Privacy Policy

We collect information in the following categories:

• Account information — your name, email address, and business details provided during onboarding.
• Call recordings and transcripts — audio is processed in real time to generate text transcripts. We do not store raw audio files; we store only the text transcript.
• Caller phone numbers — the phone numbers of people who call your business number.
• Usage data — dashboard activity, feature usage, and page views, collected via PostHog.
• Payment information — handled directly by Stripe. We never see or store your full card details.

• Providing and operating the AI receptionist service
• Sending call summary SMS messages and emails to business owners
• Improving product performance and fixing bugs
• Sending billing notifications and account alerts
• Complying with legal obligations

We share data with the following sub-processors to operate the service:

• Anthropic (Claude AI) — caller speech is sent to Claude to generate AI responses. Subject to Anthropic's privacy policy.
• Deepgram — caller audio is transcribed by Deepgram's speech-to-text API. Subject to Deepgram's privacy policy.
• ElevenLabs — AI responses are synthesized to speech by ElevenLabs. Subject to ElevenLabs' privacy policy.
• Twilio — phone calls and SMS messages are routed through Twilio. Subject to Twilio's privacy policy.
• Stripe — payment processing. Subject to Stripe's privacy policy.
• Clerk — user authentication. Subject to Clerk's privacy policy.
• Supabase / Railway — data storage and application hosting in the United States.

Rouso Answers processes inbound phone calls in real time to provide its service. Caller audio is streamed to our speech-to-text provider (Deepgram) and converted to a text transcript. We do not retain raw audio recordings; we retain only the text transcript and metadata (caller phone number, call duration, timestamps).

Federal law (18 U.S.C. § 2511) permits one-party consent for call recording and transcription. Many U.S. states have enacted stricter rules.

Default consent notice. Every Rouso Answers call begins with a notice substantially similar to:

"Thanks for calling [business name]. This call is handled by an AI assistant and may be transcribed for quality and service purposes. By continuing the call, you consent to transcription. Press 0 or say 'representative' at any time to speak with a person."

Business owners may customize their greeting in the dashboard but must not remove the transcription and AI-handling notice if their business operates in a two-party-consent jurisdiction. Doing so is a violation of these Terms and shifts all legal responsibility to the business owner.

Owner responsibility. You, the business owner, are independently responsible for complying with all applicable federal, state, and local call recording, transcription, and consent laws in every jurisdiction in which your business operates or in which your callers may be located. If you operate outside the United States, you are responsible for compliance with local wiretap, telecommunications, and data protection laws (including GDPR Articles 6 and 9 where applicable). Rouso Answers provides the technical means to deliver a consent notice; you remain the controller of how the service is configured and used.

Rouso Answers is an artificial-intelligence-based phone receptionist. We believe callers have the right to know when they are speaking with an AI, and we design the service accordingly:

• Automatic identification at call start. The default greeting explicitly states that the call is handled by an AI assistant. This notice plays before any conversation begins.
• Truthful response to direct questions. If a caller asks "Am I speaking with a person?" or any similar question, the AI is instructed to confirm that it is an automated assistant, not a human. The system prompt enforces this and cannot be configured by business owners to override it.
• Human transfer available at any time. Callers may request a human at any point in the conversation. The AI is required to honor such requests and transfer the call to the business's designated escalation number.
• No impersonation. The AI will not adopt a human name in a manner intended to deceive the caller, claim to be a specific real person, or deny that it is an AI when asked.
• Grounding. The AI is instructed to answer only from the business information and FAQs configured by the business owner. If it does not have the information needed, it offers to take a message instead of fabricating an answer.

California bot disclosure (SB-1001). For interactions with persons in California concerning a commercial transaction or election communication, California Business & Professions Code § 17940 et seq. requires clear and conspicuous disclosure that the communication is from a bot. Rouso Answers' default greeting and direct-question behavior are designed to satisfy this requirement. Business owners must not disable or alter this behavior.

Emerging AI laws. Several U.S. states (including Colorado SB24-205 and New York City Local Law 144 for related contexts) and the European Union AI Act impose additional disclosure or risk-management duties on AI systems. Rouso Answers operates as a general-purpose voice assistant for small businesses and is not intended for use in high-risk contexts (employment decisions, credit, healthcare diagnosis, law enforcement, or critical infrastructure). Use of the service for any such purpose is prohibited under our Terms of Service.

Caller rights. Callers who interact with a Rouso Answers receptionist may at any time:

• Request a human transfer (the AI honors this immediately)
• End the call
• Request that no transcript of the call be retained, by stating their request during the call or by emailing privacy@rousoanswers.com with the calling number and approximate time
• Request a copy of the transcript of any call they participated in, by emailing privacy@rousoanswers.com with verification information

Call transcripts are retained for 12 months from the date of the call. Messages and reservations are retained as long as your account is active. You may request deletion of any data by emailing privacy@rousoanswers.com. Upon account deletion, all associated data is permanently removed within 30 days.

All data is encrypted in transit (TLS 1.2+) and at rest. Our infrastructure runs on Railway and Supabase, both of which maintain SOC 2 Type II compliance. Access to production data is restricted to authorized personnel only.

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate data via your dashboard settings
• Request deletion of your account and all associated data
• Export your call data as CSV from the dashboard
• Withdraw consent at any time by canceling your subscription

To exercise any of these rights, email privacy@rousoanswers.com.

If you are located in the European Economic Area, you have rights under GDPR including data portability, the right to be forgotten, and the right to object to processing. If you are a California resident, you have rights under CCPA including the right to know, delete, and opt out of the sale of personal information. We do not sell personal information to third parties. To submit a data request, contact privacy@rousoanswers.com.

We may update this policy from time to time. We will notify you of material changes by email or via a banner in your dashboard. Continued use of the service after the effective date constitutes acceptance of the updated policy.

Questions or concerns? Email privacy@rousoanswers.com.