Privacy Policy

This Privacy Policy applies to personal information we process through:

• Secretary Agent, including call screening, call forwarding, spam detection, call summaries, transcripts, recordings, notifications, caller handling, and related features.
• elAgent websites, mobile applications, user accounts, customer support, subscription management, billing, analytics, security, and operational systems.
• Beta, pilot, or limited-release features that we make available through Secretary Agent or related elAgent services, unless a separate privacy notice applies.

This Privacy Policy does not apply to third-party websites, apps, services, or integrations that we do not own or control. Their own privacy policies apply. When a third-party service is connected to elAgent at your direction, elAgent processes the connected data only as needed to provide the requested feature, subject to your permissions and settings.

The categories of personal information we collect depend on the account type, settings, permissions, and features you use.

Certain elAgent features may involve sensitive personal information, including audio, voice data, transcripts, contact information, call metadata, location if enabled, health-related information disclosed during a call, financial or insurance information disclosed during a call, government-related information disclosed during a call, and information about family members, household members, clients, patients, or other third parties.

We process sensitive information only where reasonably necessary to provide requested features, maintain safety and security, comply with law, support user requests, or with your consent where required.

We use personal information to:

1. 1.Provide the services. Route calls, screen calls, detect spam, converse with callers, transfer urgent calls, create summaries, generate transcripts, send notifications, manage accounts, and provide related features.
2. 2.Personalize user experience. Learn your preferences, contact rules, tone preferences, trusted contacts, screening instructions, and corrections so the services can become more accurate and useful over time.
3. 3.Operate AI features. Process speech, text, context, intent, urgency, sentiment, and user preferences to produce summaries, classifications, recommendations, notifications, and responses.
4. 4.Improve reliability and safety. Monitor performance, debug errors, reduce latency, detect misuse, prevent fraud, improve spam detection, and maintain service continuity.
5. 5.Support user control. Provide privacy controls, permissions, account settings, consent records, data access, export, correction, deletion, and opt-out mechanisms.
6. 6.Process payments and subscriptions. Manage billing, account status, refunds, credits, taxes, usage limits, premium features, and subscription access.
7. 7.Communicate with you. Send service notifications, security alerts, product updates, support messages, administrative messages, and, where permitted, marketing communications.
8. 8.Comply with law and enforce rights. Meet legal obligations, respond to lawful requests, enforce agreements, protect rights, and prevent harmful, unauthorized, or illegal activity.

elAgent services rely on AI systems to understand speech, text, context, intent, urgency, sentiment, and user preferences.

Certain features may record or transcribe phone calls or other communications.

You are responsible for using recording and transcription features lawfully. This may require notifying or obtaining consent from callers, meeting participants, employees, visitors, patients, clients, family members, household members, or bystanders, depending on applicable law and context.

We may provide tools such as recording indicators, consent prompts, announcements, mute controls, permissions, or administrative controls, but you remain responsible for configuring and using the services appropriately.

We may disclose personal information to the following categories of recipients.

We do not sell personal information in the ordinary meaning of the word.

We also do not knowingly sell or share personal information for cross-context behavioral advertising where prohibited by applicable law. If we later use advertising, analytics, or marketing technologies that constitute “sale,” “sharing,” or targeted advertising under applicable law, we will provide required notices and opt-out choices.

No personal information will be shared with third-parties or affiliates for sale, marketing, or promotional purposes.

We retain personal information for as long as reasonably necessary to provide the services, maintain user preferences, comply with legal obligations, resolve disputes, enforce agreements, protect security, and support legitimate business operations.

Retention periods may vary by data type and account settings. Examples include:

• Call recordings may be retained according to your selected settings, account configuration, or legal requirements.
• Transcripts, summaries, notes, action items, preferences, and call history may be retained while your account is active unless deleted or configured otherwise.
• Security logs, billing records, and fraud-prevention records may be retained for longer periods where needed.
• De-identified or aggregated data may be retained for analytics, security, and service-improvement purposes.

We will provide deletion, export, and retention controls where required by law and feasible for the service.

We use administrative, technical, and organizational safeguards designed to protect personal information. Depending on the product and deployment, these safeguards may include:

• Encryption in transit and at rest.
• Access controls and least-privilege permissions.
• Multi-factor authentication where supported.
• Role-based access control where supported.
• Audit and security logs.
• Security monitoring.
• Data-retention controls.
• Vendor security review.
• Incident-response procedures.
• Secure development practices.
• Security and privacy controls designed to support compliance obligations where applicable.

