Privacy Policy

Last Updated: [DATE]

Company: Smart Receptionist

Contact: [PRIVACY EMAIL]

Mailing Address: [COMPANY ADDRESS]

This Privacy Policy is a practical first draft for internal and legal review. It is not legal advice and should be reviewed by qualified counsel before publication.

1. Overview

Smart Receptionist provides AI receptionist services, SMS handling, call summaries, lightweight CRM features, customer logins, and dashboard-based management tools for salons and other small service businesses. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our websites, applications, communications features, and related services.

By using Smart Receptionist, you acknowledge that your information may be collected and used as described in this Privacy Policy.

2. Scope

This Privacy Policy applies to:

• visitors to our website
• customers who create accounts or purchase services
• authorized users of customer accounts
• business contacts who communicate with us
• end customers or callers whose information may be processed through our platform on behalf of our customers

In some cases, Smart Receptionist acts as a service provider / processor on behalf of a business customer that uses the platform to manage calls, texts, contact records, appointment-related workflows, and communications.

3. Information We Collect

We may collect the following categories of information:

A. Account and login data

• name
• business name
• email address
• phone number
• billing contact details
• username and password or authentication credentials
• account settings and permissions
• customer support history

B. Call and SMS data

• business phone numbers provisioned through the service
• incoming and outgoing call metadata, such as date, time, duration, direction, and status
• call recordings, if enabled
• voicemail recordings
• call transcripts generated through speech-to-text tools
• summaries, tags, classifications, and AI-generated notes
• SMS and MMS message content, metadata, attachments, and delivery status
• call routing, forwarding, and workflow settings

C. Contact and customer data

• names
• phone numbers
• email addresses
• appointment-related notes
• service history or customer interaction notes
• custom fields entered by the customer
• lead source or pipeline data
• internal labels and status markers

D. Usage and analytics data

• device type
• browser type
• IP address
• approximate geolocation inferred from IP
• pages viewed
• referral URLs
• session behavior
• clicks, errors, and performance data
• product usage logs and event history

E. Payment and billing data

• billing address
• subscription plan details
• invoices and payment status
• limited payment-related identifiers provided by our payment processor

We do not typically store full payment card numbers ourselves. Payment card information is generally handled by our third-party billing or payment processor.

F. Integration data

If you connect third-party services, we may collect or receive data necessary to operate those integrations, such as:

• calendar account metadata
• scheduling data
• CRM or contact sync data
• API tokens or authorization credentials
• webhooks and integration event logs

G. Information provided in support or onboarding

• chat messages
• emails
• implementation notes
• screenshots, recordings, or attachments you share with us
• settings and preferences you ask us to configure

4. How We Collect Information

We collect information:

• directly from you when you sign up, configure the service, or contact us
• automatically through cookies, logs, analytics tools, and product telemetry
• from telecommunications, hosting, analytics, authentication, billing, and support vendors
• from integrated third-party services you connect
• from communications sent or received through the platform

5. How We Use Information

We may use information to:

• provide, operate, maintain, and improve the service
• provision phone numbers and communications features
• route calls, process SMS, create transcripts, generate summaries, and surface customer interactions in the dashboard
• authenticate users and secure accounts
• process billing, invoices, renewals, and payment-related support
• provide onboarding, implementation, and customer support
• analyze service usage, performance, and reliability
• detect abuse, fraud, spam, suspicious behavior, or security incidents
• comply with legal obligations
• enforce our Terms of Service and Acceptable Use Policy
• communicate with you about your account, updates, service notices, security alerts, or support matters
• train, test, and improve internal systems, where permitted and appropriate, using de-identified, aggregated, or otherwise restricted data practices

6. AI and Transcription Disclosure

Smart Receptionist uses automated systems, including AI models and transcription tools, to assist with:

• answering or routing certain communications
• transcribing calls or voicemails
• summarizing conversations
• classifying messages
• drafting suggested responses
• organizing customer records and interaction history

These systems can make mistakes. Transcripts, summaries, classifications, and AI-generated responses may be incomplete, inaccurate, delayed, or misleading. Businesses using the service are responsible for reviewing their settings, monitoring live use, and determining whether the system is appropriate for their workflows.

