Describe a goal and coordinated agents plan it, run the steps, and deliver the
result. Every sensitive action waits at the approvals gate and is audit-logged.
Bring your own model — your keys stay encrypted.
Goal
“Summarise last week's pipeline and email the team”
Plan
Project kickoff, phase-by-phase plan
Agent
Runs each step with its tools, skills & powers
Approval
Outbound email pauses for a human ✓
Output
Delivered & logged for audit
Built for the work your team already does
Stand up automation your teams can rely on, across the functions that move fastest with it.
RevOps
Turn pipeline reviews and account research into scheduled, agent-run routines.
Finance
Reconcile, summarise and report on a schedule — with approvals before anything sends.
IT
Automate onboarding, access requests and routine tickets end to end.
Support
Draft, route and resolve — keeping a human in the loop on every customer-facing step.
Build AI agents you can actually trust
Connect any model. Approve every outbound action. Keep a full audit trail.
Bring your own model
Google Gemini by default, with OpenAI and Anthropic provider slots. Your API key is
encrypted at rest and scoped to your account.
Human-in-the-loop approvals
Outbound actions — send email, create an event, call an API — pause at the Approvals
gate until you approve them. Nothing leaves without a sign-off.
Audit everything
Every sensitive action is logged for review. Export or delete your data
from Settings at any time.
Visual when you want it. Code when you need it.
Workflow Automation gives you a drag-and-drop canvas — build a flow by connecting
simple steps, with human approval on anything sensitive.
Build flows on a visual canvas, or let AI draft one from a prompt.
Runs reliably on its own — steps retry and pick up where they left off.
Connect the tools you already use.
Start from a template, or import a workflow you already have.
// a step, anywhere in your flowreturn items.map(i => ({
json: {
account: i.json.name,
risk: scoreLead(i.json),
// pauses here if risk is high
approval: i.json.amount > 10000,
},
}));
One platform, five modules
Independent, but wired into the same AI agents and approvals.
Work Management
Turn goals into tracked, assignable tasks — organised into projects and sprints, for people and AI agents.
Workflow Automation
Build automations on a visual canvas, or from a plain-English prompt, with human approval on anything sensitive.
Customer Management (CRM)
Accounts and contacts, pipeline and deals, leads, activities and a dashboard — all in one place.
Workforce Management
Manage people and AI agents as one team: roles, accountability, skills and reviews.
Finance
Keep proper books: accounts, invoices, bills and clear financial reports.
How the modules work together
See how a single process moves across the platform — with AI agents and people working side by side.
1
Customer Management
captures the new lead with its account context.
2
Workflow Automation
triggers the right automation the moment it arrives.
3
AI Agent
researches the company and surfaces what matters.
4
Work Management
turns the findings into assigned, tracked tasks.
5
Workforce Management
records accountability and routes approvals to a person.
6
Finance
raises the invoice and keeps the books when the deal closes.
The result: agents and people run the same business process together — with approvals and an audit trail wherever it counts.
Enterprise-ready controls
Reliable. Auditable. Yours to control.
Security & access
Five-tier IAM roles (viewer → owner) with per-project overrides. BYO API keys,
encrypted at rest.
Observability
Audit logs for every sensitive action, usage metering and a public system-status
signal.
Workspace structure
Organisations → Projects, each with its own agents, tools, skills and powers.
AI governance
Human-in-the-loop approvals, guardrails and per-power permission policies.
Describe a goal — your agents plan, execute, and deliver it.
Ask SMAIVIZ
Suggested questions
We use cookies — essential ones to run SMAIVIZ, and optional ones for preferences
and anonymous diagnostics. You choose what we may store; nothing optional is set
until you allow it. See our
Cookie Policy.
Cookie preferences
Choose which cookies SMAIVIZ may use. Necessary cookies are always on; everything
else stays off until you allow it. Full details in the
Cookie Policy.
Appearance
Strictly necessaryAlways on
Required for sign-in, security (CSRF protection), remembering your cookie choice, and your appearance & accessibility settings. The service can't run without these, so they can't be switched off.
Functional
Remembers your language and chat-panel state across visits. Stored locally on your device.
Analytics
Anonymous, scrubbed front-end error diagnostics so we can find and fix bugs. No third-party analytics and no profiling.
Marketing
We don't use advertising or third-party tracking cookies today. This stays off unless that ever changes.
Choose a new password
Delete account
Your account will be scheduled for deletion. We keep your data for
90 days so you can sign in again to reactivate. All
sessions and API keys are revoked immediately. After 90 days the
account is permanently removed and audit-log entries are anonymized.
Please review our Terms & Conditions
and Privacy Policy and accept to continue.
We log security events for governance review; you can export or delete your data anytime from Settings.
No recent chats yet.
No agents yet — an Agent is a worker with a name + instructions.
No plans yet — describe a one-off task in the planner above and the engine will build a plan for it.
No routines yet — a Routine runs Agents on a schedule (or on-demand) and produces an Output.
No outputs yet — Routines produce these when they run.
Loading history…
Section
Frequently asked questions
Do I need to sign in to try SMAIVIZ?
You can browse the public pages — overview, documentation, FAQs, security, terms,
privacy and the blog — without an account. To use the app (chat, projects,
automations and your own AI assistants), you sign in so your work stays private to you.
Do I need to know how to code?
No. You describe what you want in plain English and SMAIVIZ helps build it — whether
that's an automation, an AI assistant, or a report.
What can I do with SMAIVIZ?
Run your business from one place: manage customers and deals, organise your team of
people and AI agents, plan and track work, automate the busywork, and build AI
assistants that do real tasks for you.
Which AI models can I use?
You can choose the AI model that best fits each task, and bring your own model key if
you prefer — so you stay in control of model choice, data, and cost.
Can AI act on its own, or do I stay in control?
You stay in control. Anything sensitive waits for your approval before it happens, and
you decide exactly what each AI agent is allowed to do.
Can I work as a team?
Yes. Invite your teammates and choose what each person can see and do — from
view-only access up to full control.
Is my data private and secure?
Yes. Your data and any keys you add are kept private to your account and encrypted, and
only you and the people you invite can see your workspace. You can also keep your data
in the region you choose.
Can I export or delete my data?
Anytime. Export everything we hold about you in one file from your settings, and delete
your account whenever you like — with a short grace window in case you change your mind.
How much does it cost?
You can start for free and upgrade when you're ready, so you only pay as your needs
grow.
