Privacy Policy

Effective date: March 30, 2026

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, phone number, business name, and billing information.

Usage Data

We collect information about how you use the Service, including feature usage, session duration, device type, browser type, and IP address.

Client Data

You may enter client contact information, appointment records, notes, tags, and other business data into the Service. You control what client data you provide.

Call and Message Content

The Service processes phone calls, voicemails, and text messages on your behalf. Call recordings, voicemail transcriptions, and message content are stored to provide the Service and enable AI-powered features.

2. How We Use Information

  • Provide the Service: We use your data to operate Relay, including AI call handling, message routing, booking, and client management.
  • Improve AI: We use aggregated and anonymized usage patterns to improve our AI models. We do not use your client data or message content to train AI models shared with other customers.
  • Analytics: We use usage data to understand how the Service is used, identify issues, and improve performance.
  • Communication: We use your contact information to send account notifications, billing updates, and product announcements. You can opt out of marketing communications at any time.

3. Data Sharing

We do not sell your personal data or your clients' data to third parties.

We share data only with the following categories of third-party processors that help us operate the Service:

  • Cloudflare — hosting, CDN, and security.
  • Stripe — payment processing and billing.
  • Twilio — phone calls, SMS, and voice infrastructure.

We may also disclose data when required by law, to protect our rights, or in connection with a merger or acquisition.

4. Data Retention

We retain your account data for as long as your account is active. Client data, call recordings, and message history are retained according to your plan's retention settings (default: 90 days for recordings, indefinite for messages and client records).

After account termination, we retain your data for up to 30 days to allow for export, after which it is permanently deleted.

5. Security Measures

We use industry-standard security measures to protect your data, including TLS encryption in transit, AES-256 encryption at rest, access controls, and regular security audits. No method of transmission or storage is 100% secure, but we work to protect your data using commercially reasonable measures.

6. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Export: Export your data at any time in CSV format from your account settings.
  • Correction: Update or correct inaccurate personal data through your account settings.

To exercise these rights, contact us at privacy@kindfarm.online.

7. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will delete it promptly.

8. Cookies

We use essential cookies to operate the Service (authentication, session management). We use analytics cookies (PostHog) to understand usage patterns. You can disable non-essential cookies through your browser settings.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. Your continued use after changes take effect constitutes acceptance.

10. Contact

If you have questions about this Privacy Policy, please contact us at privacy@kindfarm.online.