No system is perfectly secure. You are responsible for maintaining the confidentiality of your credentials, managing account permissions, configuring integrations carefully, and promptly notifying us of suspected unauthorized access.

Depending on your location, account type, and enabled features, you may have controls such as:

• Access, correct, export, or delete account information.
• Delete transcripts, summaries, recordings, notes, preferences, or call history.
• Turn call recording on or off where supported.
• Manage trusted contacts, blocked contacts, transfer rules, and screening rules.
• Disconnect integrations.
• Opt out of marketing communications.
• Control cookies and similar technologies.
• Request account deletion.

Some features may stop functioning if permissions are withdrawn.

Depending on your location, you may have rights to:

• Know or access the personal information we process.
• Correct inaccurate personal information.
• Delete personal information.
• Export or receive a portable copy of personal information.
• Restrict or object to processing.
• Withdraw consent where processing is based on consent.
• Opt out of sale, sharing, targeted advertising, or certain profiling where applicable.
• Appeal a denied rights request, where required by law.

To exercise privacy rights, contact us using the information in Section 22. You may also use any privacy request form, account setting, or in-app request mechanism we make available.

We may verify your request before responding. For business, team, or pilot accounts, we may direct you to the relevant organization if that organization controls the relevant data.

This section applies to California residents where the California Consumer Privacy Act, as amended, applies.

elAgent may process information in the United States and other countries where we, our service providers, or infrastructure providers operate. These countries may have privacy laws different from those in your location.

Where required, we use appropriate transfer safeguards, such as contractual protections, data-processing agreements, standard contractual clauses, international data-transfer addenda, adequacy mechanisms, or other lawful mechanisms.

For business, team, pilot, healthcare, finance, insurance, education, government, or other regulated use cases, additional agreements or controls may apply, including:

• Data Processing Agreements.
• Business Associate Agreements where HIPAA applies.
• Security addenda.
• Service-level agreements.
• Audit, logging, retention, deletion, residency, and access-control requirements.
• SSO, role-based access, multi-factor authentication, administrative, and compliance settings where supported.

If a conflict exists between this Privacy Policy and a signed agreement, the signed agreement controls to the extent of the conflict.

elAgent services are not intended for children under 13, or under the age required by applicable law, unless specifically provided through a parent, guardian, school, organization, care provider, or other authorized arrangement with appropriate consent and controls.

If we learn that we collected personal information from a child without required consent, we will take appropriate steps to delete it.

Features involving family assistance, education, household use, or care-related use must be configured and supervised by responsible adults where minors may be present.

elAgent services may assist with call screening, reminders, notifications, escalation, and related communication support where enabled. Unless expressly stated in a signed agreement, elAgent is not a medical device, emergency-response service, healthcare provider, or substitute for professional care.

Communications, notifications, escalation, and safety-related features may fail, be delayed, or be unavailable because of device failure, battery failure, connectivity problems, incorrect settings, third-party outages, or other limitations.

Our services may classify calls, detect spam, prioritize urgency, generate summaries, draft or suggest responses, recommend actions, or automate workflows.

These systems may make mistakes. Users should review important outputs before relying on them, especially for legal, medical, financial, employment, safety, emergency, or regulated decisions.

Where required by law or agreement, we will provide human-review mechanisms, escalation paths, audit logs, or controls over automated processing.

We may use cookies, SDKs, pixels, local storage, device identifiers, and similar technologies to:

• Keep users signed in.
• Remember settings.
• Operate apps and websites.
• Measure performance.
• Detect fraud and abuse.
• Analyze usage.
• Improve services.
• Support marketing where permitted.

You may be able to manage cookies through your browser, device, app settings, or consent tools.

The services may link to or integrate with third-party services such as app stores, payment providers, telephony providers, communication tools, analytics providers, support tools, or other services you authorize.

Your use of third-party services is governed by their own terms and privacy policies. elAgent is not responsible for third-party privacy or security practices.

We may update this Privacy Policy from time to time. When we make material changes, we will provide notice as required by law, such as by updating the “Last Updated” date, notifying users in the app, or sending an email.

Your continued use of the services after an updated Privacy Policy becomes effective means you acknowledge the updated policy, where permitted by law.

For privacy questions, requests, or concerns, contact:

• ELAGENT, INC.
• Privacy Contact: Privacy Team
• Email: legal@elagent.ai
• Website: elagent.ai