Privacy Policy

From you (the account owner / operator)

• Account identity: your name, email address, and any other identifiers tied to your sign-in (e.g., Google OAuth identity).
• Business profile: business name, business phone, business address, time zone, messaging hours, trigger configuration.
• Connected integration data: OAuth tokens for Google Calendar (encrypted at rest with a per-deployment Fernet key), Telnyx phone number assignment, OwnTracks ingest configuration.

From your end customers (through you)

• Contact details: name, phone number, email address, service address.
• Appointment metadata: time, title, status, notes, custom fields you choose to record.
• Inbound replies: the body and timestamp of any SMS or email replies your customers send to your Tellem-connected number or address.

From your field workers (through their devices)

• Identity: name, phone number, the per-worker tracker token you provision.
• GPS pings: latitude, longitude, accuracy, battery level, and timestamp reported by the OwnTracks mobile app while the worker has the app running. Pings outside the tracking window you configure are dropped at ingest and never stored.

Automatically

• Server logs: standard request metadata (IP address, user-agent, request path, timestamp) for security, debugging, and abuse prevention.
• Consent records: when you or a field worker accepts a legal document, we record the document slug, version, timestamp, IP address, and user-agent.

• To provide and operate the Service (deliver notifications, compute ETA, render the dashboard).
• To enforce safety controls (opt-out denylist, tracking-window gate, rate limits).
• To debug, monitor, and improve the Service.
• To comply with our legal obligations and respond to lawful requests.
• To communicate with you about the Service.

We do notsell your data or your end customers’ data. We do not use end-customer or field-worker data to train AI models.

We share information with the following sub-processors, each of which acts on our instructions under their own terms:

We may also disclose information when required by law, when necessary to investigate fraud or security incidents, or in connection with a business transfer (in which case we will provide notice).

• Account profile, configuration, message log: retained for the life of your account plus 30 days after deletion.
• Field worker GPS pings:retained for the number of days you configure (default 30, bounded 1–365). A nightly job purges older rows.
• Consent records: retained for the life of your account and a reasonable period after for audit purposes.
• Server logs: retained for up to 90 days.

You may request deletion of your account at any time by contacting us at support@tellem.ai.

You are the data controller for your end customers’ data. We act as your processor and handle their data only on your instructions. If an end customer contacts us directly with a privacy request, we will refer them to you.

We use Supabase’s at-rest encryption for the primary database. OAuth tokens are encrypted with a per-deployment Fernet key before storage. All client/server traffic is over TLS. Access to production is limited to authorized personnel. Row-level security policies confine each authenticated user’s data to their own account.

No system is perfectly secure. If we learn of a breach that materially affects your data, we will notify you without undue delay.

If you are a resident of a US state with applicable privacy law (e.g., Massachusetts 201 CMR 17.00, or any state with a consumer privacy act of general applicability), you may have the right to access, correct, or delete personal information we hold about you. To exercise these rights, contact us at support@tellem.ai.

We may update this Policy from time to time. When we publish a new version, we will require you to re-accept it on next login.

Questions about this Policy can be sent to support@tellem.ai.