Privacy Policy
This Privacy Policy explains how Grippy Code, Inc. ("Grippy Code", "we", "us") collects, uses, shares, and protects information in connection with our services, including the AI Receptionist, websites, landing pages, and CRM (collectively, the "Services"). It applies to our clients ("you") and, where noted, to the callers and visitors who interact with the Services on your behalf.
1. Who is responsible for your data
For information about your own business account, Grippy Code is the controller. For the calls, messages, and contacts that flow through the Services on your behalf (for example, a caller's phone number captured by the AI Receptionist), you are the controller and Grippy Code acts as your processor — we handle that data only to provide the Services to you and under your instructions.
2. Information we collect
- Account information — name, business name, email, phone number, and login credentials.
- Billing information — plan, transactions, and billing contact. Card details are collected and stored by our payment processor (Stripe), not by us.
- Call & conversation data — for the AI Receptionist: caller phone numbers, call recordings and transcripts, captured lead details, quotes given, and booking information.
- CRM data — contacts, leads, notes, appointments, and any records you or your team create or import.
- Usage & technical data — log data, IP address, device/browser type, and product usage, used to operate and improve the Services and keep them secure.
- Website visitor data — for sites and landing pages we host for you, standard analytics and any details a visitor submits through a form.
3. How we use information
- Provide, operate, and maintain the Services, including answering calls, capturing leads, quoting, and booking.
- Process payments and manage subscriptions, minutes, and overages.
- Send service, security, and account communications.
- Provide support and respond to your requests.
- Monitor, secure, debug, and improve the Services, and prevent abuse and fraud.
- Comply with legal obligations.
4. Call recording & consent
The AI Receptionist may record and transcribe calls. Call-recording and consent laws vary by jurisdiction, and some require notifying or obtaining consent from all parties. You are responsible for ensuring the appropriate call-recording notice and consent are in place for the regions you and your callers are in. We provide configuration to help, but the legal obligation rests with you as the controller of your callers' data.
5. How we share information
We do not sell your personal information. We share it only with:
- Service providers (sub-processors) who help us run the Services — for example, cloud hosting, voice/telephony, AI model, email delivery, and payment providers. They may process data only to provide services to us.
- Your own team, according to the access you grant within your account.
- Legal & safety — when required by law, to enforce our Terms, or to protect the rights, safety, and security of Grippy Code, our clients, or the public.
- Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this Policy.
6. Third-party providers
The Services rely on third parties including, among others, our payment processor (Stripe), and voice/telephony and AI-model providers. Their handling of data is governed by their own privacy policies. A current list of key sub-processors is available on request at info@grippycode.com.
7. Data retention
We keep information for as long as your account is active and as needed to provide the Services, then for a reasonable period to meet legal, accounting, and dispute-resolution requirements. You can request deletion of specific records (such as a lead or a call recording) from your dashboard or by contacting us; some data may be retained where the law requires.
8. Security
We use administrative, technical, and organizational measures — including encryption in transit (TLS 1.3) — to protect information. No system is perfectly secure, and we cannot guarantee absolute security, but we work to protect your data and to notify you of material incidents as required by law.
9. Your rights
Depending on where you are, you may have rights to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to withdraw consent. To exercise these rights, contact info@grippycode.com. If you are a caller or visitor and want to exercise rights over data captured on a client's behalf, please contact that business (the controller); we will assist them as their processor.
10. International transfers
We may process and store information in countries other than yours, including the United States. Where required, we use appropriate safeguards for cross-border transfers.
11. Children
The Services are intended for businesses and are not directed to children. We do not knowingly collect personal information from children.
12. Changes to this Policy
We may update this Policy from time to time. Material changes will be communicated by email or in-app. Continued use of the Services after changes take effect means you accept the updated Policy.
13. Contact
Questions about this Policy or your data: info@grippycode.com.