions and protect the integrity of our infrastructure.

4.4 Improvement and Analytics

  • To analyze usage patterns and service performance for the purpose of improving our platform features, stability, and scalability.
  • To conduct internal research, product development, and service optimization.

4.5 Marketing and Business Development

  • To communicate with prospective clients about our Services, promotions, and updates where lawful to do so.
  • To conduct lead qualification through our Multilingual Chatbot, including collecting names, email addresses, budgets, and intent data that you voluntarily provide.
  • To send email newsletters or updates, subject to your consent or our legitimate interests, with a clear option to unsubscribe.

4.6 Legal and Compliance

  • To comply with applicable law, regulation, or lawful governmental requests.
  • To enforce our legal rights or defend against legal claims.

5. Data Sharing and Third Parties

We do not sell your personal information. We do not share your personal data with third parties for their own independent marketing purposes. We may share your information in the following limited circumstances:

5.1 Service Providers and Subprocessors

We engage trusted third-party vendors to assist in delivering our Services, including:

  • Cloud hosting and infrastructure providers (data centers and VPS providers in your selected region: U.S. or EU).
  • Payment processors (e.g., Stripe or similar) who process billing information on our behalf under their own PCI-compliant frameworks.
  • Email and communication platforms used for transactional and marketing communications.
  • Analytics tools used to assess Site performance (configured to minimize personal data collection where possible).

These service providers are contractually required to process data only on our instructions and to maintain appropriate security safeguards.

5.2 Third-Party Platform Integrations

When you authorize integrations between our Services and third-party platforms (e.g., WhatsApp Business API, Instagram Messaging, Facebook Messenger, Google Sheets, or CRM systems), data shared with or received from those platforms is governed both by this Privacy Policy and the privacy policies of those third-party platforms. We are not responsible for the privacy practices of third-party platforms you choose to connect.

5.3 Open-Source Software Components

Our Services are built on open-source software components, including RustDesk, Wazuh, Nextcloud, Open WebUI, and SearxNG. These tools are deployed within your private infrastructure environment. We do not share your data with the upstream open-source project communities.

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or similar corporate transaction, your personal information may be transferred to the successor entity, subject to the same privacy protections as described in this Policy.

5.5 Legal Compliance and Protection

We may disclose personal information if required by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect the rights, property, or safety of Carefree Computing, our clients, or the public.

6. International Data Transfers

Carefree Computing operates globally and offers infrastructure deployment in your preferred region (United States or European Union). We endeavor to store and process your data within the region you select during onboarding.

Where data is transferred across international borders, including transfers from the European Economic Area (EEA) or United Kingdom to other countries, we ensure appropriate safeguards are in place in accordance with applicable data protection law. Such safeguards may include:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions issued by relevant regulatory authorities.
  • Other lawful transfer mechanisms permitted under GDPR, UK GDPR, or applicable privacy law.

You may request information about the specific transfer mechanisms applicable to your data by contacting us at the details provided in Section 15.

7. Security Measures

Carefree Computing takes data security seriously. We implement and maintain a range of technical, administrative, and physical safeguards designed to protect your information against unauthorized access, disclosure, alteration, and destruction, including:

  • Private cloud infrastructure deployed in your selected geographic region, minimizing exposure to third-party cloud ecosystems.
  • Real-time threat detection and intrusion monitoring powered by our Wazuh security platform.
  • Encrypted communications using industry-standard TLS/SSL protocols.
  • Role-based access controls and authentication requirements for administrative access.
  • Regular system patching, updates, and vulnerability assessments as part of our managed service operations.
  • Offsite encrypted backups included in all service tiers.

Notwithstanding the foregoing, no method of data transmission or storage is completely secure. While we strive to implement commercially reasonable safeguards, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and for notifying us promptly of any suspected unauthorized access.

8. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, to comply with our legal obligations, resolve disputes, and enforce our agreements. Our general retention principles are:

  • Active account data is retained for the duration of your service agreement with us.
  • Billing and transactional records are retained for a minimum of seven (7) years to comply with applicable tax and financial regulations.
  • Security and system event logs generated through Wazuh monitoring are retained in accordance with your service tier and applicable legal requirements.
  • Marketing communications and inquiry data are retained until you opt out or request deletion, whichever comes first.
  • Chatbot interaction logs and lead data are retained as configured in your service deployment unless you direct otherwise.

Upon termination of your service agreement, we will securely delete or anonymize your personal data within a commercially reasonable timeframe unless longer retention is required by law.

9. Your Rights and Choices

9.1 Rights Under GDPR (EU/UK Residents)

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure ('right to be forgotten'): to request deletion of your personal data where no legitimate legal basis for continued processing exists.
  • Right to restriction of processing: to request that we limit how we use your data in certain circumstances.
  • Right to data portability: to receive your data in a structured, machine-readable format.
  • Right to object: to object to processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent: where processing is based on consent, to withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: with your relevant national data protection supervisory authority.

9.2 Rights Under CCPA/CPRA (California Residents)

California residents have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know: to request disclosure of the categories and specific pieces of personal information we have collected, the sources of collection, the purposes of use, and the categories of third parties with whom we share it.
  • Right to delete: to request deletion of personal information we have collected, subject to applicable exceptions.
  • Right to correct: to request correction of inaccurate personal information.
  • Right to opt out of sale or sharing: we do not sell or share personal information for cross-context behavioral advertising.
  • Right to limit use of sensitive personal information: where applicable.
  • Right to non-discrimination: we will not discriminate against you for exercising your CCPA/CPRA rights.

California residents may submit requests by contacting us using the information in Section 15. We will respond within the timeframes required by applicable law (generally 45 days, with extensions available).

9.3 Other Jurisdictions

Residents of other jurisdictions with applicable privacy rights (including Canada, Australia, and other regions) may exercise similar rights to access, correct, or delete their personal data in accordance with local law. Please contact us to submit a request.

9.4 California Automatic Renewal Law Compliance

We comply with California's Automatic Renewal Law. We will notify you, the consumer, at least 7 days but no more than 30 days before new fees take effect. To cancel your contract with us, please notify us in writing by sending an email to contact@Aivorys.com for Aivorys or contact@carefreecomputing.cloud for Carefree Computing. We will confirm your cancellation date in writing.

10. Cookies and Tracking Technologies

10.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our Site. We also use similar tracking technologies such as web beacons, pixels, and local storage.

10.2 Categories of Cookies We Use

  • Essential/Strictly Necessary Cookies: Required for core Site functionality such as navigation, form submission, and security. These cannot be disabled without impairing Site performance.
  • Functional/Preference Cookies: Used to remember your preferences and settings (e.g., language, region selection) to enhance your experience.
  • Analytics Cookies: Used to collect aggregated data about Site usage patterns and performance. We configure analytics tools to minimize personal data collection where feasible.
  • Marketing and Tracking Cookies: We endeavor to minimize the use of third-party marketing cookies. Where such cookies are deployed by embedded third-party widgets or integrations, they are governed by the privacy policies of those third parties.

10.3 Your Cookie Choices

You may control cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that blocking essential cookies may impair Site functionality. Where required by applicable law, we present a cookie consent mechanism upon your first visit to our Site.

10.4 Aivorys Private Search

Our integrated Aivorys Private Search (powered by SearxNG) is specifically designed to provide anonymous, ad-free, tracking-free search results. Queries submitted through this tool are not associated with personal identifiers and are not stored for user profiling purposes.

11. Children's Privacy

Our Site and Services are not directed to individuals under the age of eighteen (18). We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe that your child has provided personal information to us without your consent, please contact us immediately at the contact details provided in Section 15. Upon verification, we will promptly delete such information from our systems.

If you are under 18, please do not access or use our Site or Services or submit any personal information to us.

12. HIPAA Notice — Healthcare and Protected Health Information

IMPORTANT NOTICE FOR HEALTHCARE PROVIDERS AND ORGANIZATIONS

The standard services offered by Carefree Computing — including, without limitation, our Multilingual Chatbot, AI Automation, Private AI Assistant, Remote IT Management, Real-Time Security Monitoring, Nextcloud CRM, SearxNG Search, and web design services — are NOT configured, designed, or warranted to comply with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, as amended (collectively, "HIPAA"), under their default configurations and standard subscription tiers.

Healthcare providers, covered entities, business associates, and any organization that creates, receives, maintains, or transmits protected health information ("PHI") as defined under HIPAA must NOT process, store, transmit, or otherwise handle PHI through Carefree Computing's standard platform environment unless a separate, dedicated HIPAA-compliant infrastructure agreement has been explicitly established with Carefree Computing in writing.

HIPAA-compliant infrastructure is available as a specialized, separately contracted service. Such services include, where applicable: execution of a Business Associate Agreement (BAA), deployment of dedicated (non-shared) infrastructure, implementation of HIPAA-required technical safeguards, access controls, audit logging, and breach notification procedures. These configurations are not included in any standard subscription tier (Budget, Expanding, Deluxe, or Full Service).

Carefree Computing expressly disclaims any representation, warranty, or assurance of HIPAA compliance in connection with its standard Services. Any use of standard Carefree Computing services for the processing of PHI without a separately executed HIPAA-compliant infrastructure agreement is undertaken solely at the client's own risk. Carefree Computing will not be liable for any regulatory penalties, enforcement actions, or damages arising from such unauthorized use.

To inquire about our dedicated HIPAA-compliant infrastructure solutions, please contact us at: support@carefreecomputing.com.

13. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or for other operational or business reasons. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this Privacy Policy.
  • Post the revised Privacy Policy on our Site at www.carefreecomputing.com.
  • Where required by applicable law or where we deem it appropriate, notify you by email or through a prominent notice on our Site.

Your continued use of the Site or Services following the posting of changes constitutes your acceptance of such changes. We encourage you to review this Privacy Policy periodically.

14. Third-Party Links

Our Site and Services may contain links to third-party websites, integrations, or services that are not operated by Carefree Computing. This Privacy Policy does not apply to those third-party platforms. We encourage you to review the privacy policies of any third-party service before providing personal information to it. We are not responsible for the content, privacy practices, or security of any third-party sites.

15. Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy, your personal information, or your rights, please contact us:

Carefree Computing (a division of Aivorys LLC) — carefreecomputing.com | carefreecomputing.cloud

Email: support@carefreecomputing.com

Website: www.carefreecomputing.com

Contact Form: www.carefreecomputing.com/contact-us/

For EU/EEA residents with GDPR inquiries, or California residents exercising CCPA/CPRA rights, please include "Privacy Request" in the subject line of your correspondence and send it to support@carefreecomputing.com. Both carefreecomputing.com and carefreecomputing.cloud are divisions of Aivorys LLC and are treated as a single legal entity for all privacy and data-protection purposes. We will endeavor to respond within the timeframes required by applicable law.

© 2026 Carefree Computing (Aivorys LLC). All Rights Reserved.
Need help? Chat with us