Where required by law, customers are responsible for obtaining any required notices or consents relating to recording, transcription, or automated communications.

7. Legal Bases and Processing Context

Depending on the jurisdiction and context, we may process personal information:

• to perform a contract
• for legitimate business interests, such as security, product improvement, and support
• with consent where required
• to comply with legal obligations
• as a processor or service provider acting on a customer’s documented instructions

8. How We Share Information

We do not sell personal information in the ordinary sense of selling customer lists for cash. We may share information with the following categories of recipients as needed to run the service:

A. Service providers and subprocessors

Examples may include providers for:

• cloud hosting and infrastructure
• telephony and messaging
• transcription and AI processing
• authentication
• analytics
• customer support and chat tools
• billing and payment processing
• email delivery
• error monitoring and logging

B. Integrations

If you enable an integration, we may share information with that third-party service at your direction.

C. Professional advisors and transaction-related parties

We may disclose information to lawyers, accountants, auditors, insurers, lenders, investors, or acquirers where reasonably necessary and subject to appropriate protections.

D. Legal compliance and safety

We may disclose information if we believe doing so is reasonably necessary to:

• comply with applicable law, court orders, legal process, or valid government requests
• investigate fraud, abuse, or security incidents
• protect our rights, property, systems, users, or the public

9. Retention

We retain information for as long as reasonably necessary to:

• provide the service
• maintain account history and operational records
• comply with legal, tax, accounting, telecom, or dispute-resolution obligations
• enforce agreements
• investigate misuse or security incidents

Retention windows may vary by data type.

Examples:

• account records: [RETENTION PERIOD]
• call logs and SMS metadata: [RETENTION PERIOD]
• recordings and transcripts: [RETENTION PERIOD OR CUSTOMER-CONTROLLED SETTING]
• support records: [RETENTION PERIOD]
• analytics logs: [RETENTION PERIOD]

We may retain de-identified or aggregated information for longer periods where legally permitted.

10. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. These may include:

• authenticated account access
• role-based permissions
• encryption in transit where supported
• secure credential handling
• logging and system monitoring
• vendor access controls
• limited internal access based on business need

No system is perfectly secure. We cannot guarantee absolute security, uninterrupted availability, or that unauthorized access will never occur. Customers should also use strong passwords, protect account credentials, and limit access to authorized personnel.

11. International Transfers

If applicable, your information may be processed in countries other than your own, including where our service providers maintain operations. Where required, we will use appropriate safeguards for cross-border transfers.

12. Cookies and Similar Technologies

We may use cookies, pixels, local storage, and similar technologies to:

• keep users signed in
• remember preferences
• understand website traffic and performance
• improve marketing effectiveness
• detect technical issues and misuse

You may be able to control certain cookies through browser settings or a cookie management tool, where provided.

13. Your Rights and Choices

Depending on applicable law, you may have rights to:

• access personal information
• correct inaccurate information
• request deletion
• request portability
• object to or restrict certain processing
• withdraw consent where processing is based on consent
• appeal a denied privacy request

To submit a request, contact: [PRIVACY EMAIL / SUPPORT FORM]

We may need to verify your identity before completing certain requests. If we process information on behalf of one of our business customers, you may need to direct your request to that customer first.

14. Children’s Privacy

Smart Receptionist is intended for business use and is not directed to children under 13. We do not knowingly collect personal information directly from children under 13 for consumer purposes. If you believe a child has provided personal information to us improperly, contact us at [PRIVACY EMAIL] and we will review the matter.

15. Third-Party Services

Our website and service may link to or integrate with third-party sites, tools, or services. We are not responsible for third-party privacy practices. Customers should review those providers’ terms and privacy notices separately.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version with a revised “Last Updated” date. If we make material changes, we may provide additional notice through the website, dashboard, or email where appropriate.

17. Contact Us

For privacy questions or requests, contact:

Smart Receptionist

[LEGAL ENTITY NAME]

[COMPANY ADDRESS]

[PRIVACY EMAIL]

[SUPPORT EMAIL]

[PHONE NUMBER]