Build an AI agent and chat with it or run it on a schedule.
Run your sales pipeline and keep customer records in one place.
Manage and govern a mixed human + AI workforce.
Automate repetitive processes end to end.
Agents & automation
Build AI workers, give them capabilities, and run them on a schedule or on
demand — with a human in the loop for anything sensitive.
Highlights
Agents — configurable AI workers you chat with or run.
Skills, Powers & Tools — ready-made abilities you add to an agent so it can do more.
Workflows — turn a plain-language goal into a reviewable, phase-by-phase plan.
Routines — scheduled or on-demand jobs that run agents and deliver an output.
Approvals — sensitive or outbound actions pause for human sign-off.
Top use cases
Stand up a personal or team assistant in minutes.
Automate a recurring report or task on a schedule.
Scope a goal into a plan before any work runs.
Keep AI actions safe with approval gates.
Kriya — work management
Plan, assign and track work across your team — with people and AI
agents as assignees.
Highlights
Tasks with owners, status, due dates, comments, files and dependencies.
Assign any task to a teammate or an AI agent that can do it.
Projects, sections and sprints to structure larger efforts.
Cadence to repeat work, plus AI-suggested tasks.
Top use cases
Run team projects and sprints in one tracker.
Hand routine tasks to AI agents.
Automate recurring work and follow-ups.
Hive — workforce
Manage your whole workforce — people and AI agents — as one
organisation.
Highlights
One directory of people and agents, with onboarding and offboarding.
Positions, requisitions and an org chart that survives turnover.
Keep AI accountable: every agent answers to a person, with limits you set.
Approvals, performance reviews, capacity and cost in one place.
Top use cases
Run HR for a blended human + AI team.
Govern what each AI agent can do and who's responsible.
Plan capacity and understand the cost of work.
Orbit — CRM
Your CRM — the companies you serve, the people inside them, and the deals in
your pipeline.
Highlights
Accounts and contacts with full activity timelines.
A drag-to-advance sales pipeline with forecasting.
Leads that convert to accounts, contacts and deals in one click.
A dashboard of pipeline value, win rate and team performance.
Top use cases
Track and manage your sales pipeline.
Keep a single source of truth for customer relationships.
Qualify leads and convert them without re-typing.
Flux — workflow automation
Build automated workflows visually and run them across your tools — with AI
help.
Highlights
Build automations visually by connecting simple steps.
Describe what you want in plain English and get a draft to start from.
Run them on a schedule, or whenever something happens.
Add human approval steps, and see a clear history of every run.
Top use cases
Automate multi-step processes across apps.
Add governed AI steps into existing workflows.
Replace manual, repetitive ops work.
Artha — finance
Keep proper books and see where your money goes — accounts, invoices, bills and clear reports.
Highlights
Track income and expenses with proper books.
Send invoices, and record bills and payments.
See clear financial reports at any time.
Work in more than one currency.
Top use cases
Keep your accounts in order without a separate tool.
Invoice customers and track what you're owed.
Understand profit, cash and spend at a glance.
Data & compliance
Keep your data private, in the right place, and easy to account for.
Highlights
Handle requests to access or delete personal data.
Keep data in the region you choose.
Review sensitive data and keep a clear record of important actions.
Log and manage any privacy or security incident.
Top use cases
Respond to data-subject and deletion requests.
Keep data in the right region.
Prove who did what, for audits.
Security & trust
Last updated: 16 June 2026.
Security is foundational to a platform that runs autonomous AI agents on your
behalf. This page summarises how we protect your account, your data, and the actions
taken in your workspace. For how we handle personal data, see our
Privacy Policy and
Cookie Policy.
AI governance & human oversight
SMAIVIZ includes governance controls designed for the responsible deployment and
operation of AI systems. These controls include:
Human approval workflows
Accountability chains
Agent autonomy controls
Audit logging
Permission boundaries
Role-based access controls
Organizations remain responsible for determining appropriate approval requirements,
governance policies, and autonomy settings for their agents.
Account & access
Modern password protection. Passwords are stored using a memory-hard, salted hashing algorithm — never in plain text — and are re-hardened as our parameters evolve.
Single sign-on. Optional Google sign-in (OpenID Connect) lets your team use existing, centrally-managed identities.
Secure sessions. Sign-in uses server-side sessions with hardened, same-site cookies; sessions can be revoked and expire automatically.
Role-based access & approvals. Each workspace has role-based access so people only see what they should, and sensitive agent actions can require explicit human approval.
Encryption
In transit. All traffic is served over HTTPS/TLS.
At rest. Sensitive secrets such as your provider API keys are encrypted with authenticated encryption before storage, held in plain text only for the moment a request needs them, and never written to logs.
Minimal exposure. Once saved, secrets are never returned to the browser — the interface shows only the last few characters so you can recognise a key without revealing it.
Application integrity
Database access is fully parameterised through an ORM, and user-supplied content is escaped before display — guarding against injection and cross-site scripting.
State-changing requests are protected against cross-site request forgery.
Authentication is rate-limited to slow brute-force and credential-stuffing attempts.
An append-only audit trail records security-relevant events, with retention and routine pruning.
We do not include third-party advertising networks in the product experience. Operational analytics, monitoring, security, support, and performance-improvement tooling may be used to operate, secure, maintain, and improve the Service.
Vulnerability management
We monitor security advisories affecting our infrastructure, software components, and
technology stack. Security updates are evaluated and applied according to risk,
severity, and operational impact. Critical vulnerabilities receive priority review and
remediation.
Abuse & bot defence
We apply layered defences at the network edge and the application boundary —
including a web application firewall, optional CAPTCHA, and adaptive rate limits — to
keep automated abuse away from your workspace. Suspicious activity is surfaced to
operators for review.
Monitoring & response
Security-relevant events are logged centrally and monitored, with automated alerts on
anomalous patterns so our team can respond quickly. We maintain operational runbooks
for incident handling.
Your data & AI
You own your content. Your prompts, files, and outputs are yours; we process them only to operate the Service.
No training on your content. We do not use your content to train our own models, and we do not sell it — see our Terms.
Bring your own keys. When you connect a model or cloud provider, your use of that provider is governed by your agreement with it.
Model providers
When AI models are used through the Service, prompts, files, and outputs may be
transmitted to the selected model provider to generate responses. Each provider
processes data according to its own terms, privacy commitments, and security practices.
Customers are responsible for reviewing the terms and policies of any third-party
providers they choose to use.
AI agent security
AI agents operate within permissions, guardrails, limitations, and autonomy levels
configured by the customer. Actions may be restricted, approved, audited, delayed, or
blocked based on organizational policies and governance requirements.
Every agent action can be traced through the accountability framework to a responsible
human. Organizations are responsible for reviewing agent configurations and ensuring
that autonomy settings are appropriate for their intended use cases.
Infrastructure
SMAIVIZ runs on Google Cloud, using managed, regularly-patched services. We restrict
production access on a need-to-know basis and keep configuration secrets separate from
application code.
Backup & recovery
Critical platform data is backed up regularly. Backups are encrypted and retained
according to operational requirements. Recovery procedures are periodically tested to
support restoration in the event of operational incidents, service disruption, or data
loss.
Personnel access
Access to production systems and customer data is restricted to authorized personnel
with a legitimate business need. Access permissions are reviewed periodically and
removed when no longer required. Administrative actions are logged and monitored.
Data residency
Customers may specify a preferred data residency region where supported. Actual storage
and processing locations depend on the deployment infrastructure, service configuration,
and applicable legal requirements.
Authentication roadmap
We continue to enhance account-security capabilities and identity-management features as
the platform evolves. Security features may be expanded over time to include additional
authentication, authorization, monitoring, and access-control capabilities.
Compliance & roadmap
We align our controls with widely-recognised security practices and are progressively
maturing toward formal third-party assessment as we move to general availability. If you
have specific compliance requirements, contact
sales@smaiviz.com.
Please do not publicly disclose vulnerabilities until we have had a reasonable
opportunity to investigate and remediate the issue.
Responsible disclosure
If you believe you've found a security vulnerability, please email
security@smaiviz.com with the details and
steps to reproduce. We welcome good-faith research: we will acknowledge your report and
will not pursue or support legal action against researchers who act in good faith, avoid
privacy violations and service disruption, and give us reasonable time to remediate
before any public disclosure.
Terms & Conditions
Effective date: 16 June 2026 · Last updated: 16 June 2026.
These Terms & Conditions (“Terms”) govern your access to and use of
SMAIVIZ (the “Service”), operated by Smaiviz Pvt. Ltd. (“SMAIVIZ”,
“we”, “us”), a company incorporated in India with its registered
office in Hyderabad, India. Please read them together with our
Privacy Policy and
Cookie Policy.
Definitions
“Service” means the SMAIVIZ platform.
“Account” means a registered user account.
“Organisation” means a legal entity using the Service.
“Workspace” means an environment within the Service.
“User” means any individual accessing the Service.
“Customer Data” means data submitted by users.
“AI Agent” means an automated software agent configured within the Service.
1. Acceptance of these Terms
By creating an account or using the Service, you agree to be bound by these Terms. If you
do not agree, do not register or use the Service. If you use the Service on behalf of an
organisation, you represent that you have authority to bind that organisation, and
“you” refers to that organisation. For business customers, any signed order
form or master agreement and our Data Processing Addendum take precedence over these Terms
to the extent of a conflict.
2. Eligibility
You must be able to form a legally binding contract to use the Service. The Service is
intended for business and professional use and is not directed to children.
Where you are below the age of majority or the age of digital consent in your jurisdiction,
you may use the Service only with the involvement and consent of a parent or legal guardian
to the extent permitted by law. How we handle children's data (including COPPA and the
verifiable parental-consent rules of India's DPDP Act) is described in the
Privacy Policy. If you believe a minor is using
the Service without proper consent, contact
privacy@smaiviz.com.
3. Accounts & security
You are responsible for all activity under your account and for keeping your password and API keys confidential.
Provide accurate registration information and keep it current.
Notify us promptly of any unauthorised access or security incident.
We may suspend or terminate accounts that violate these Terms, abuse the Service, or pose security or legal risk.
4. The Service
SMAIVIZ is a platform for building and running AI agents, workflows, and routines, with
governance, approvals, and an audit trail. We may add, change, or discontinue features. We
will give reasonable notice of materially adverse changes where practical.
The Service includes governance mechanisms such as approvals, accountability chains, audit
logs, autonomy controls, and human-oversight features designed to support the responsible
deployment of AI systems.
Beta features
We may provide features designated as alpha, beta, preview, early access, or experimental.
Such features may be modified, suspended, or withdrawn at any time and are provided without
any service-level commitment or warranty.
Service limits
The Service may impose limits on usage, storage, API calls, workflow executions, agent
runs, file uploads, and similar resources. Exceeding these limits may result in throttling,
additional charges, suspension, or upgrade requirements.
5. Your content
“Your Content” means the inputs you submit (prompts, files, configurations) and
the outputs generated for you. As between you and us, you own Your Content,
subject to the terms of any model or third-party provider you use. You grant us a limited,
worldwide, non-exclusive licence to host, process, and transmit Your Content solely to
operate, secure, and support the Service. We do not use Your Content to train our
own models, and we do not sell it. You are responsible for Your Content and for
having the rights and permissions needed to submit it. Except for Your Content, no
ownership rights in the Service, models, prompts, workflows, templates, or platform
materials are transferred to you.
6. Acceptable use
You agree not to use the Service to:
Violate any law or regulation, or infringe any third party's rights (including IP, privacy, and publicity rights).
Generate or distribute unlawful, harmful, infringing, defamatory, deceptive, or harassing content, malware, or spam.
Attempt to identify individuals from, or build profiles for, unlawful surveillance or discrimination.
Reverse engineer, decompile, or extract source code beyond rights expressly granted, or circumvent security or usage limits.
Interfere with or disrupt the integrity, security, or performance of the Service.
Copy, replicate, or commercially exploit substantial parts of the Service in order to create a competing product, or resell the Service, without our prior written agreement.
Access, scrape, harvest, index, or download the Service or its content by automated means (including bots, crawlers, scrapers, or headless browsers), other than a search engine that honours our robots.txt; or cache, store, or redistribute our content beyond ordinary personal use.
Copy, mirror, frame, or clone the Service's pages, design, layout, text, code, or other content, in whole or in part; or remove, alter, or obscure any proprietary notice or embedded identifier.
You must also comply with the acceptable-use and safety policies of any model or
infrastructure provider you use through the Service.
Your compliance responsibilities
You are responsible for ensuring that your use of the Service complies with applicable
laws, including employment, privacy, tax, export, consumer-protection, and AI-related
regulations.
7. AI outputs
The Service orchestrates third-party AI models. AI output may be inaccurate, incomplete,
biased, or unsuitable for your purpose, and similar prompts can produce different results.
You are responsible for reviewing and validating any output before relying on it,
and you must not rely on it for legal, medical, financial, safety-critical, or other
professional decisions without independent verification. The Service provides assistive
output; a human remains responsible for decisions and for actions taken through approvals.
AI outputs may be substantially similar to content generated for other users, and SMAIVIZ
does not guarantee the uniqueness of generated output.
8. Third-party services & your API keys
Your use of model and cloud providers (e.g. Google Gemini, OpenAI, Anthropic, AWS, Google
Cloud, Microsoft Azure) and of connectors you enable is subject to those providers' own
terms. When you bring your own API key, your use of that provider is governed by your
agreement with it; you authorise us to transmit your prompts and outputs to it to provide
the Service. We do not control third-party providers and are not responsible for their
availability, output, or acts.
9. Intellectual property & feedback
We and our licensors retain all rights in the platform, including its software, design,
and documentation. Except for the rights expressly granted, no licence is implied. If you
send us feedback or suggestions, you grant us a perpetual, irrevocable, royalty-free
licence to use them without restriction.
Open-source software
Certain components may include open-source software governed by their respective licences.
Nothing in these Terms overrides those licences.
10. Fees, billing & taxes
Paid plans are billed in advance through our billing provider; usage beyond plan limits may
be billed separately. Fees are exclusive of taxes, which are your responsibility. Unless
required by law or stated otherwise, fees are non-refundable. We may change pricing with
reasonable advance notice effective from your next billing period.
11. Privacy & data protection
Our handling of personal data is described in the
Privacy Policy. For business customers where we
act as a processor, a Data Processing Addendum is available on request and, once entered
into, forms part of these Terms and governs that processing.
Confidentiality
Each party agrees to protect confidential information received from the other party and to
use it only for purposes related to the Service.
12. Service availability & support
We aim for high availability but do not guarantee uninterrupted or error-free service.
Maintenance and incidents are surfaced via the in-app status indicator; scheduled
maintenance is announced in advance where reasonably practical.
13. Suspension & termination
You may stop using the Service and delete your account at any time from
Settings → Account; a 90-day grace and deletion
process applies as described in the Privacy Policy. We may suspend or terminate access for
breach of these Terms, suspected unlawful or harmful use, or to protect the Service or other
users, with notice where reasonable. Sections intended to survive termination (including
§§5, 7, 9, 14–18, 20, the Confidentiality clause, and the Definitions) continue to apply.
14. Disclaimers
Except as expressly stated and to the extent permitted by law, the Service is provided
“as is” and “as available” without warranties of any kind, express
or implied, including merchantability, fitness for a particular purpose, accuracy, and
non-infringement. Nothing in these Terms excludes or limits any warranty, guarantee,
or liability that cannot be excluded or limited under the law that applies to you —
including statutory consumer guarantees in jurisdictions such as the UK, Australia, India,
Canada, and Singapore.
15. Limitation of liability
To the maximum extent permitted by law, SMAIVIZ and its affiliates will not be liable for
any indirect, incidental, special, consequential, or punitive damages, or any loss of
profits, revenue, data, or goodwill, arising from or related to the Service. To the maximum
extent permitted by law, our total aggregate liability arising out of or related to the
Service will not exceed the greater of the amounts you paid us for the Service in the 12
months before the event giving rise to the claim, or USD 100. These limits do not apply to
liability that cannot be limited by law (such as for death or personal injury caused by
negligence, fraud, or wilful misconduct), and nothing here affects your non-excludable
statutory rights as a consumer.
16. Indemnification
You will indemnify and hold harmless SMAIVIZ and its affiliates from third-party claims,
losses, and reasonable costs arising out of Your Content, your use of the Service, or your
breach of these Terms — except to the extent caused by our own breach or unlawful conduct.
17. Export controls & sanctions
You represent that you are not located in, and will not use the Service in or for the
benefit of, any country or party subject to applicable trade sanctions or export-control
restrictions, and that you will comply with applicable export-control and sanctions laws.
18. Governing law & disputes
These Terms are governed by the laws of India, without regard to conflict-of-laws rules, and
the courts at Hyderabad, Telangana, India have jurisdiction over disputes. This does not
deprive you of the protection of mandatory consumer-protection laws of
your country of residence, or of your right to bring a complaint before, or seek remedies
from, a competent regulator or court where the law gives you that right.
19. Changes to these Terms
We may update these Terms. Material changes will be communicated via in-app banner or
email, and the “Last updated” date above will change. Continued use after the
changes take effect constitutes acceptance; if you do not agree, stop using the Service.
20. General
Entire agreement. These Terms, with the Privacy and Cookie Policies and any order form or DPA, are the entire agreement between you and us about the Service.
Severability. If any provision is unenforceable, the rest remains in effect.
No waiver. Failing to enforce a provision is not a waiver of it.
Assignment. You may not assign these Terms without our consent; we may assign them in connection with a merger, acquisition, or sale of assets.
Force majeure. Neither party is liable for delays or failures caused by events beyond its reasonable control.
Notices. We may give notice via the Service or by email; notices to us go to the address in §21.
No third-party beneficiaries except as expressly stated.
21. Contact
Questions about these Terms can go to
terms@smaiviz.com (or, for organisation accounts,
your workspace administrator). Privacy questions go to
privacy@smaiviz.com.
Effective date: 11 June 2026 · Last updated: 11 June 2026.
This Privacy Policy explains how Smaiviz Pvt. Ltd. (“SMAIVIZ”, “we”,
“us”), a company incorporated in India with its registered office in Hyderabad,
India, collects, uses, shares, and protects personal information, and the choices and rights
you have. Where a specific law gives you additional rights, the
region-specific section (§14) controls for residents of that region.
1. Who we are & our role
For individual (B2C) accounts, SMAIVIZ is the controller /
business / Data Fiduciary of the personal data you
provide. For business (B2B) customers, the customer organisation is the controller of its
end-users' data and SMAIVIZ acts as a processor /
service provider / Data Processor on its documented
instructions. Each organisation manages its controller posture (jurisdiction, DSAR
onboarding, data-protection contact, residency) at
Settings → Data & Compliance.
Contact for privacy matters, and our Grievance Officer (India) /
data-protection contact for other regions, is
privacy@smaiviz.com (see §17). Business-customer
end-users should contact their
organisation's administrator first.
2. Key terms
“Personal data” (also “personal information” in the US, and
“personal data” of a “Data Principal” under India's DPDP Act) means
information that identifies or relates to an identifiable individual. Under India's Digital
Personal Data Protection Act 2023 (“DPDP Act”) you are a Data
Principal and we are a Data Fiduciary. Under US state laws you are
a consumer; under UK GDPR you are a data subject.
“Customer Data” means prompts, files, configurations, workflows, tasks,
outputs, and other content submitted to or generated through the Service.
3. Information we collect
Account data: email address, optional display name, password hash (never plaintext), Google subject identifier when OAuth is used.
Session & device data: session identifier hash, IP address, user-agent, and session creation/expiry timestamps.
Credentials you add: third-party API keys you provide, encrypted at rest. We display only the last four characters in the UI.
Content you create: chats, prompts, agent/routine configurations, files, tasks, and the outputs the Service produces for you.
Audit log: action name, target, IP, user-agent, timestamp, and optional JSON metadata for sensitive actions. We do not write chat or routine contents to the audit log.
Consent records: consent version, acceptance timestamp, and IP — including your cookie-consent receipts (see the Cookie Policy).
Operational metrics: aggregated routine counts, token usage, and durations — not linked to chat contents.
Support communications: messages you send us and our responses.
Sources. We collect this information directly from you, automatically from
your use of the Service (sessions, security logs, diagnostics), and — for B2B accounts —
from the organisation that provisioned your account.
Workforce data. Organizations may use the Service to manage information
relating to workers, including people and AI agents.
Such information is processed solely to provide workforce-management, governance,
accountability, reporting, compliance, and operational functionality requested by the
customer.
Sensitive information. We do not require sensitive data to use the Service.
Input guardrails actively block payment-card and national-ID numbers and
redact emails/phone numbers from prompts. Where an organisation knowingly
processes special categories (children/teen, health, financial/payment, biometric), it must
declare them under Settings → Data & Compliance,
which records the lawful basis and safeguards. We do not use sensitive personal information
to infer characteristics about you.
4. How we use your information
Provide and operate the Service (authentication, sessions, agents, routine execution, delivering outputs).
Secure the Service (rate limiting, intrusion and fraud detection, abuse prevention).
Maintain a governance audit trail for sensitive and outbound actions.
Improve reliability and performance using aggregated, de-identified metrics and (with your consent) scrubbed error diagnostics.
Communicate with you about the Service, security, and support.
Comply with legal obligations and respond to lawful requests.
We do not use your prompts, content, or outputs to train our own models, and we do not sell your personal information.
5. Legal bases & grounds for processing
Where required (UK GDPR and similar), we rely on:
Performance of a contract — to provide the Service you signed up for.
Legitimate interests — security, fraud prevention, and service improvement (balanced against your rights), including:
Governance and accountability controls
Security monitoring and incident response
Audit-trail maintenance and compliance review
Abuse prevention and platform integrity
Consent — for optional cookies/diagnostics and any feature clearly marked as consent-based; you may withdraw consent at any time.
Legal obligation — retention of records as required by law.
Under India's DPDP Act we process personal data on your consent (given
after clear notice and itemised to purpose) or for permitted legitimate uses
(such as a purpose for which you voluntarily provided data, or to comply with law). In the
US, processing is disclosed at or before collection (§14.1) rather than relying on a consent
“legal basis”.
6. Cookies & similar technologies
We use first-party cookies and local storage as described in our
Cookie Policy. Non-essential cookies load only with
your consent; you can change or withdraw your choice any time via
.
7. How we share information
We disclose personal data only to the following categories of recipients, for the purposes shown:
AI model providers (Google Gemini by default; OpenAI, Anthropic, and others you select) — your prompts and outputs are transmitted for inference. When you bring your own key, processing is governed by your agreement with that provider.
Cloud & infrastructure providers (e.g. Google Cloud, AWS, Azure) — to host and run the Service.
Connectors you enable (e.g. email, calendar, Slack, GitHub) — only the data needed for the action you request, after the Approvals gate where applicable.
Professional advisers and authorities — only when required by law and after appropriate review.
A successor in a merger, acquisition, or asset sale, under equivalent protections.
Third-party AI providers may retain, process, or log data according to their own terms,
privacy policies, and operational requirements.
Customers should review the privacy and security commitments of any providers they choose
to use through the Service.
We do not sell personal information, and we do not share it
for cross-context behavioural advertising (as those terms are defined under US state laws).
We do not use third-party advertising networks or advertising cookies.
Operational analytics, monitoring, security, fraud-prevention, and support technologies may
be used to operate, secure, maintain, and improve the Service.
8. AI processing & automated decisions
SMAIVIZ is an AI platform: agents process the prompts and content you give them to plan and
run tasks. Outbound or sensitive actions pause at the Approvals gate for a
human to authorise. We do not make decisions that produce legal or similarly
significant effects based solely on automated processing without meaningful human
involvement, and we do not use your data for profiling for advertising. You can request human
review of any output. AI can produce inaccurate results; do not rely on outputs for legal,
medical, financial, or other professional decisions without independent verification.
8A. AI governance & accountability
SMAIVIZ provides governance controls designed to support responsible deployment of AI
systems. These controls may include:
Human approval workflows
Accountability chains
Agent autonomy controls
Audit logging
Permissions and access controls
Guardrails and policy enforcement
Organizations remain responsible for configuring these controls appropriately for their
use cases. Every AI agent action can be associated with a responsible human through the
accountability framework.
AI-generated outputs may be similar or identical to outputs generated for other users.
SMAIVIZ does not guarantee the uniqueness of AI-generated content.
9. International data transfers
Your data may be processed in regions selected by the deployment operator and the providers
listed in §7, which may be outside your country. Where data leaves your jurisdiction we rely
on appropriate safeguards — for example the EU/UK Standard Contractual
Clauses and the UK International Data Transfer Addendum, Australia's APP 8 reasonable
steps, Singapore PDPA transfer-limitation safeguards, Canadian comparable-protection
measures, and India's DPDP cross-border rules (transfers permitted except to countries the
Government restricts). Business customers can declare a preferred
data-residency region under
Settings → Data & Compliance; this preference is
advisory and actual residency depends on the deployment's infrastructure.
