Privacy Policy

Effective date: [INSERT DATE] · Last updated: [INSERT DATE]
Template notice. This document is a template for U.S. operations. Have a qualified attorney review and customize it for your specific business, the states where you operate, your data flows, and your subprocessors before publishing.

Contents

  1. Scope & Who We Are
  2. Information We Collect
  3. How We Use Information
  4. How We Share Information
  5. Call Recording & AI Disclosure
  6. Cookies & Tracking
  7. Data Retention
  8. Data Security
  9. Your U.S. Privacy Rights
  10. California Specific Disclosures
  11. Children's Privacy
  12. Do Not Track
  13. Changes to This Policy
  14. Contact Us

Revenue Automation Systems ("RAS," "we," "us," or "our") provides AI-powered call intake software for service businesses (the "Service"). This Privacy Policy explains how we collect, use, share, and protect personal information when you visit our website at [your-domain.com], when our customers ("Customers") subscribe to the Service, and when individuals ("End Users" or "Callers") interact with the AI assistant by phone.

By using our website or the Service, you agree to this Policy. If you do not agree, do not use the website or Service.

1. Scope & Who We Are

This Policy applies to:

  • Visitors to our public website.
  • Customers (e.g., HVAC and other service businesses) that subscribe to and use the Service.
  • End Users who place phone calls that are answered by the AI assistant on a Customer's line.

When we process End User information on behalf of a Customer, we generally act as a "service provider" or "processor" under U.S. state privacy laws. The Customer is the party that determines how that information is used and is the "business" or "controller." Information about how the Customer uses End User data is governed by the Customer's own privacy policy and applicable agreements with End Users.

RAS is operated by [Legal Entity Name], a [State] [corporation/LLC], with a principal place of business at [Mailing Address].

2. Information We Collect

A. Information you provide directly

  • Account & contact information: name, business name, job title, email address, phone number, mailing/billing address.
  • Payment information: processed by our payment processor ([e.g., Stripe]); we do not store full card numbers.
  • Customer configuration content: business hours, service offerings, scripts, FAQs, integration credentials, and other content you upload to set up your account.
  • Demo & contact form submissions: information you submit through "Request a Demo" or other forms.
  • Communications: support tickets, emails, chat messages, and recorded phone conversations with our team.

B. Information collected from phone calls (End User data)

When a person calls a phone number routed through the Service, we may collect, on behalf of the Customer:

  • Caller's phone number (including caller ID) and, where provided, name and address.
  • Audio recordings of the call.
  • Transcripts and summaries generated by automated speech recognition and AI.
  • Service request details (e.g., the issue described, scheduling preferences, equipment information).
  • Call metadata such as date, time, duration, and routing information.

C. Information collected automatically

  • Device and browser information (operating system, browser type, device identifiers).
  • IP address and approximate location derived from it.
  • Pages viewed, links clicked, time spent, referring URLs.
  • Cookies, pixels, server logs, and similar technologies (see Section 6).

D. Information from third parties

We may receive information from service providers (telephony, payment, analytics, CRM), public databases, and integration partners (e.g., ServiceTitan, Housecall Pro, Jobber) when you connect those integrations.

3. How We Use Information

We use personal information to:

  • Provide, operate, maintain, and improve the Service.
  • Answer phone calls, generate transcripts, and route leads to the appropriate Customer.
  • Train, evaluate, and improve our AI models. Where feasible, we use de-identified or aggregated data for these purposes.
  • Process payments, send invoices, and manage accounts.
  • Send service-related communications (e.g., security alerts, billing updates, product changes).
  • Send marketing communications, where permitted by law and your communication preferences.
  • Respond to inquiries, requests, and support tickets.
  • Detect, prevent, and respond to fraud, abuse, security incidents, and unlawful activity.
  • Comply with applicable laws and enforce our agreements.
  • Conduct analytics, research, and product development.

4. How We Share Information

With Customers. When an End User calls a number routed through the Service, we share the call recording, transcript, and lead information with the Customer that owns that line.

With service providers. We share information with vendors who perform services on our behalf, including hosting and infrastructure ([e.g., AWS]), telephony ([e.g., Twilio]), AI and transcription, payment processing, analytics, customer support, and email delivery. These providers are contractually limited to using personal information to perform services for us.

With integration partners. If you authorize an integration (such as a CRM or dispatch tool), we share data with that integration as you direct.

For legal reasons. We may disclose information to comply with applicable law, regulation, legal process (such as a subpoena), or governmental request; to protect our rights, property, or safety, and that of our users or others; or to enforce our Terms of Service.

In a business transaction. If we are involved in a merger, acquisition, financing, reorganization, sale of assets, or bankruptcy, personal information may be transferred as part of that transaction.

With your consent. We may share information for any other purpose disclosed to you with your consent.

Aggregated or de-identified data. We may share data that has been aggregated or de-identified so that it can no longer reasonably be linked to you.

No sale of personal information for monetary value. We do not sell personal information for money. Some online advertising practices may be considered "sharing" or "selling" under California law (CCPA/CPRA); see Section 10 for details and your opt-out right.

