Privacy Policy

Phoneless Inc. ("Phoneless", "we", "us") provides AI-powered phone and text booking agents for small businesses. This Privacy Policy explains what personal information we collect, how we use it, and the rights you have. It applies to phoneless.us and the Phoneless service.

Information we collect

• Account data: name, email, business name, billing address.
• Phone numbers: the number you provision through us or port in.
• Communications: recordings and transcripts of calls handled by your agent, SMS and WhatsApp messages.
• Caller information: the phone number, name (if provided), and content of conversations from people contacting you.
• Calendar data: event times, titles, and attendee names needed to create or block bookings.
• Usage data: log files, IP address, browser, device identifiers, error reports.
• Cookies: session cookies for sign-in and a small number of analytics cookies (you can opt out in our cookie banner).

How we use information

• Operate the booking agent and connect calls, texts, and calendar events.
• Bill you and provide customer support.
• Detect fraud, abuse, and violations of our Terms.
• Improve the service. We do not use your call recordings or transcripts to train third-party foundation models. We use aggregated, de-identified usage signals to improve our own routing and quality.
• Send you service notices and (if you opt in) marketing.
• Comply with applicable law.

How we share information

We share data only with vetted subprocessors that help us run the service. A current list is maintained on our Security page. Categories include:

• Telephony providers (call and SMS routing).
• AI model providers (agent reasoning and speech).
• Cloud hosting and storage.
• Payment processing.
• Analytics and customer support tooling.

We do not sell personal information.

Your choices

• Access, correct, export, or delete your data — email privacy@phoneless.us.
• Disable call recording at any time in your account settings.
• Opt out of analytics cookies via the banner.
• Close your account at any time; we delete data per the schedule below.

Data retention

• Call recordings: 90 days, then automatically deleted (configurable).
• Transcripts and bookings: kept until you delete them or close your account.
• Account and billing records: kept for the life of the account, plus 7 years for tax and accounting where required.
• Backups: purged within 90 days.

Security

We use TLS 1.2+ in transit, AES-256 at rest, role-based access control, audit logging, and routine third-party penetration testing. Details on our Security page.

International transfers

Phoneless is operated from the United States. If you access the service from outside the US, your information will be transferred to the US. Where required, we rely on Standard Contractual Clauses for cross-border transfers.

Regional rights

California (CCPA/CPRA): right to know, delete, correct, and limit use of sensitive personal information. We do not sell or share personal information for cross-context behavioral advertising.

EEA / UK (GDPR): rights of access, rectification, erasure, restriction, portability, and objection. You may also lodge a complaint with your supervisory authority. Our lawful bases are contract performance, legitimate interests, consent (where applicable), and legal obligation.

To exercise any right, email privacy@phoneless.us. We may need to verify your identity before responding.

Children

The service is not directed to anyone under 16, and we do not knowingly collect data from them.

Changes to this Policy

We will email account holders at least 30 days before material changes take effect.

Contact

Phoneless Inc.
Email: privacy@phoneless.us