Privacy Policy

CallConvert ("CallConvert", "we", "us", or "our") provides an AI-powered voice agent and messaging platform for HVAC and home service businesses (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect information when you use our platform, whether as a business customer ("Operator") or as an end customer of an HVAC business that uses CallConvert ("End User").

By using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the Service.

Google Workspace API Limited UseThe use of raw or derived user data received from Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements. See Section 4.5 for full details.

1. Who We Are and What We Do

CallConvert operates as both a data controller (for information about Operators and their accounts) and a data processor (for End User information collected on behalf of Operators). HVAC businesses that use CallConvert are responsible for their own compliance with applicable privacy laws in relation to their customers.

Our registered business address and primary point of contact for privacy matters is available at callconvert.ai/contact.

2. Information We Collect

2.1 Information Collected from Operators (Business Customers)

When you register for and use CallConvert as a business, we collect:

• Account information: business name, contact name, email address, phone number, billing address
• Payment information: credit card details or bank account information (processed via a PCI-compliant third-party payment processor; we do not store raw card numbers)
• Configuration data: your business phone numbers, hours of operation, service areas, AI agent scripts, and system preferences
• Usage data: call logs, message logs, campaign activity, feature usage, and platform analytics
• Communication records: emails and messages you send to our support team
• Connected account data: when you connect a third-party account (such as Google Calendar or GoHighLevel), we collect the information necessary to provide the integration, as described in Section 4.5

2.2 Information Collected from End Users (Callers and SMS Recipients)

When an HVAC business's customers interact with a CallConvert-powered voice agent or receive SMS messages sent via our platform, we may collect:

• Phone numbers of callers and SMS recipients
• Call recordings and transcripts (where permitted by law and disclosed to callers)
• Voicemail messages
• SMS message content and delivery status
• Name, address, and service details if provided during a call or message exchange
• Appointment and job inquiry information

2.3 Automatically Collected Technical Data

When you access the CallConvert dashboard or web platform, we automatically collect:

• IP address and approximate location
• Browser type, operating system, and device identifiers
• Pages visited, time spent, and navigation paths
• Referring URLs
• Cookie and session data (see Section 7)

3. How We Use Information

3.1 To Provide and Operate the Service

• Route inbound calls to the AI voice agent and process responses
• Send outbound SMS messages on behalf of Operators
• Transcribe calls and generate AI summaries and follow-up actions
• Manage phone number provisioning via our telephony partners
• Read and write calendar events through connected Google Calendar accounts to enable appointment booking
• Sync leads and contacts to connected CRM accounts (such as GoHighLevel) when configured by the Operator
• Process payments and manage billing
• Provide Operator access to call logs, recordings, and reporting dashboards

3.2 To Improve and Develop the Service

• Analyse aggregated, de-identified usage patterns to improve AI performance
• Monitor platform stability, uptime, and performance
• Test new features and functionality
• Conduct internal research and product development

3.3 To Communicate with You

• Send account and billing notifications
• Provide product updates, release notes, and maintenance alerts
• Respond to support requests
• Send marketing communications (Operators may opt out at any time)

3.4 To Comply with Legal Obligations

• Respond to lawful requests from government authorities
• Enforce our Terms and Conditions
• Detect and prevent fraud, abuse, and security incidents

4. How We Share Information

We do not sell your personal information or End User information to third parties. We do not share information with advertisers. We share information only in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who help us operate the Service, including:

• Telephony providers (for call routing and SMS delivery)
• AI and speech processing providers (for voice agent functionality and transcription)
• Cloud infrastructure providers (for hosting and data storage)
• Payment processors (for billing)
• Analytics providers (for platform monitoring)

All service providers are contractually bound to use information only for the purposes we specify and to maintain appropriate security standards.

4.2 Operators

End User information collected during calls or messages is made available to the relevant Operator through their CallConvert dashboard. Operators receive call recordings, transcripts, caller phone numbers, and any information provided by the End User during the interaction.

4.3 Legal Requirements

We may disclose information if required to do so by law, court order, or valid legal process, or where we reasonably believe disclosure is necessary to protect the safety of any person, to prevent fraud, or to protect our legal rights.

4.4 Business Transfers

If CallConvert is acquired, merged, or undergoes a change of ownership, your information may be transferred to the acquiring entity. We will notify you of any such transfer and the resulting changes to this Privacy Policy.

