Privacy Policy

1. Introduction

OhioVoiceAI ("we", "us", "our") operates AI-powered customer communication services. This Privacy Policy explains how we collect, use, store, and protect information when you use our services.

2. Information We Collect

Business Account Information: Business name, contact information, account holder details, billing information, and business details (industry, services, hours).

Training Data: Information you provide to train your AI agent, including FAQs, pricing, policies, service descriptions, brand voice preferences, and custom responses.

Conversation Data: Transcripts (text and voice), customer contact information captured during conversations, appointment data, lead qualification data, and conversation metadata (channel, timestamp, duration).

Voice Data: Phone conversations are processed in real-time via OpenAI's Realtime API. Audio is streamed directly between Twilio and OpenAI. We do not permanently store raw audio unless call recording is explicitly enabled.

Usage Data: Service usage statistics, feature usage patterns, error logs, and analytics data.

3. How We Use Information

We use collected information to: provide and operate the AI agent services, train and improve your AI agent's responses, generate analytics and reports, communicate about your account, improve the Services, and comply with legal obligations.

We do NOT use your business data or customer conversation data to train AI models for other customers, sell to third parties, or target advertising.

4. Third-Party Data Processing

Your data may be processed by: OpenAI (AI language model, voice processing), Twilio (phone calls, SMS), ManyChat (WhatsApp, Facebook, Instagram, TikTok messaging), Chatwoot (web chat, unified inbox), and EspoCRM (contact management). Analytics dashboards (Grafana, Superset) are self-hosted — your data stays on our servers.

5. Data Storage and Security

Data is stored on secure servers in the United States. We use PostgreSQL with encryption at rest, TLS/HTTPS encryption for all data transmission, role-based access control via OAuth 2.0/OIDC, multi-tenant architecture for data isolation between customers, and regular security monitoring.

6. Data Retention

Active accounts: Data retained for the duration of service. Conversation data: Retained unless you configure a shorter retention period. After termination: Data available for export for 30 days, then permanently deleted within 60 days. Backups: Purged within 90 days of deletion.

7. Your Rights

You have the right to: Access — request a copy of your data. Correction — update or correct your information. Deletion — request deletion of your data. Export — export your data in a standard format. Opt-out — disable specific data processing features. Restrict — limit how we process your data.

To exercise these rights, contact hello@ohiovoiceai.com.

8. GDPR Considerations

For users in the European Economic Area or United Kingdom: We process data based on contractual necessity and legitimate interest. Data may be transferred to the United States. You have additional rights under GDPR including the right to lodge a complaint with your local data protection authority.

9. Children's Privacy

OhioVoiceAI services are designed for businesses and are not intended for individuals under 18. We do not knowingly collect personal information from children.

10. Cookies and Tracking

Our website may use essential cookies for authentication and session management, and analytics to understand service usage. We do not use third-party advertising cookies or cross-site tracking.

11. Changes to This Policy

We may update this Privacy Policy with notice. Material changes will be communicated via email. Continued use after changes constitutes acceptance.

12. Contact

For privacy questions or data requests: hello@ohiovoiceai.com or visit ohiovoiceai.com.