Privacy Policy

1. Information We Collect

We collect information that you provide directly to us, information we collect automatically when you use our services, and information from third-party sources.

Personal Information

We may collect personal identification information, including but not limited to:

• Full name and contact details (email address, phone number, physical address)
• Professional credentials and job titles
• Account login credentials and security information
• Payment and billing information (processed through secure third-party providers)

Business Information

To provide our specialized services for healthcare and legal practices, we collect:

• Practice or firm name and specialty
• Staff names, roles, and schedules
• Office hours and service descriptions
• Internal protocols for handling specific types of inquiries

Communication Data

Our AI-powered services necessarily process communication data, including:

• Audio recordings of phone calls handled by our AI receptionist
• Transcripts of chat interactions and SMS messages
• Voicemail messages and metadata
• Call logs, including timestamps, duration, and caller ID information

Usage Data and Cookies

We automatically collect certain information when you visit our website or use our platform:

• IP address, browser type, and operating system
• Pages visited, features used, and time spent on the platform
• Referring URLs and exit pages
• Device identifiers and mobile network information

We use cookies and similar tracking technologies to analyze trends, administer the website, and track users' movements around the site.

2. How We Use Your Information

We use the information we collect for various business purposes, including:

• Service Delivery: Providing and maintaining our AI-powered receptionist and CRM services.
• AI Processing: Powering our AI models to handle calls, respond to inquiries, and categorize leads accurately.
• Scheduling: Facilitating appointment booking and calendar management for your practice.
• Lead Management: Qualifying leads and automating follow-up communications.
• Improvement: Analyzing usage patterns to enhance our AI's accuracy and platform performance.
• Communication: Sending administrative updates, security alerts, and support messages.
• Billing: Processing payments and managing financial records.
• Compliance: Meeting legal obligations and enforcing our terms of service.

3. How We Share Your Information

We do not sell your personal information to third parties. We share information only in the following circumstances:

• Business Customers: If you are a patient or client calling a practice that uses FrontDeskAI, your information is shared with that specific practice (our Customer).
• Service Providers: We share data with trusted vendors who provide hosting, analytics, payment processing, and communication infrastructure. These providers are bound by strict confidentiality agreements.
• Legal Requirements: We may disclose information if required by law, subpoena, or to protect the rights and safety of our users or the public.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business assets.

4. HIPAA Compliance

For our healthcare customers, FrontDeskAI operates as a "Business Associate" as defined by the Health Insurance Portability and Accountability Act (HIPAA). We enter into Business Associate Agreements (BAAs) with our healthcare clients to ensure the protection of Protected Health Information (PHI). We implement administrative, physical, and technical safeguards to maintain the confidentiality and integrity of PHI in accordance with HIPAA regulations.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. Specifically:

• Communication Recordings: Audio recordings and transcripts are typically retained for 90 days, unless a different period is configured by the Business Customer.
• Account Data: We retain account information for the duration of the service agreement.
• Deletion: Upon request for account termination, we delete or anonymize your data within 30 days, except where retention is required by law.
• Anonymized Data: We may retain anonymized, aggregated data indefinitely for analytical and AI training purposes.

6. Data Security

We prioritize the security of your data through industry-standard measures:

• Encryption: All data is encrypted using AES-256 at rest and TLS 1.2+ in transit.
• Infrastructure: Our services are hosted on SOC 2 Type II certified cloud infrastructure.
• Access Control: We implement strict role-based access controls (RBAC) and multi-factor authentication for all internal systems.
• Audits: We conduct regular security audits and vulnerability assessments.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

• The right to access and receive a copy of your data.
• The right to correct inaccurate or incomplete information.
• The right to request deletion of your personal data.
• The right to object to or restrict certain processing activities.
• The right to data portability.

California Residents: Under the CCPA, you have the right to know what personal information we collect, the right to delete that information, and the right to opt-out of the sale of personal information (though we do not sell it). You also have the right to non-discrimination for exercising these rights.

8. Children's Privacy

Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information from our systems.

9. International Data Transfers

FrontDeskAI is based in the United States. By using our services, you acknowledge that your information will be processed and stored in the United States, where data protection laws may differ from those in your jurisdiction.

10. Third-Party Links

Our platform may contain links to third-party websites or services that are not owned or controlled by FrontDeskAI. We are not responsible for the privacy practices or content of these third-party sites.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will provide more prominent notice, such as an email notification.