Privacy

Privacy Policy

Effective date: 2026-05-26. Plain-English summary first; legal text below as we finalize.

What we collect

• Account data — your name, email, company name, billing details. Required to run the service.
• Telephony metadata — call detail records: who called whom, when, for how long, on what trunk. Retained per your plan's retention setting.
• Recordings & voicemail — only when you turn them on. Stored under your tenant's prefix; never co-mingled with another tenant.
• SMS — message bodies on DIDs you own. Retained for compliance windows where required (varies by jurisdiction).
• Usage metrics — concurrent calls, minutes, SMS segments. Used for billing.

What we don't do

• We don't sell your data. Ever.
• We don't train AI models on your call audio or transcripts.
• We don't share call content with third parties except where required by lawful process.

Sub-processors

We use the following sub-processors. Each is bound by a data-processing agreement.

• AWS — hosting, storage, DNS, secrets.
• Upstream carrier(s) — calls, SMS, DIDs. Specific provider(s) named in our subprocessor list available on request.
• Stripe — payment processing. We never see your card number.

Your rights

Use the contact form to access, correct, export, or delete your personal data — include "privacy request" in your message. We honor GDPR Article 17 erasure requests and CCPA delete requests on a 30-day SLA.

Changes

We'll notify you by email 30 days before any material change to this policy.