CallIntelCallIntel

Privacy Policy

Effective date: March 23, 2026

Overview

CallIntel ("we", "our", "us") provides a real-time integration service between VoIP phone systems and Agency Management Systems (AMS) for insurance agencies. This Privacy Policy explains what data we collect, how we use it, how long we retain it, and your rights regarding that data.

Data We Collect

We collect and process the following categories of data:

  • Account information: Your name, email address, and organization name, collected during sign-up through our authentication provider (Clerk).
  • Integration credentials: API keys, tokens, and passwords for your VoIP and AMS systems, provided during setup. These are encrypted at rest using AES-256-GCM.
  • Call metadata: Phone numbers, call direction, duration, timestamps, agent names, and call status, received via webhooks from your VoIP provider.
  • Call transcriptions and summaries: AI-generated transcriptions and call summaries provided by your VoIP provider, used to create activity notes in your AMS.
  • SMS metadata: Sender/receiver phone numbers, message content, and timestamps for SMS messages routed through your VoIP system.
  • Usage data: Analytics and aggregate metrics about call volumes, answer rates, and team performance within your organization.

How We Use Your Data

We use your data exclusively to provide the CallIntel service:

  • Matching incoming calls to contacts in your AMS
  • Logging call activity and transcriptions to your AMS as notes
  • Delivering screen pop notifications with caller information
  • Providing call analytics, leaderboards, and performance dashboards
  • Sending support ticket notifications and system alerts

We do not sell, share, or use your data for advertising, marketing to third parties, or any purpose other than providing the Service.

Data We Do Not Store

  • Call recordings: Audio recordings are never stored on our servers. Recordings remain with your VoIP provider. We only reference provider-hosted URLs when available.
  • AMS client records: We query your AMS to match callers to contacts, but we do not copy or cache your AMS database. Contact lookups are performed in real-time.

Data Retention & Automatic Purge

CallIntel is designed as a processing bridge, not long-term storage. We enforce the following retention policies:

  • After AMS sync: Once call data and transcriptions are successfully synced to your AMS, personally identifiable information (phone numbers, contact names) is automatically masked or deleted. Transcription text, AI summaries, and SMS message bodies are permanently purged.
  • Primary purge within 1 hour: PII is purged within 1 hour of a successful AMS sync by our hourly data hygiene process. A 30-day hard maximum serves as an absolute safety net — any data not purged earlier is automatically removed, regardless of sync status.
  • Screen pop data: Temporary caller information used for screen pops is automatically deleted within 5 minutes.
  • Anonymized metrics: Aggregate call statistics (counts, durations, answer rates) are retained for dashboard analytics but contain no personally identifiable information after the purge process runs.

Encryption & Security

  • Credentials: All VoIP and AMS credentials are encrypted at rest using AES-256-GCM with unique initialization vectors.
  • Data in transit: All communications use TLS/HTTPS encryption. We enforce HSTS with a two-year max-age.
  • Authentication: User authentication is provided by Clerk, which supports multi-factor authentication, session management, and OAuth providers.
  • Webhook security: Inbound webhooks are verified using HMAC signatures where supported by the provider, and are rate-limited to prevent abuse.
  • Security headers: Our application enforces X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy headers.
  • Audit logging: All data access and administrative actions are logged with timestamps and user identification for compliance and incident investigation.

Third-Party Sub-Processors

We use the following third-party services to operate CallIntel. Each maintains their own security certifications and privacy policies:

  • Clerk (clerk.com) — Authentication and user management
  • Neon (neon.tech) — PostgreSQL database hosting (SOC 2 Type 2 certified)
  • Vercel (vercel.com) — Application hosting and edge network (SOC 2 Type 2 certified)
  • Stripe (stripe.com) — Payment processing (PCI DSS Level 1 certified)
  • Anthropic (anthropic.com) — AI processing (call summaries and intelligence analysis)
  • Zoho Mail (zoho.com) — Transactional email delivery

Your VoIP provider (e.g., Dialpad, RingCentral, Vonage, GoTo Connect, Zoom Phone) and AMS provider (e.g., AMS360, Applied Epic, EZLynx) are configured by you and are not CallIntel sub-processors.

Cookies & Tracking

CallIntel uses only essential cookies required for authentication and session management. We do not use advertising cookies, analytics trackers, or third-party tracking pixels. We do not participate in cross-site tracking or data broker networks.

Your Rights

  • Access: You may request a copy of all data associated with your account.
  • Correction: You may update your account information at any time through the Settings page.
  • Deletion: You may request deletion of your account and all associated data. Upon account deletion, all call logs, credentials, team data, and organization settings are permanently and irrecoverably removed via cascading database deletion.
  • Portability: You may request an export of your data in a machine-readable format.
  • Revocation: You may revoke CallIntel's access to your VoIP and AMS systems at any time by removing credentials from Settings.

To exercise any of these rights, contact us at support@callintel.app. We will respond within 30 days.

Data Breach Notification

In the event of a data breach that affects your personal information, we will notify affected customers within 72 hours of discovery via email. We will provide details of the breach, the data involved, steps taken to mitigate the impact, and recommended actions for affected users.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active customers of material changes via email at least 30 days before they take effect. The "Effective date" at the top of this page indicates when the policy was last revised.

Contact

For privacy-related inquiries, data requests, or concerns, contact us at support@callintel.app or call (971) 626-5437.