Privacy Policy

1. Introduction

Repstly ("we," "our," or "us") operates an AI-powered virtual receptionist and calendar management platform. This Privacy Policy explains how we collect, use, and protect your information when you use our services.

2. Information We Collect

2.1 Account Information

• Company name, email, phone number
• User names, email addresses, roles
• Billing and subscription information

2.2 Voice and Communication Data

• Voice recordings from calls handled by our AI assistants
• Call transcripts and conversation summaries
• Call duration, timing, and metadata
• Phone numbers (caller and company numbers)

2.3 Calendar and Scheduling Data

• Calendar events, appointments, and availability
• Customer contact information for scheduled appointments
• Service descriptions and pricing information
• Integration tokens and authentication data

2.4 Usage Data

• Platform usage analytics
• API calls and system performance data
• Error logs and debugging information

3. How We Use Your Information

3.1 Provide Services

• Operate AI virtual receptionists
• Schedule and manage calendar appointments
• Process customer calls and inquiries
• Generate call summaries and reports

3.2 Improve Services

• Analyze call patterns and effectiveness
• Enhance platform features and reliability

3.3 Business Operations

• Process billing and payments
• Provide customer support
• Send service notifications and updates
• Ensure security and prevent fraud

4. Google Calendar Integration

4.1 Data Access

When you connect Google Calendar:

• We access your calendar events and availability
• We can create, modify, and delete calendar events
• We store authentication tokens securely

4.2 Data Usage

• Calendar data is used solely to schedule appointments
• We do not access personal calendar events unrelated to our services
• Data is isolated per company - no cross-company access

4.3 Third-Party Integration

• We comply with Google API Services User Data Policy
• Calendar data is not used for advertising or non-service purposes
• You can revoke calendar access at any time

5. SMS Communications

Mobile phone numbers collected through our booking system or AI voice assistant will not be shared with third parties or affiliates for marketing or promotional purposes. Customers may receive transactional SMS messages including appointment confirmations, reminders, and status updates. Message frequency varies based on appointment activity. Message and data rates may apply. Reply STOP to unsubscribe at any time, or HELP for help.

All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

Carriers are not liable for any delayed or undelivered messages.

For full details about our SMS communications, opt-in methods, and message examples, see our SMS Communications & Consent page.

6. Data Sharing and Disclosure

6.1 We Do Not Sell Your Data

We never sell, rent, or trade your personal information.

6.2 Limited Sharing

We may share data only in these circumstances:

• Service Providers: Trusted vendors who help operate our platform
• Legal Requirements: When required by law or legal process
• Business Transfers: In case of merger or acquisition
• Consent: When you explicitly authorize sharing

6.3 Third-Party Service Providers

We work with the following trusted service providers, each bound by strict data protection agreements. Data is shared only as necessary for service functionality:

• Google Gemini: AI language model processing for voice assistant conversations
• Deepgram: Real-time speech-to-text transcription of calls
• Twilio: Voice call infrastructure and SMS delivery
• Google Firebase / Firestore: Database and authentication services
• Stripe: Payment processing and billing
• SendGrid: Transactional email delivery
• Railway: Cloud infrastructure and hosting

7. Data Security

7.1 Protection Measures

• Industry-standard encryption for data in transit and at rest
• Secure authentication and access controls
• Regular security audits and monitoring
• Isolated data storage per company

7.2 Voice Data Security

• Voice recordings are encrypted and securely stored
• Access is limited to authorized personnel only
• Automatic deletion policies for old recordings

8. Data Retention

8.1 Retention Periods

• Call Records: Retained for 12 months unless deleted earlier
• Calendar Data: Retained while integration is active
• Account Data: Retained while your account is active
• Billing Data: Retained as required by law

8.2 Deletion

• You can request data deletion at any time
• Account deletion removes all associated data
• Some data may be retained for legal compliance

9. Your Rights

9.1 Access and Control

• View all data we have about your company
• Export your data in standard formats
• Correct inaccurate information
• Delete your account and data

9.2 Calendar Integration Control

• Disconnect Google Calendar integration at any time
• Revoke access through Google Account settings
• Request deletion of calendar-related data

10. International Data Transfers

Data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.

11. Children's Privacy

Our services are not intended for individuals under 18. We do not knowingly collect personal information from children.

12. Cookie Policy

We use cookies and similar technologies for:

• Authentication and security
• Platform functionality
• Analytics and performance monitoring
• User preferences

You can control cookie settings through your browser.

13. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notifications.

14. Contact Information

15. Compliance

This policy complies with:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Google API Services User Data Policy
• Industry best practices for data protection