Privacy Policy

1. Who we are

Open Lines Technologies Inc. ("we", "our", "us") provides an AI-powered voice receptionist platform that answers phone calls, captures lead information, and books appointments on behalf of businesses ("tenants"). This policy explains how we collect, use, and protect personal data when you interact with our platform — whether as a business that signs up to use Open Lines, or as a caller who speaks with an Open Lines AI agent.

Questions or requests regarding this policy can be sent to muaz91@hotmail.com.

2. Data we collect

From callers (people who call a business using Open Lines)

• Name and phone number — captured during the call to create a lead record for the business.
• Call transcript — a text record of the conversation, used to generate a summary and identify the caller's intent.
• Appointment details — date, time, and service type when a booking is made.
• Call metadata — call duration and timestamp.

From businesses (tenants)

• Business information — name, industry, phone number, and configuration preferences provided during onboarding.
• Google Calendar credentials — an OAuth refresh token, stored securely, used solely to check availability and manage appointments on your behalf.
• Knowledge base content — website content or uploaded documents used to train your AI agent.

3. How we use your data

We use the data we collect only to operate and improve the Open Lines service:

• Answer inbound phone calls and conduct AI-assisted conversations.
• Create and manage lead records in the tenant's dashboard.
• Check calendar availability and create, update, or cancel appointments in Google Calendar on the tenant's behalf.
• Send post-call summaries to the business via WhatsApp or SMS.
• Send appointment confirmation messages to callers.
• Generate and display call analytics in the tenant dashboard.

We do not sell personal data to third parties. We do not use caller data for advertising.

4. Google Calendar API

Open Lines integrates with the Google Calendar API to check a tenant's availability and create, modify, or delete calendar events on their behalf. Our use of Google Calendar data complies with the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We access Google Calendar data only to perform booking operations requested by the tenant.
• We do not store the content of existing calendar events — only the event IDs needed to cancel them during reschedules.
• We do not share calendar data with any third party.
• We do not use calendar data to serve advertisements.
• Tenants can disconnect their Google Calendar at any time, which invalidates our access.

5. Third-party services

We use the following services to operate the platform. Each processes data only as necessary to provide their function:

• Twilio — phone number provisioning and SMS delivery.
• Vapi — AI voice call processing and transcription.
• OpenAI — natural language processing for call summaries and lead extraction.
• Supabase — secure database storage for tenant and caller data.
• Pinecone — vector storage for the knowledge base powering each AI agent.
• Firecrawl — website scraping to build the initial knowledge base for each tenant.

6. Data retention

Call transcripts and lead records are retained for as long as the business account is active. Tenants can request deletion of their data and associated caller records at any time by contacting us at muaz91@hotmail.com.

When a tenant disconnects Google Calendar, the OAuth refresh token is deleted from our database immediately.

7. Data security

All data is stored in Supabase, which uses row-level security and encrypts data at rest. All communication between services uses HTTPS/TLS. Google OAuth tokens are stored encrypted and are never exposed to frontend clients. Access to production data is restricted to authorised personnel only.

8. Your rights

Depending on where you are located, you may have the right to access, correct, or delete personal data we hold about you. To exercise any of these rights, contact us at muaz91@hotmail.com and we will respond within 30 days.

9. Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of the platform after changes constitutes acceptance of the revised policy.

10. Contact

For any privacy-related questions or requests: