🔒 Privacy Policy

1. Introduction

AI Secretary ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our AI-powered scheduling service, including our mobile application and associated backend services.

By creating an account and using AI Secretary, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Business Information (provided at registration):

• Business name, owner name, and contact details
• Email address and password (hashed with bcrypt, never stored in plaintext)
• Business type, services offered, operating hours, and pricing
• Website URL and AI business context description
• Service area and special policies you choose to provide

Customer Data (collected through AI interactions on your behalf):

• Customer names and phone numbers
• Appointment details, dates, times, and service preferences
• Call and SMS transcripts from AI-handled conversations
• Conversation history between your customers and your AI assistant

Technical Data:

• Device push notification tokens
• JWT authentication tokens (stored in device SecureStore/Keychain)
• App usage data and crash reports
• IP addresses and access logs (retained for 90 days)

3. How We Use Your Information

We use your information to:

• Power the AI scheduling assistant to answer calls and SMS on your behalf
• Book, confirm, reschedule, and remind customers of appointments
• Send you push notifications about new bookings, messages, and activity
• Authenticate your account and maintain session security
• Provide customer support when you contact us
• Improve our AI models and overall service quality
• Comply with legal obligations and enforce our terms
• Send transactional emails (verification codes, password resets)

We do NOT:

• Sell your personal data or your customers' data to any third parties
• Use your data or your customers' data for advertising purposes
• Share customer data with other businesses using AI Secretary
• Train AI models on private conversation content without explicit consent
• Use your data for any purpose not described in this policy

4. AI Subprocessors

We send limited data to the following trusted providers solely to deliver the service. None use your data for their own training or purposes:

• Anthropic (Claude AI) — processes conversation messages to generate scheduling responses. Data sent: conversation content only. Training use: none.
• Twilio — handles all voice calls and SMS communications. Data sent: phone numbers and message content.
• Railway — hosts our backend infrastructure and PostgreSQL database.
• Expo — sends push notifications to your mobile device. Data sent: device push token only.
• Resend — sends transactional emails. Data sent: email address and message content.

You have the right to object to the use of any specific subprocessor. Contact us at privacy@ai-secretary.com.

5. Customer Data & Your Responsibilities

As a business using AI Secretary, you are a data controller for your customers' personal information. Customer data is processed under:

• Legitimate interest — providing the scheduling service your customers requested
• Contractual necessity — completing the booking your customers initiated

We provide tools to support compliance but businesses remain responsible for their specific legal obligations in their jurisdiction.

6. Lawful Basis for Processing Your Data

• Contract performance — to provide the service you signed up for
• Legitimate interests — to improve our service and prevent fraud
• Legal obligation — to comply with applicable laws
• Consent — for any optional marketing communications

7. Data Storage & Security

• All data encrypted in transit using TLS 1.3
• Passwords hashed using bcrypt with 12 salt rounds
• JWT tokens stored in device SecureStore (iOS Keychain / Android Keystore)
• Database hosted on Railway with access controls
• Auth endpoints protected with rate limiting (10 requests per 15 minutes per IP)
• Regular security reviews conducted

8. Data Retention

• Active account data: retained while your subscription is active
• Conversation transcripts: 12 months from date of conversation
• Appointment records: 24 months for business record-keeping
• Push notification tokens: deleted immediately on logout or account deletion
• After account deletion: all personal data removed within 30 days
• IP access logs: retained for 90 days then purged

9. International Data Transfers

Your data may be processed in:

• United States — Railway hosting, Anthropic AI processing, Resend email
• Ireland/EU — Twilio EU infrastructure where available

All transfers outside the EEA are protected by Standard Contractual Clauses approved by the European Commission.

10. Contact

Privacy questions and data requests: privacy@ai-secretary.com

General support: support@ai-secretary.com