Privacy policy

1. INTRODUCTION

Callin.io is a service provided by Replacing Humans LLC ("we," "us," or "our"),
a company based in the United States. We have developed Callin.io, a SaaS
platform that offers AI phone agent services for organizations.

This Privacy Policy explains how we collect, use, disclose, and protect your
personal information when you use our website (www.callin.io) and our AI phone
agent services (collectively, the "Services"). We are committed to protecting
your privacy and complying with applicable data protection laws, including:

• The General Data Protection Regulation (GDPR)

• The German Federal Data Protection Act (BDSG) and Telemedia Act (TMG)

• The Spanish Organic Law on Data Protection and Guarantee of Digital Rights
  (LOPDGDD)

• The Italian Personal Data Protection Code

• The UK Data Protection Act 2018 and UK GDPR

• The French Data Protection Act and CNIL guidelines

• Applicable US privacy laws, including the CCPA and CPRA

• Other jurisdictions' regulations

  
  

2. DATA CONTROLLER AND CONTACT INFORMATION

Data Controller:
Replacing Humans LLC
30 N Gould St Ste R, Sheridan, WY 82801, United States

Data Protection Officer: gdpr@callin.io
General Support: support@callin.io

3. TECHNICAL INFRASTRUCTURE

We utilize the following platforms and tools to provide our Services:

AI / GenAI Services:

• OpenAI chat completions, Azure OpenAI, OpenAI embeddings, Langchain

• Cartesia, ElevenLabs, PlayHT (Text-to-Speech Synthesis)

• Deepgram (Speech Recognition / Speech-to-Text)

Other:

• Redis Cache

• Twilio Telephony Platform

  
  

4. PERSONAL DATA WE COLLECT

We collect and process the following types of personal data:

• Account Information: name, email address, phone number, company name, and
  website URL.

• Usage Data: IP address, browser type, device information, and interaction
  with our website and AI phone agents.

• Google Calendar Data: with your explicit consent, email addresses, names,
  dates of birth, phone numbers, notes, and event descriptions.

• Call Recordings: with your explicit consent, conversations between our AI
  phone agents and your customers may be recorded for quality assurance and
  service improvement purposes.

• Analytics Data: anonymized usage data collected via Google Analytics. We do
  not use advertising pixels from Facebook, Instagram, or TikTok.

  
  

5. HOW WE USE YOUR PERSONAL DATA

We use your personal data for the following purposes:

• Service Provision: managing user accounts and providing AI phone agent
  functionality.

• Compliance and Legal Obligations: to comply with applicable laws and
  regulations, including tax laws.

• Marketing and Communications: to promote our services and communicate with
  potential and existing customers.

• Website Operation and Security: to manage and secure our website.

• AI Call Management: to facilitate callback requests from an AI agent.

• Google Calendar Integration: to allow AI phone agents to schedule
  appointments on behalf of our clients.

• Service Improvement: to analyze usage patterns and improve our Services.

• Technical Issue Resolution: to detect, prevent, and address technical issues.

  
  

6. LEGAL BASES FOR PROCESSING

We process your personal data on the following legal bases:

• Performance of a Contract: when processing is necessary to fulfill our
  contractual obligations to you.

• Compliance with Legal Obligations: when processing is required by applicable
  laws and regulations.

• Legitimate Interests: when processing serves our legitimate interests (e.g.,
  improving Services or marketing), provided these do not override your rights.

• Consent: when you have given explicit consent for specific activities, such
  as call recordings or Google Calendar access.

  
  

7. DATA SHARING AND DISCLOSURE

We may share your personal data with:

• Service Providers and Subprocessors: cloud providers (AWS, GCP, Azure), AI
  providers (OpenAI, Azure OpenAI), and other necessary technology partners.

• Legal and Regulatory Authorities: when required by law or to protect our
  rights and interests.

• Potential Buyers or Investors: in the event of a sale, merger, or investment.

We do not sell your personal data to third parties. Google user data is not
shared with third parties except as specified above for necessary service
provision and development.

8. INTERNATIONAL DATA TRANSFERS

As a US-based company, we may transfer your personal data to countries outside
the European Economic Area (EEA). When we do so, we ensure appropriate
safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission

• Adequacy decisions for countries deemed to provide adequate protection

• Binding Corporate Rules for intra-group transfers, where applicable

  
  

9. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the
purposes for which it was collected, or as required by applicable law:

• Account Information: retained for the duration of your use of our Services
  and for a reasonable period thereafter for legal and operational purposes.

• Google Calendar Data: retained only as long as needed to provide the
  requested services, then securely deleted or anonymized.

• Call Recordings: retained for a limited period (typically 30 days) unless a
  longer retention period is required for legal or operational reasons.

  
  

10. YOUR RIGHTS

Depending on your location, you may have the following rights regarding your
personal data:

• Right to Access: request a copy of the personal data we hold about you.

• Right to Rectification: ask us to correct inaccurate or incomplete data.

• Right to Erasure: request deletion of your personal data in certain
  circumstances.

• Right to Restrict Processing: ask us to restrict processing in certain
  situations.

• Right to Data Portability: request your data in a machine-readable format.

• Right to Object: object to processing, particularly for direct marketing.

• Right to Withdraw Consent: withdraw consent at any time where processing is
  based on consent.

• Right to Lodge a Complaint: file a complaint with a supervisory authority if
  you believe your rights have been violated.

To exercise these rights, please contact us using the information in Section 2.

11. SECURITY MEASURES

We implement appropriate technical and organizational measures to protect your
personal data, including:

• Encryption of data in transit and at rest

• Access controls and authentication mechanisms

• Regular security audits and vulnerability assessments

• Employee training on data protection and security best practices

• Incident response and data breach notification procedures

• 
  

12. COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies to enhance your experience on our
website. Our cookie categories include:

• Essential Cookies: necessary for the website to function properly.

• Analytical Cookies: used to analyze website usage (e.g., Google Analytics).

• Functional Cookies: enhance the functionality of the website.

• Advertising Cookies: we do not currently use advertising pixels, but may use
  cookies for marketing purposes.

Users can control cookies through their browser settings. Opting out of
non-essential cookies may affect website functionality.

13. GOOGLE ANALYTICS

We use Google Analytics to analyze the use of our website. Data is processed in
a way that does not directly identify individuals. You can opt out by installing
the Google Analytics Opt-out Browser Add-on.

14. INTEGRATION WITH GOOGLE CALENDAR

Our software integrates with Google Calendar solely to allow our AI phone agents
to schedule appointments on behalf of our clients. We access this data with your
explicit consent and use it only for appointment scheduling. We do not transfer
or process this data using large language models.

15. AI PHONE AGENTS AND CALL RECORDINGS

With your explicit consent, conversations between our AI phone agents and your
customers may be recorded for quality assurance and service improvement. These
recordings are stored securely and accessed only by authorized personnel.

You may withdraw your consent for call recording at any time. Note that doing so
may limit certain software features, such as actions based on conversation data
analysis.

16. CHILDREN'S PRIVACY

Our Services are not intended for use by children under the age of 16. We do not
knowingly collect personal data from children under 16. If we become aware that
we have collected such data, we will take steps to delete it unless we have a
legal obligation to retain it.

17. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our
practices, technologies, legal requirements, or other factors. We will notify
you of any significant changes by posting the updated policy on this page and
updating the "Last Updated" date. We encourage you to review this policy
periodically.

18. SPECIFIC PROVISIONS FOR DIFFERENT JURISDICTIONS

18.1 European Union (GDPR)

For users in the EU, the GDPR applies to the processing of your personal data.
We will respond to requests to exercise your rights within one month, with the
possibility of a two-month extension where necessary. You have the right to lodge
a complaint with your local data protection authority.

18.2 Germany (DSGVO and TMG)

We comply with the BDSG, TMG, and DSGVO. We have appointed a Data Protection
Officer reachable at dpo@callin.io. You have the right to object to direct
marketing processing at any time, free of charge. For minors under 16, consent
must be given or authorized by a parent or guardian.

18.3 Spain (LOPDGDD)

We comply with specific requirements regarding data collection forms and consent
under the LOPDGDD, and adhere to the guidelines of the Spanish Data Protection
Agency (AEPD) regarding cookie usage and online tracking.

18.4 Italy (GPDP)

You have the right to lodge a complaint with the Italian Data Protection
Authority (Garante). We comply with the Italian Personal Data Protection Code
and the Garante's guidelines on cookies and online tracking.

18.5 United Kingdom (ICO)

References to GDPR in this policy should be understood as references to the UK
GDPR and the Data Protection Act 2018. You have the right to lodge a complaint
with the Information Commissioner's Office (ICO).

18.6 France (CNIL)

You have the right to define guidelines regarding the fate of your personal data
after your death, in accordance with French law. We comply with CNIL requirements
on cookie consent and data retention. You may lodge a complaint with the CNIL.

18.7 United States

California residents have additional rights under the CCPA and CPRA, including
the right to opt out of the sale of personal information and the right to request
deletion. To exercise these rights, contact us at ccpa@callin.io.

Nevada residents may opt out of the sale of certain personal information by
contacting us at nevada-privacy@callin.io.

Additional US provisions:

• We comply with the CAN-SPAM Act; all marketing emails include an unsubscribe
  option and are processed within 10 business days.

• We honor Do Not Track signals.

• Our services are not directed to children under 13; we do not knowingly
  collect data from children under 13.

• We implement reasonable security measures as required by applicable state law.

• In the event of a data breach, we will notify affected individuals and
  relevant authorities as required by applicable state law.

18.8 The Netherlands

We comply with the Dutch GDPR Implementation Act (UAVG). You have the right to
lodge a complaint with the Autoriteit Persoonsgegevens. We will respond to
rights requests within one month, extendable by two additional months.

18.9 Portugal

We comply with Law No. 58/2019 implementing the GDPR in Portugal. You have the
right to lodge a complaint with the CNPD. Responses to rights requests are
provided free of charge, unless manifestly unfounded or excessive. In the event
of a high-risk data breach, we will notify you without undue delay.

By using our Services, you acknowledge that you have read and understood this
Privacy Policy. If you do not agree with this policy, please do not use our
Services.

For any questions or concerns, contact us at: support@callin.io