Legal

Privacy policy.

We collect what we need to run a reliable AI that answers your customers — nothing more. We don’t sell your data, and we don’t train shared models on your conversations.

Last updated: April 17, 2026
The short version

Your customer conversations, knowledge base, and account data stay yours. We never train shared models on your content. We encrypt in transit and at rest, keep data in US or EU regions, and give you tools to export or delete anything. Questions? Email hello@modphone.ai.

What we collect

To provide the ModPhone service we collect the following categories of information:

Account information

  • Your name, email address, business name, and billing address
  • Payment information (processed by our payment providers — we never store full card numbers)
  • Authentication credentials (password hashes and session tokens)

Agent configuration & knowledge

  • Content from websites, documents, and sources you upload to teach your agent
  • Agent prompts, voice selection, business hours, and other settings you configure
  • Integration credentials (calendar OAuth tokens, CRM API keys, Shopify tokens) — stored encrypted

Conversation data

  • Call audio (if recording is enabled), transcripts, SMS messages, emails, and chat logs
  • Caller phone numbers, email addresses, and any details the caller shares
  • Call metadata: timestamp, duration, outcome, transfer destination if applicable

Usage data

  • Pages visited on our dashboard, features used, error reports
  • IP address, browser type, and device information for security and debugging

How we use it

We use your information to:

  • Operate the AI that answers your customers — retrieving your knowledge base, processing conversations, sending confirmations
  • Deliver your account and the features you’ve configured
  • Bill for usage and prevent abuse
  • Investigate bugs, incidents, and fraud
  • Send you service-related email (receipts, security alerts, product updates you opted into)

What we don’t do

  • We do not sell your data, customer data, or conversation data to third parties.
  • We do not use your customer conversations or knowledge base to train shared AI models.
  • We do not read your conversations for marketing targeting.

Who we share with

We share data only with sub-processors needed to run the service. Those include:

  • Voice & telephony: Twilio, Daily.co, and (for some unified numbers) their upstream carriers
  • AI model providers: Anthropic, OpenAI, Groq, Gemini, ElevenLabs, Cartesia, Deepgram — each covered by their own data-processing terms; none of them train shared models on your data in our configuration
  • Cloud hosting: AWS and Neon for application and database hosting
  • Email delivery: SendGrid / SMTP providers for transactional email
  • Payments: Stripe for subscription billing
  • Analytics: Google Analytics for aggregated marketing-site usage (with IP anonymization)

We will share data with law enforcement only when legally compelled to do so.

Where data is stored

Your account and conversation data is stored in the United States by default. EU data residency is available on the Enterprise plan. Backups are encrypted and retained for disaster recovery, with configurable retention windows on paid plans.

Security

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Role-based access controls inside our organization
  • Full audit logs of configuration changes on paid plans
  • Regular vulnerability scanning and penetration testing
  • Security disclosure: email hello@modphone.ai with security in the subject line

Your rights

You can:

  • Access and export your account data, call transcripts, and knowledge base content at any time from your dashboard
  • Delete any content from your knowledge base, or your entire account
  • Configure call recording, transcript retention, and data export behavior
  • Request deletion of specific caller data (we’ll honor right-to-be-forgotten requests under GDPR and CCPA)
  • Close your account at any time — we delete account data within 30 days of closure, except where legally required to retain

Cookies & tracking

Our marketing website uses cookies for analytics (Google Analytics) and conversion tracking (Google Ads). Our dashboard uses cookies for authentication only. You can disable cookies in your browser without losing access to the dashboard.

Children

ModPhone is not intended for use by children under 16. We don’t knowingly collect information from anyone under 16.

Changes to this policy

If we materially change how we handle your data, we’ll email account owners at least 30 days before the change takes effect.

Contact

Questions, complaints, or requests under GDPR / CCPA: email hello@modphone.ai. A real person reads it.