Transfer mechanisms and safeguards may change over time as laws, regulations, regulatory
guidance, and international transfer frameworks evolve.
10. Data retention
Account data: kept until you delete your account, then a 90-day grace window during which you can sign in to reactivate; after that the user row is permanently removed.
Audit log: 365 days by default (configurable). After deletion the entries are anonymised (user_id set to NULL) but the trail remains for compliance review.
Sessions: revoked on logout, password change, or account deletion; otherwise expire after one week of inactivity.
API keys: until you revoke them, or automatically on account deletion.
Cookie-consent receipts: kept to evidence your choice; the matching user link is removed on account deletion.
Backup retention
Deleted information may remain in encrypted backups for a limited period before being
automatically overwritten or removed according to operational backup-retention schedules.
Backup copies are protected using the same security controls applied to active systems
where reasonably practicable.
11. Security
We use strong, memory-hard password hashing, authenticated encryption for secrets at
rest, CSRF protection, rate limiting, secure cookies, brute-force throttling, and audit
logging. See our
Security Policy for additional information
regarding safeguards, governance controls, and security practices. No security
control is absolute; please use a unique password and protect your devices. We will notify
you and the relevant authorities of a personal-data breach as required by law (§15).
12. Children's privacy
The Service is not directed to children. We do not knowingly collect data from children
below the age of digital consent in your jurisdiction. If we become aware that a child
below the applicable minimum age has created an account without required parental or
guardian consent, we will take reasonable steps to remove the account and associated
personal data in accordance with applicable law. In the United States we
follow COPPA (under 13) and do not sell or
share the personal information of consumers we know to be under 16 without opt-in. In
India, processing the data of anyone under 18 requires verifiable consent of
a parent or lawful guardian, and we do not undertake tracking, behavioural monitoring, or
targeted advertising toward children.
13. Your privacy rights & how to exercise them
Subject to your region (§14), you may have the right to:
Access & portability — export your data any time as machine-readable JSON from Settings → Privacy & Data.
Correct / rectify — update your profile in Settings.
Delete / erase — delete your account from the Account page; a 90-day grace window applies, after which data is permanently purged (credentials, sessions, consents cascade).
Restrict / object — ask us to freeze processing; while restricted your data is kept and stays accessible/exportable/erasable but is not otherwise actively processed (AI generation is blocked).
Withdraw consent — as easily as you gave it (e.g. ), without affecting prior lawful processing.
Human review — of any AI output (§8).
Complain — to your data-protection regulator (§17).
To make a request, use the in-product tools above or contact us (§17). We verify requests
against your account, respond within the statutory window for your region (commonly ~30 days
for UK GDPR / India DPDP, ~45 days for US state laws, extendable as the law allows), and do
not discriminate against you for exercising your rights. You may use an authorised agent
where the law permits. Business-customer end-users: requests are routed
through the controller's DSAR service at
Settings → Data & Compliance; data a controller
holds outside SMAIVIZ remains its responsibility.
14. Region-specific rights
14.1 United States
If you are a US resident, you have rights under the California Consumer Privacy Act as
amended by the CPRA and under comparable laws in states including Virginia, Colorado,
Connecticut, Utah, Texas, Oregon, Montana, and others. These include the rights to
know/access the categories and specific pieces of personal information we
collect, the sources, business purposes, and categories of recipients; to
delete and correct your information; to opt out of
the sale or sharing of personal information and of targeted advertising; to
limit the use of sensitive personal information; to non-discrimination
for exercising rights; and, in several states, to appeal a denied request.
Categories we collect (CCPA): identifiers (email, IP); internet/network activity (session and security logs); user content you provide; and inferences only as needed to operate the Service.
No sale or sharing. We do not sell or share personal information and have not in the preceding 12 months. Because we do not sell or share, there is nothing to opt out of — but you may still record a preference under Preferences → Privacy, and we honour Global Privacy Control (GPC) signals.
Sensitive personal information. We do not use or disclose it for purposes beyond providing the Service.
Authorised agents may submit requests with proof of authorisation; we may still verify your identity.
“Shine the Light” (California Civil Code §1798.83): we do not disclose personal information to third parties for their direct-marketing purposes.
14.2 India (Digital Personal Data Protection Act, 2023)
If you are in India, you are a Data Principal and we are a Data
Fiduciary. We process your personal data based on your consent
(given after clear notice, itemised to purpose, and withdrawable) or a permitted
legitimate use. You have the right to:
Access a summary of the personal data we process and the processing activities and recipients.
Correction, completion, updating, and erasure of your personal data.
Grievance redressal — raise a grievance with our Grievance Officer (§17), who will respond within the period prescribed by law.
Nominate another individual to exercise your rights in the event of death or incapacity.
Withdraw consent at any time, as easily as it was given.
If your grievance is not resolved, you may escalate to the Data Protection Board of
India. Where you may manage consent through a registered Consent
Manager, we will honour valid instructions received through it. Children's data is
handled per §12 (verifiable parental consent for under-18s; no tracking, behavioural
monitoring, or targeted advertising). We will report personal-data breaches to the Board and
affected Data Principals as required.
14.3 United Kingdom (UK GDPR & Data Protection Act 2018)
You have the rights of access, rectification, erasure, restriction, portability, and to
object to processing, plus rights relating to automated decision-making (§8). Our legal bases
are in §5. You may lodge a complaint with the Information Commissioner's Office
(ICO).
14.4 Canada (PIPEDA & provincial laws)
You may access your personal information, challenge its accuracy, and withdraw consent
(subject to legal or contractual limits). Quebec residents have additional rights under Law
25. You may complain to the Office of the Privacy Commissioner of Canada (OPC)
or your provincial regulator. We report breaches posing a real risk of significant harm to
the OPC and to you.
14.5 Australia (Privacy Act 1988 & the Australian Privacy Principles)
You may request access to and correction of your personal information, and you may deal with
us anonymously or by pseudonym where lawful and practicable. Cross-border disclosures follow
APP 8. Eligible data breaches are notified under the Notifiable Data Breaches scheme. You may
complain to the Office of the Australian Information Commissioner (OAIC).
14.6 Singapore (Personal Data Protection Act)
You may request access to and correction of your personal data, and withdraw consent. We
collect, use, and disclose personal data only for purposes a reasonable person would consider
appropriate and that we have notified to you. Our data-protection contact (DPO) is in §17,
and you may complain to the Personal Data Protection Commission (PDPC). We
notify notifiable breaches to the PDPC and affected individuals.
14.7 All other regions
If you are outside the regions named above, we still apply the protections in this policy as
our baseline. Where your local data-protection law grants you rights — such as to access,
correct, or delete your data, to object to or restrict processing, to withdraw consent, or to
complain to a supervisory authority — we will honour them. Contact us (§17) and we will
respond in line with applicable law.
Subprocessors
We may engage trusted subprocessors and service providers to assist in delivering the
Service. Such subprocessors may provide infrastructure, hosting, security, analytics,
communications, customer support, or AI processing services.
We require subprocessors to maintain appropriate confidentiality, privacy, and security
obligations. A list of significant subprocessors may be published separately or provided
upon request.
15. Data-breach notification
If a breach of security leads to the unauthorised access, loss, or disclosure of your
personal data, we will assess it and notify the competent authority and affected individuals
where required and within the timelines set by your law — for example without undue delay and
within 72 hours to the ICO (UK), to the Data Protection Board of India and affected
principals, to the OAIC (Australia) and PDPC (Singapore) for notifiable breaches, to the OPC
(Canada) for real-risk-of-significant-harm breaches, and as required by applicable US state
breach-notification laws.
16. Changes to this policy
We may update this policy. Material changes will be announced via an in-app banner and the
“Last updated” date above will change. Continued use after the effective date
indicates acceptance of the updated policy.
17. How to contact us & complain
For privacy questions, requests, grievances, or to exercise your privacy rights, contact:
Smaiviz Pvt. Ltd.
[Full registered office address]
Hyderabad, Telangana, India
Business-customer end-users should contact their organization's administrator first
regarding data controlled by that organization.
You also have the right to complain to your applicable regulator, including:
Data Protection Board of India (India)
Information Commissioner's Office (United Kingdom)
Office of the Privacy Commissioner of Canada
Office of the Australian Information Commissioner
Personal Data Protection Commission (Singapore)
California Privacy Protection Agency and applicable State Attorneys General (United States)
Payment & subscription terms
Version: 2026-06-14 · Last updated: 14 June 2026.
These Payment & Subscription Terms (the “Payment Terms”) govern your purchase
and use of paid plans on SMAIVIZ, operated by Smaiviz Pvt. Ltd.
(“SMAIVIZ”, “we”, “us”). They supplement, and are in
addition to, our Terms of Service and Privacy Policy, which you also accept. By selecting a
plan and clicking I agree, you accept these Payment Terms.
1. Plans, seats & billing cycle
Paid plans are billed per seat, per billing cycle (monthly unless stated
otherwise) in advance. The price shown at checkout for your region applies. We may change
plan pricing or features on a prospective basis with notice; changes do not affect the cycle
you have already paid for.
2. Free trial
Paid plans may start with a free trial of the length shown at checkout
(e.g. 7 days). A valid payment method is required to start the trial. Unless you
cancel before the trial ends, the plan automatically converts to a paid subscription
and we charge your payment method the then-current fee for your selected plan and seats. You
can cancel at any time during the trial from Billing settings to avoid being charged.
3. Automatic renewal & cancellation
Subscriptions renew automatically at the end of each billing cycle until you
cancel. You authorise us (and our payment processors) to store your payment method and charge
it for each renewal. You may cancel renewal at any time from Billing settings; cancellation
takes effect at the end of the current paid cycle, and you retain access until then. We do
not provide pro-rated refunds for partial cycles except where required by law (see §6).
4. Payment processing
Payments are processed by third-party providers — Stripe (for customers
billed in USD) and Razorpay (for customers billed in INR). Your card and
payment details are handled by these processors under their terms and privacy policies; we do
not store full card numbers. You are responsible for keeping a valid payment method on file.
5. Taxes (incl. GST)
Fees are exclusive of taxes unless stated. You are responsible for any applicable sales tax,
VAT, or GST. For Indian customers, 18% GST applies; provide
your GSTIN at checkout to receive a tax invoice. Where we are required to
collect tax, it is added at checkout.
6. Refunds
Except where required by applicable law or expressly stated, fees are non-refundable
and there are no refunds or credits for partial periods, unused seats, or features not used.
If you believe you were charged in error, contact billing support and we will review in good
faith.
7. Failed payments & suspension
If a charge fails, we may retry and notify you. If payment remains unpaid, we may
downgrade, suspend, or restrict access to paid features until the balance is
settled. We are not liable for loss of access arising from a failed payment.
8. Plan changes
You can upgrade, downgrade, or change seat counts from Billing settings. Upgrades may be
charged immediately (prorated by the processor where supported); downgrades take effect at the
next cycle. Enterprise plans are governed by a separate order form or agreement.
9. Changes to these terms
We may update these Payment Terms. Material changes are versioned; when the version changes we
will ask you to review and accept the updated terms before continuing to use paid features.
10. Governing law & contact
These Payment Terms are governed by the laws stated in our Terms of Service. For billing
questions, contact billing@smaiviz.com.
Cookie policy
Last updated: 11 June 2026 · Policy version:2026-06-11
This Cookie Policy explains how Smaiviz Pvt. Ltd. (“SMAIVIZ”) uses cookies and
similar technologies, and the choices you have. It supplements our
Privacy Policy.
1. What are cookies & similar technologies
Cookies are small files a site stores in your browser. We also use comparable
local-storage entries on your device. Together we call these
“cookies” in this policy. All of the cookies we use are
first-party (set by SMAIVIZ) — we set no third-party advertising
or tracking cookies, and we do not use cookies to sell or share your information or
for cross-context behavioural advertising.
2. Why and on what basis we use cookies
Strictly necessary cookies are used because the Service cannot run without
them (sign-in, security, and remembering your choice); most laws permit these without
consent. For all other cookies our basis depends on your region:
UK, India, Canada, Australia, Singapore — we ask for your prior consent before setting non-essential cookies (UK PECR/UK GDPR; India DPDP; PIPEDA; the Privacy Act/APPs; the PDPA).
United States — we provide notice and choice; you can opt out of non-essential cookies at any time, and we honour Global Privacy Control (GPC) signals where applicable.
3. How we ask for consent
On your first visit we show a cookie banner with equal-prominence Accept all,
Reject non-essential, and Cookie settings choices. Every non-essential
category is off by default; we never load optional cookies before you
choose, and ignoring the banner stores nothing optional. Your choice is recorded against a
policy version, and if we materially change this policy we will ask again. You can change or
withdraw your choice at any time — as easily as you gave it — via the
link in the footer.
4. Categories we use
Strictly necessary — sign-in, security, remembering your cookie choice, and your appearance & accessibility settings (a user-requested preference we keep so the interface stays usable).
Functional — remembers your language and chat-panel state.
Analytics — anonymous, scrubbed front-end error diagnostics so we can fix bugs. No third-party analytics, no profiling.
Marketing — none today. We set no advertising or third-party tracking cookies; this category stays empty unless that ever changes.
5. The cookies we use
All of the following are first-party (provider: SMAIVIZ).
Name
Type
Category
Purpose
Duration
smaiviz_session
Cookie (HttpOnly)
Necessary
Keeps you signed in.
Session lifetime
smaiviz_csrf
Cookie
Necessary
CSRF protection (double-submit token).
Session lifetime
smaiviz_cookie_consent
Cookie
Necessary
Stores your cookie choices and the policy version they apply to.
12 months
smaiviz_authed
Local storage
Necessary
A sign-in breadcrumb that prevents a page flash on load.
Until sign-out / cleared
smaiviz_prefs
Local storage
Necessary
Your appearance & accessibility settings (theme, contrast, motion, text size) — kept as an essential, user-requested preference.
Until cleared
smaiviz_locale
Local storage
Functional
Your chosen language.
Until cleared
chat-dock-state
Local storage
Functional
Remembers whether the chat panel is minimised, open or maximised.
Until cleared
Saved chats cache
Local storage
Functional
A local copy of your recent chats for faster loads.
Until cleared
Anonymous diagnostics
No cookie — network report
Analytics
Sends scrubbed front-end error reports to our servers; nothing is stored in your browser.
n/a
We record a consent receipt (the categories you chose, the policy version,
a timestamp, and your IP address) so we can demonstrate your choice if asked. See the
Privacy Policy for how we handle that data and your
rights.
6. Do Not Track & Global Privacy Control
Because we set no tracking or advertising cookies, there is no cross-site tracking to switch
off. Where applicable in the United States, we treat a recognised Global Privacy
Control (GPC) browser signal as a valid opt-out of any non-essential processing.
7. Managing your choices
Use
to review or change your consent at any time. You can also block or delete cookies through
your browser settings — though strictly-necessary ones will be re-created as needed for the
Service to work, clearing them will sign you out, and disabling local storage may break some
features.
8. Region-specific notes
United States — we provide this notice and honour GPC; we do not sell or share personal information through cookies.
United Kingdom — non-essential cookies are set only with your prior consent under PECR and UK GDPR.
India — non-essential cookies are set only with your consent under the DPDP Act; you may withdraw it at any time.
Canada, Australia, Singapore — we obtain consent for non-essential cookies and limit use to the purposes described above (PIPEDA; the Privacy Act/APPs; the PDPA).
All other regions — where your local law requires consent for non-essential cookies we ask for it; otherwise we apply the above as our baseline and honour any rights your local law provides.
9. Changes to this policy
If we materially change how we use cookies we will bump the policy version, update the date
above, and ask for your consent again the next time you visit.
Practical ways teams use SMAIVIZ to get real work done — automation, a CRM, a team of
people and AI agents, and tasks your AI can run. Simple ideas you can put to work today.
Promoted by SMAIVIZ — smaiviz.com.
Automate the busywork: workflows that run themselves
Build an automation once and let it run — on a schedule, or whenever something happens.
Describe what you want in plain English and watch it come together on a simple visual
canvas. No code, no copy-paste.
What you can automate
Send a weekly summary or report to your team, automatically.
Welcome every new customer with the right emails and a setup checklist.
Move information between your tools so nothing is re-typed.
Chase overdue invoices or pending follow-ups without lifting a finger.
Kick off a checklist the moment a deal is won or a form is submitted.
Built so you stay in control
Add a quick human approval before anything important is sent.
See a clear history of every run, so you always know what happened.
Start with one step and add more as you go.
Why teams love it
Hours of repetitive work disappear every week.
Fewer dropped balls and missed steps.
Your team focuses on people and decisions, not data entry.
Hive gives you one place to organise everyone who does work for you — your people and your
AI agents — side by side, with the same clarity and the same controls.
What you can do
Keep one directory of your whole team, people and AI together.
Onboard new joiners (and new agents) with a simple checklist.
See who reports to whom on a clear org chart.
Find the right person — or agent — for any job.
Plan capacity and understand the real cost of getting work done.
Run lightweight performance check-ins.
Especially good for AI
Always know which person is responsible for what an AI agent does.
Decide exactly what each agent is allowed to do.
Review an agent's important actions before they happen.
Why it matters
One source of truth for "who does what" as your team grows.
Orbit is your CRM — the companies you work with, the people inside them, and the deals
you're working on, all in one tidy place your whole team can see.
What you can do
Track every company and contact, with a full history of calls, notes and meetings.
See your whole sales pipeline on one board and move deals forward.
Turn a new lead into a customer record in one click.
Know your pipeline value, win rate and what's slipping — at a glance.
Never lose track of a follow-up again.
Use cases
A salesperson opens a contact and instantly sees every past conversation.
A manager checks the pipeline each morning to see what needs a push.
A new rep picks up an account without missing a beat.
Kriya is where you organise work into projects and tasks, give each task an owner, and
track it to done. The twist: an owner can be a person or an AI agent.
What you can do
Break big goals into tasks with owners and due dates.
Organise work into projects and short, focused sprints.
Assign a task to a teammate — or to an AI agent that can do it.
Set recurring tasks so routine work never falls off the list.
See everything in flight in one view.
Use cases
Run a product launch as a project with clear owners.
Hand a research or drafting task to an AI agent and review the result.
Create an AI helper, tell it how you want it to work, and put it to work — in a chat, on a
task, or on a schedule. It does the legwork; you stay in charge.
What you can do
Set up an assistant for research, drafting, summaries or answering questions.
Give it the abilities it needs for the job.
Let it run on a schedule and deliver results to you.
Keep it focused with your own instructions and reference material.
Use cases
A weekly market summary, written and delivered every Monday.
A support helper that drafts replies for your team to approve.
An onboarding assistant that answers new hires' common questions.
SMAIVIZ