Privacy Policy

1. Introduction

ChirpReply (“we,” “us,” or “our”) operates the chirpreply.com website and the ChirpReply AI receptionist platform (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using ChirpReply, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create a ChirpReply account, we collect your name, email address, business name, business type, phone number, and billing information. This information is necessary to provide the Service and process payments.

2.2 Call and Message Data

ChirpReply processes inbound phone calls and text messages on behalf of your business. We collect and store call recordings, call transcripts, text message content, caller phone numbers, call timestamps, call duration, and AI conversation logs. This data is necessary to operate the AI receptionist, provide transcripts and analytics, and improve service quality.

2.3 Calendar and Appointment Data

If you connect Google Calendar, we access calendar availability to book, modify, and cancel appointments. We store appointment details (date, time, customer name, service type) in our database to power reminders, confirmations, and the lifecycle engine.

2.4 Usage Data

We automatically collect technical information including IP address, browser type, device type, operating system, pages visited, referring URL, and timestamps. We use this data for security, analytics, and Service improvement.

2.5 Cookies

We use essential cookies for authentication and session management (via Clerk). We may use analytics cookies to understand how the Service is used. You can control cookie preferences in your browser settings.

3. How We Use Your Information

We use collected information to:

• Provide, operate, and maintain the AI receptionist Service
• Process and manage phone calls and text messages
• Book, confirm, and remind about appointments
• Send lifecycle messages (follow-ups, re-engagement, review requests)
• Dispatch technicians and manage service routes
• Process payments and manage billing
• Provide customer support
• Send Service-related communications (account updates, security alerts)
• Analyze usage and improve the Service
• Detect, prevent, and address fraud and security issues
• Comply with legal obligations

4. Third-Party Service Providers

We share data with trusted third-party providers who help us operate the Service:

• Twilio — Voice call routing and SMS delivery
• Vapi — Voice AI processing
• Anthropic (Claude) — AI conversation processing
• Google — Calendar integration
• Stripe — Payment processing
• Clerk — Authentication and user management
• Resend — Transactional email delivery
• Vercel — Application hosting

Each provider processes data only as necessary to perform their specific function and is bound by their own privacy policies and data processing agreements.

5. Call Recording Disclosure

ChirpReply records inbound phone calls to provide transcripts, improve AI quality, and resolve disputes. All callers are informed at the beginning of each call that the call may be recorded. You can configure recording disclosures in your dashboard settings. It is your responsibility to ensure compliance with applicable state and federal recording consent laws (including two-party consent states).

6. Data Retention

We retain call recordings, transcripts, and message data for 12 months from the date of creation, unless you request earlier deletion. Account information is retained for the duration of your account and for 30 days after account deletion. Billing records are retained as required by law (typically 7 years for tax purposes). You can export your data at any time from the dashboard.

7. Data Security

We implement industry-standard security measures including encryption of data in transit (TLS 1.2+) and at rest, Twilio webhook signature verification, rate limiting on all API endpoints, role-based access control, and regular security audits. For more details, visit our security practices page.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate data
• Deletion — Request deletion of your personal data
• Portability — Request your data in a machine-readable format
• Opt-out — Opt out of marketing communications
• Restriction — Request restriction of processing

To exercise any of these rights, contact us at privacy@chirpreply.com. We will respond within 30 days.

9. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA). You have the right to know what personal information we collect and how it is used, request deletion of your personal information, opt out of the sale of personal information (we do not sell personal information), and not be discriminated against for exercising your rights.

10. Children's Privacy

ChirpReply is not directed to children under 13 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us at privacy@chirpreply.com.

11. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last updated” date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

ChirpReply
Email: privacy@chirpreply.com
Website: chirpreply.com