5. Call Recording & AI Disclosure

The Service answers phone calls using an automated AI voice assistant. Calls handled by the Service may be recorded and transcribed for the purposes described in this Policy and as configured by the Customer. Where required by applicable state law, the AI assistant will disclose at the start of the call that the call is being handled by an automated assistant and may be recorded.

State-law variation. Some U.S. states require all-party consent to record a call (e.g., California, Florida, Illinois, Maryland, Massachusetts, Montana, New Hampshire, Pennsylvania, Washington); others permit one-party consent. Customers are responsible for ensuring that any call recording, monitoring, and AI handling on their phone lines complies with applicable state and federal laws (including the Federal Wiretap Act and state two-party-consent statutes).

If you do not wish to be recorded or to interact with an AI assistant, you may end the call.

6. Cookies & Similar Technologies

We and our service providers use cookies and similar technologies on our website. These include:

  • Strictly necessary cookies that enable core site functionality (e.g., security, login).
  • Analytics cookies (such as [Google Analytics]) that help us understand how visitors use the site.
  • Marketing/advertising cookies that may be used to measure and improve our marketing campaigns.

You can control cookies through your browser settings and, where available, through a cookie preferences link on our site. Some browsers offer "Do Not Track" signals; see Section 12.

7. Data Retention

We retain personal information for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary depending on the type of data and the purpose for which it was collected.

For example, call recordings and transcripts are typically retained for [e.g., 12 months] unless a Customer configures a different retention period or law requires longer retention. Account records are retained while the account is active and for a reasonable period thereafter.

8. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These measures include encryption in transit, access controls, vendor due diligence, and monitoring. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9. Your U.S. Privacy Rights

Depending on the U.S. state in which you reside, you may have the following rights with respect to your personal information:

RightWhat it means
Right to know / accessRequest information about the personal information we have collected about you and how we use and share it.
Right to deleteRequest that we delete personal information we hold about you, subject to legal exceptions.
Right to correctRequest that we correct inaccurate personal information.
Right to portabilityRequest a copy of your personal information in a portable, machine-readable format.
Right to opt out of sale or sharingOpt out of the sale or sharing of personal information for cross-context behavioral advertising.
Right to limit use of sensitive informationWhere applicable, limit the use and disclosure of certain sensitive personal information.
Right against profilingWhere applicable, opt out of profiling that produces legal or similarly significant effects.
Non-discriminationWe will not discriminate against you for exercising any of these rights.

These rights apply (in varying forms) to residents of states with comprehensive privacy laws, including California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Tennessee, Indiana, and others as new laws take effect.

How to exercise your rights. Submit a request by emailing privacy@your-domain.com or by calling [phone number]. We will verify your identity before responding. You may also designate an authorized agent to submit a request on your behalf with proof of authorization.

Appeals. If we deny your request, you may appeal by replying to our response. We will respond to appeals within the time required by your state's law.

10. California Specific Disclosures

The California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"), provides California residents additional rights described in Section 9.

Categories of personal information collected in the past 12 months. We collect information falling within the following CCPA categories:

  • Identifiers (e.g., name, email, phone number, IP address).
  • Customer records (e.g., billing address, payment information).
  • Commercial information (e.g., products/services purchased).
  • Internet or other electronic network activity (e.g., browsing data).
  • Geolocation data (general, derived from IP address).
  • Audio and electronic information (e.g., call recordings).
  • Professional or employment-related information.
  • Inferences drawn from the above.

Sources, purposes, and recipients are described in Sections 2, 3, and 4.

Sensitive personal information. We may process audio recordings (which can be considered sensitive PI under CCPA) for the purpose of providing the Service. We do not use sensitive PI for purposes that would trigger the right to limit, except as needed to perform the Service or as otherwise permitted by law.

Sale or sharing. We do not sell personal information for monetary consideration. To the extent any data sharing for cross-context behavioral advertising is considered a "sale" or "sharing" under CCPA, you can opt out by clicking "Do Not Sell or Share My Personal Information" below or by emailing privacy@your-domain.com.

Minors. We do not knowingly sell or share personal information of consumers under 16.

Do Not Sell or Share My Personal Information. California residents (and residents of other states with similar rights) may opt out by submitting a request to privacy@your-domain.com with the subject line "Do Not Sell or Share." We also honor recognized opt-out preference signals (such as Global Privacy Control) where required.

Shine the Light. California Civil Code §1798.83 permits California residents to request a notice describing what categories of personal information we share with third parties for those parties' direct marketing purposes. We do not currently share personal information with third parties for their own direct marketing purposes.

11. Children's Privacy

The Service is intended for use by businesses and adults. We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, please contact us and we will delete it.

12. Do Not Track

Our website does not currently respond to "Do Not Track" browser signals. However, we honor the Global Privacy Control (GPC) signal where required by law as an opt-out of sale/sharing.

13. Changes to This Policy

We may update this Policy from time to time. The "Last updated" date at the top reflects the most recent version. Material changes will be communicated by posting a notice on our website or through other reasonable means. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

14. Contact Us

To exercise your rights or ask questions about this Policy: