How we handle your data and your callers' data.

01Scope of this policy

This policy applies to information we collect through the Website and through the Services. It does not apply to third-party websites, applications, or services that are not operated by Phonewright, even if they integrate with the Services. Their own privacy policies govern.

02Our role in your data

For the Website, Phonewright acts as the controller of personal information about visitors and prospects (people who fill out our audit form, email us, or call our line).

For the Services, Phonewright acts as a processor (or service provider) on behalf of our business client. The business owns and is responsible for the personal information of its callers and customers. We process that information only to provide the Services described in our Service Agreement with the client.

03Information we collect

From visitors and prospects on the Website

• Contact and audit-request details you submit through forms: name, company, trade, email, and phone number.
• Email and phone correspondence when you write to [email protected] or call (405) 555-0100. Calls to our line outside business hours are answered by a Phonewright agent and may be recorded and transcribed.
• Audit data: call logs you send us, or call records from a one-week test number we provision for you.
• Basic device and request information from standard server logs (IP address, browser, referrer, pages requested, timestamp).

From callers and end customers (when we operate Services)

• Call audio: the recording of the conversation between the caller and the AI agent (and any transferred human).
• Transcripts and structured fields derived from the call: caller name, address, problem description, urgency, scheduling preferences, and so on.
• Telephony metadata: phone numbers, call time and duration, routing information, device or carrier signals, voicemail.
• SMS messages: content and metadata of follow-up texts sent or received in the course of handling a job.
• Records exchanged with your tools: entries written to or read from your CRM, scheduler, or dispatch software.

04How we use information

We use information to:

• Operate the Website and respond to inquiries from prospective clients.
• Run missed-call audits and prepare findings for the requesting business.
• Build, configure, monitor, tune, and maintain the AI phone system for our business clients.
• Diagnose errors, prevent abuse, and secure our systems.
• Comply with legal obligations and enforce our agreements.
• Improve the reliability and quality of the Services through aggregated, de-identified operational metrics. We do not use the substance of your call recordings or transcripts to train general-purpose AI models for unrelated parties.

05Calls, recordings, and transcripts

Our default configuration plays a clear notice at the start of each call that the call may be recorded for service quality. Recording, retention, and use of those calls are configured per the Service Agreement with our business client.

Many U.S. states require all-party consent for call recording. Our business clients are responsible for ensuring that the recording configuration is lawful in the jurisdictions where their callers are located. If you are a caller and you do not wish to be recorded, please tell the agent or hang up and ask the business for an alternative way to reach them.

Recordings and transcripts are stored on our infrastructure and on the infrastructure of our sub-processors. They are retained for the period set in the Service Agreement (typically 30 to 180 days for raw audio, longer for derived structured data). Access is limited to staff and sub-processors who need it to deliver and support the Services.

06SMS and messaging

The Services may send and receive SMS messages on behalf of our business client, for example, confirming an appointment, sending an emergency dispatch summary to the on-call technician, or following up after a missed call.

SMS senders register with carriers and follow carrier and CTIA messaging guidelines. Recipients can reply STOP at any time to opt out of further non-transactional messages from a given sender. Standard message and data rates may apply.

07AI processing

The Services use third-party AI models for speech recognition, language understanding, response generation, and voice synthesis. Your call audio and transcripts are sent to these models in real time so the agent can hold a conversation, capture details, and trigger actions in your tools.

We select AI sub-processors that contractually agree not to use customer inputs and outputs to train their general models. Where possible, we configure their APIs with the most privacy-preserving settings available, including zero-retention or short-retention modes.

AI systems can make mistakes. They can mis-transcribe, mis-route, or hallucinate. We design fallback rules, escalation paths, and human review to limit the impact of those mistakes, and we surface them to you for tuning.

08How we share information

We share information only with:

• Sub-processors that help us operate the Services, including telecom carriers, AI model vendors, hosting and storage providers, scheduling and CRM platforms (when you ask us to integrate with them), and analytics tools. Each is bound by a written agreement that limits their use of the information.
• Our business clients: when we are processing call data on their behalf, that data is delivered to them.
• Professional advisors (lawyers, accountants, auditors) under duties of confidentiality.
• Authorities when required by law, valid legal process, or to protect the rights, property, or safety of Phonewright, our clients, or others.
• An acquirer in connection with a merger, acquisition, financing, or sale of assets, with notice and protections required by law.

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising.

09Cookies and analytics

The Website uses a small number of cookies and similar technologies that are strictly necessary for the site to function. Web fonts are served by Google Fonts. We may add lightweight, privacy-respecting analytics over time; if we do, this section will be updated to describe what is collected and how to opt out.

You can control cookies through your browser settings. Disabling cookies may affect Website functionality.

10Security

We use administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit, encryption at rest for stored recordings and transcripts, role-based access control, audit logging, and vendor diligence. No security program is perfect, and we cannot guarantee that information will never be accessed by an unauthorized party. We will notify affected parties as required by law in the event of a security incident that materially affects them.

11Retention

We retain personal information for as long as needed to provide the Website and Services, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods for call recordings, transcripts, and derived records are set in the Service Agreement with each business client.

On termination of a Service Agreement, we will help our client export their data for a reasonable transition period (typically thirty days) and then delete or return it as agreed. Backup copies may persist for a limited additional period before being overwritten in the normal course.

12Your privacy rights

Depending on where you live, you may have rights to access, correct, delete, port, or restrict the processing of personal information about you, and to object to certain processing or withdraw consent. Residents of California, Colorado, Connecticut, Virginia, Utah, and other U.S. states with comprehensive privacy laws have rights under those laws; residents of the EU, UK, and certain other jurisdictions have rights under the GDPR or similar laws.

For information collected through the Website, you can exercise these rights by writing to [email protected]. We will verify your identity before responding and reply within the period required by the applicable law.

For information collected through the Services on behalf of a business client (for example, your call to a service business that uses Phonewright), please direct your request to that business. We will assist them in responding.

You may also have the right to appeal a decision we make about your request, and to lodge a complaint with the data protection authority for your jurisdiction.

13Children's privacy

The Website and Services are not directed to children under 16, and we do not knowingly collect personal information from children. If you believe we have collected personal information from a child, contact us and we will delete it.

14International transfers

We are based in the United States, and our infrastructure and most of our sub-processors operate in the United States. If you access the Website or place a call from outside the United States, your information will be transferred to and processed in the United States and other countries that may have different data protection laws than your country of residence. Where required, we use appropriate safeguards (such as standard contractual clauses) for international transfers.

15Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent change. If a change is material, we will provide additional notice, such as an email or a banner on the Website.

16Contact

Questions or requests about this policy can be sent to [email protected] or by mail to Martinsburg Design, LLC (Phonewright), Oklahoma City, Oklahoma. You can also call (405) 555-0100.