4.5 Google User Data and Limited Use Compliance

CallConvert's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

When an Operator connects their Google account to CallConvert, we request access only to the scopes necessary to deliver the requested functionality. Specifically, we use Google Calendar data to:

• Read calendar availability so the AI voice agent can offer appropriate appointment slots to callers
• Create calendar events when an appointment is booked through the AI voice agent
• Update or cancel calendar events when appointments are rescheduled or cancelled
• Display upcoming appointments within the Operator's CallConvert dashboard

In accordance with Google's Limited Use requirements, we affirm the following:

• We do not use Google user data for serving advertisements, including retargeting, personalised, or interest-based advertising
• We do not allow humans to read Google user data, except (a) with the Operator's explicit consent for specific messages, (b) where necessary for security purposes such as investigating abuse, (c) to comply with applicable law, or (d) where the data has been aggregated and anonymised and is used for internal operations
• We do not transfer Google user data to third parties except as necessary to provide or improve user-facing features that are prominent in the CallConvert user interface, to comply with applicable law, or as part of a merger, acquisition, or sale of assets where the Operator is notified
• We do not use Google user data to develop, improve, or train generalised or non-personalised AI or machine learning models
• We retain Google user data only for as long as necessary to provide the Service, and we delete it upon disconnection of the Google account, account deletion, or Operator request

Operators can revoke CallConvert's access to their Google account at any time through their Google Account permissions page at myaccount.google.com/permissions or from within the CallConvert dashboard under Integrations.

5. Data Retention

We retain different types of data for different periods:

• Call recordings: retained for 90 days by default; Operators may configure longer retention within their plan
• Call transcripts and logs: retained for 12 months by default
• SMS message logs: retained for 12 months
• Google Workspace data: retained only while the Operator's Google integration is active; deleted within 30 days of disconnection
• Account and billing information: retained for the duration of the account plus 7 years for tax and compliance purposes
• Deleted account data: purged within 60 days of account closure, except where retention is required by law

Operators may request earlier deletion of specific data via the dashboard or by contacting support.

6. Data Security

We implement industry-standard technical and organisational security measures including:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
• Access controls and role-based permissions
• Regular security assessments and vulnerability testing
• Audit logging of access to sensitive data
• Employee security training and background checks
• Secure storage of OAuth tokens and credentials for connected third-party accounts

No method of transmission or storage is 100% secure. While we take reasonable steps to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you in accordance with applicable law.

7. Cookies and Tracking

Our web dashboard uses cookies and similar tracking technologies for:

• Session management and authentication (essential; cannot be disabled)
• Platform analytics and performance monitoring (can be disabled via browser settings)
• Feature usage tracking to improve the product (can be disabled via browser settings)
• We do not use third-party advertising cookies. You can control cookie settings through your browser. Disabling essential cookies will prevent you from accessing the dashboard.

8. Your Rights and Choices

8.1 Operator Rights

As an Operator, you have the right to:

• Access the personal information we hold about your account
• Correct inaccurate account information
• Export your data (call logs, transcripts, settings) from the dashboard
• Request deletion of your account and associated data
• Disconnect any connected third-party integrations (including Google) at any time
• Opt out of marketing communications at any time

8.2 End User Rights

End Users whose information has been collected through an Operator's use of CallConvert should direct privacy requests to the relevant HVAC business (the Operator) in the first instance, as the Operator is the data controller for that relationship. CallConvert will assist Operators in fulfilling valid End User requests.

End Users may also contact us directly at info@callconvert.ai if they believe their information has been mishandled.

8.3 California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your CCPA rights, contact us at info@callconvert.ai.

9. SMS Messaging, Mobile Phone Numbers, and Telephone Communications

CallConvert enables Operators to send SMS messages to their customers. In relation to SMS communications and the mobile phone numbers we process:

• Operators are responsible for obtaining valid opt-in consent from End Users before sending marketing or promotional SMS messages
• All SMS campaigns sent via CallConvert must comply with the Telephone Consumer Protection Act (TCPA), the CTIA Messaging Principles and Best Practices, and applicable carrier requirements
• Standard message and data rates from the recipient's carrier may apply
• End Users can opt out of SMS messages at any time by replying STOP. STOP requests are honored permanently and synced across all CallConvert-managed numbers
• End Users can request help by replying HELP

CallConvert does not send unsolicited marketing messages to End Users on its own behalf.

9.1 How End Users Provide SMS Consent

End User consent to receive SMS messages from an Operator is captured through one of the following methods:

• Verbal consent during a recorded inbound voice call. When a customer calls an Operator's CallConvert-managed phone number, the AI receptionist explicitly asks for permission to send appointment details and follow-ups by text before storing the customer's phone number. Call recordings are retained as proof of consent.
• Keyword opt-in. An End User may text START, SUBSCRIBE, or YES to an Operator's CallConvert-managed number to opt in.

Operators have access to consent records (call recordings, inbound SMS, and opt-out logs) within the CallConvert dashboard.

10. International Data Transfers

CallConvert is based in the United States. If you access our Service from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using the Service, you consent to this transfer.

We take steps to ensure that any international transfers of personal data are subject to appropriate safeguards in accordance with applicable law.

11. Children's Privacy

CallConvert is not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13 without verified parental consent, we will take steps to delete it promptly.

12. Third-Party Links

Our platform may contain links to third-party websites or services. This Privacy Policy does not apply to those sites. We encourage you to review the privacy policies of any third-party services you access through our platform.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email (to the address associated with your account) and by posting the updated policy on our website with a new effective date. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

14. Contact Us

For privacy-related questions, requests, or complaints, please contact us at:

We will respond to all legitimate privacy requests within 30 days.