Privacy Policy

Last Updated: May 24, 2026

Welcome to AICalling.app ("AICalling", "we", "our", or "us"). We operate a white-labeled AI Voice Calling Software-as-a-Service (SaaS) platform designed to enable resellers, agency partners, and tenants (collectively, "Tenants") to build, brand, and sell their own interactive voice agent networks.

This Privacy Policy describes how we collect, use, process, and disclose information, including personal data, in connection with your access to and use of our platform, APIs, databases, widgets, and website services.

1. Information We Collect

We collect information from three distinct classes of users: Tenants (platform owners), Clients of Tenants (end users purchasing calling seats), and Call Recipients (contacts dialed by voice agents).

Tenant Accounts: Standard authentication credentials (via Supabase Auth), email address, organization metadata, logo assets, custom branding selections, and Stripe billing identities.
Client & User Configurations: CRM contact rosters, contact groups, campaigns, schedules, custom voice agent prompts, ElevenLabs API bindings, and Twilio/SIP telephony configurations.
Call Records and Audio Data: Call logs (timestamps, durations, statuses), real-time text-to-speech transcripts, and MP3 call audio recordings. These are securely processed through our ElevenLabs integrations and stored directly in your isolated Supabase storage buckets.

2. How We Process and Use Information

All data operations are governed strict multi-tenancy controls powered by Row-Level Security (RLS) policies. We process collected information to:

Deliver and execute low-latency voice agent services via synchronized API connections to ElevenLabs.
Process metered billing and compute volume consumption splits to capture margin splits on Stripe.
Maintain real-time call telemetry dashboards, diagnostics, and campaign completion telemetry.
Respond to support requests, prevent malicious platform exploitation, and audit API connection parameters.

3. ElevenLabs & Twilio Audio Processing

Our core voice calling relies on the ElevenLabs Conversational AI API and Twilio/SIP trunk speech-routing pathways. When an inbound or outbound call is triggered:

Audio streams are securely processed in real-time to facilitate speech-to-text transcription and high-fidelity vocal syntheses. We do not use your proprietary call audio, system transcripts, or tenant configurations to train general LLM databases or public ElevenLabs voices.

4. Data Isolation and Security

Your data isolation is built directly into our relational schema. All SQL records are linked to a strict organization_id and guarded by Supabase Row-Level Security (RLS). Furthermore, call audio and customer rosters are completely sandboxed per Tenant organization, ensuring that client databases can never cross-pollinate.

While we utilize industry-grade cryptographic encryption for database channels (TLS 1.3) and storage states (AES-256), no network transmission can be guaranteed as 100% secure. You are responsible for safeguarding your Tenant dashboard password and API key pairs.

5. Your Privacy Rights

Depending on your jurisdiction (such as under the EU General Data Protection Regulation - GDPR, or California Consumer Privacy Act - CCPA), you may have the right to access, rectify, port, or erase your account credentials. Because we operate as a Data Processor for Tenant databases, Call Recipients requesting data deletion should direct their requests to the relevant white-labeled Tenant platform owner.

6. Contact Us

If you have any questions about this Privacy Policy or wish to request data deletions under local regulations, please contact our privacy compliance team at:
support@aicalling.app