Privacy Policy
Synthfy LLC (“we,” “us,” “our”) operates the Synthfy AI Receptionist service. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Service.
1. Information We Collect
1.1. Account Information
When you register for Synthfy, we collect: business name and address; contact name, email, and phone number; business industry and type; payment information (processed through PayPal — we never store card numbers); and account credentials (passwords are hashed with bcrypt, never stored in plaintext).
1.2. Call Data
When calls are handled by your AI receptionist, we collect: caller phone number and call duration; call transcriptions; AI-generated call summaries; caller-provided information (name, message, appointment preferences); and SMS message content and metadata.
1.3. Technical Data
IP address and browser information; device type and operating system; dashboard usage patterns and analytics; consent records (IP address, timestamp, user agent, consent text).
2. How We Use Your Information
We use collected information to provide and improve the AI receptionist service, process payments and manage subscriptions, send service-related communications (billing, alerts, trial reminders), monitor for fraud and abuse, and comply with legal obligations.
3. Data Sharing
We do not sell your personal information. We may share data with:
- Service Providers: Trustworthy and audited third-party service providers who assist us in delivering our service: secure telecommunications partners (telephony and SMS routing), enterprise cloud platforms (secure AI model inference and computational hosting), high-availability web hosting infrastructure (web dashboard and encrypted database storage), transactional email processors (billing and system notifications), and compliant payment processors (subscription billing and transaction handling).
- Legal Requirements: When required by law, court order, or government request
- Business Transfers: In connection with a merger, acquisition, or sale of assets
4. Your Rights
You have the right to access your personal data, request data deletion (subject to legal retention requirements), export your data in a portable format, opt out of marketing communications, and request correction of inaccurate data.
4.1. California Residents (CCPA)
If you are a California resident, you have additional rights under the CCPA: right to know what personal information we collect, use, and share; right to delete your personal information; right to opt out of the sale of personal information (we do not sell your data); right to non-discrimination for exercising your rights. We will respond to verified CCPA requests within 45 days. Contact: [email protected].
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Duration of account + 30 days after deletion |
| Call transcripts | 90 days (auto-deleted) |
| Call logs (metadata only) | 12 months |
| Billing records | 7 years (tax compliance) |
| Consent records | 7 years (FTC requirement) |
6. Security
We implement TLS 1.2/1.3 for all data in transit, AES-256 encryption for data at rest, AES-256-GCM for OAuth tokens, role-based access controls, and automated threat detection. See our Security Overview page for full details.
7. Cookies & Tracking
We use essential cookies for authentication and session management. We do not use third-party advertising cookies.
8. Children’s Privacy
The Service is intended for businesses and individuals aged 18 and older. We do not knowingly collect personal information from anyone under 18.
9. Contact Us
- Email: [email protected]
- Mailing Address: Synthfy LLC, Houston, TX