Privacy Policy

Effective Date: September 01, 2025

1. Introduction

This Privacy Policy ("Policy") is established by FrontSail AI Inc. ("FrontSail AI," "Company," "we," "us," or "our"), a Canadian corporation with its principal place of business in Waterloo, Ontario, Canada. This Policy describes how we collect, use, store, process, disclose, and protect information, including personal information, obtained from users ("you" or "your") of our website (https://frontsail.ai), our AI voice agent services, and any related products or services (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read and understood this Policy and agree to the practices described herein. This Policy is incorporated into and subject to our Terms of Service.

We are committed to protecting your privacy and handling your data in an open and transparent manner. As an AI voice agent service provider, we take special care to ensure that voice data, call recordings, and conversation information are handled securely and in compliance with applicable privacy laws.

2. Information We Collect

2.1 Account Information

When you register for an account or use our Services, we may collect:

• Business name and contact information
• Name, email address, and phone number
• Billing address and payment information
• Account credentials and preferences
• Business industry and use case information

2.2 AI Voice Agent Data

Our AI voice agents collect and process the following data during phone calls:

• Audio Recordings: Voice recordings of calls handled by our AI agents
• Transcripts: Text transcriptions of conversations
• Call Metadata: Timestamps, call duration, phone numbers (caller and recipient), call outcomes
• Caller Information: Information voluntarily provided by callers during conversations (e.g., name, appointment details, inquiry type)
• Appointment and Booking Data: Scheduling information captured during calls

2.3 Technical and Usage Data

We automatically collect certain information when you interact with our Services:

• IP address and device identifiers
• Browser type and version
• Operating system
• Pages visited and features used
• Date and time of access
• Referring website or source
• Service performance and error data

2.4 Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve our Services:

• Essential Cookies: Required for basic website functionality
• Preference Cookies: Store your settings and preferences
• Analytics Cookies: Help us understand how visitors use our website
• Security Cookies: Protect your account and our systems

You may control cookies through your browser settings. Disabling certain cookies may limit functionality.

3. How We Use Your Information

3.1 Service Delivery

We use collected information to:

• Provide, operate, and maintain our AI voice agent Services
• Process and manage appointments, bookings, and customer inquiries on your behalf
• Handle billing, payments, and account management
• Provide customer support and respond to inquiries
• Send service-related communications and notifications

3.2 Service Improvement

We may use data to:

• Improve the accuracy and performance of our AI voice agents
• Enhance voice recognition and natural language processing capabilities
• Develop new features and services
• Analyze usage patterns and optimize user experience
• Conduct internal research and analytics

3.3 AI Model Training

3.4 Communications

We may use your contact information to:

• Send transactional messages about your account
• Provide product updates and announcements
• Share educational content and best practices
• Send promotional materials (with your consent)

You may unsubscribe from promotional communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

3.5 Legal and Safety

We may use information to:

• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Service and policies
• Protect our rights, privacy, safety, or property
• Prevent fraud and unauthorized access
• Respond to legal requests and government inquiries

4. Call Recording and Consent

4.1 Recording Notice

Our AI voice agents record calls for service delivery and quality assurance purposes. Callers are informed at the beginning of each call that the conversation may be recorded and monitored by AI. By continuing the call after this notification, callers consent to the recording.

4.2 Recording Access

Call recordings may be accessed by:

• Your Business: As our customer, you have full access to recordings of calls handled for your business
• FrontSail AI: For customer support, quality assurance, and service improvement purposes
• Third Parties: Only as required by law or with appropriate consent

4.3 Your Responsibilities

As a FrontSail AI customer, you are responsible for:

• Ensuring your use of our Services complies with applicable laws, including call recording consent requirements in your jurisdiction
• Informing your customers and website visitors about your use of AI voice agents
• Obtaining any additional consents required by law
• Complying with industry-specific regulations (e.g., healthcare, legal, financial services)

5. Data Sharing and Disclosure

5.1 Service Providers

We share information with trusted third-party service providers who perform services on our behalf. These providers are contractually obligated to protect your information and use it only for the purposes we specify.

Category	Purpose
Cloud Infrastructure	Data hosting and storage (AWS, GCP, Azure, LiveKit Cloud)
Voice AI Processing	Speech recognition, text-to-speech
Telephony	Call routing and phone services
Payment Processing	Billing and payments (Stripe)
Analytics	Usage analysis and improvement

5.2 Business Transfers

In the event of a merger, acquisition, financing, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

5.3 Legal Requirements

We may disclose information when required to comply with applicable laws, regulations, or legal processes; respond to lawful requests from government authorities; protect our rights, privacy, safety, or property; or detect, prevent, or address fraud, security, or technical issues.

5.4 Aggregated Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for business analytics, industry research, or marketing purposes.

6. Data Retention

We retain your information for as long as necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law.

Data Type	Retention Period
Account Information	Duration of account + 3 years
Call Recordings	90 days (configurable)
Call Transcripts	1 year (configurable)
Call Metadata	2 years
Billing Records	7 years (as required by law)
Analytics Data	2 years

You may request earlier deletion of certain data types by contacting us. Some data may be retained longer if required for legal, accounting, or audit purposes.

7. Data Security

We implement robust administrative, technical, and physical security measures to protect your information:

7.1 Technical Safeguards

• Encryption in Transit: All data transmitted to and from our Services uses TLS 1.2+ encryption
• Encryption at Rest: Data stored on our servers is encrypted using AES-256 encryption
• Access Controls: Role-based access controls limit who can access your data
• Infrastructure Security: Enterprise-grade cloud infrastructure primarily on AWS, with select services on GCP, Azure, and LiveKit Cloud
• Network Security: Firewalls, intrusion detection, and DDoS protection

7.2 Operational Safeguards

• Regular security assessments and vulnerability testing
• Employee security training and background checks
• Incident response procedures
• Secure software development practices
• Vendor security assessments

8. Your Rights and Choices

8.1 Access and Portability

You have the right to:

• Request access to personal information we hold about you
• Receive a copy of your data in a structured, commonly used format
• Know what information we have collected and how it has been used

8.2 Correction

You have the right to:

• Request correction of inaccurate or incomplete personal information
• Update your account information at any time through your dashboard

8.3 Deletion

You have the right to:

• Request deletion of your personal information, subject to legal and operational requirements
• Delete your account and associated data
• Request deletion of specific call recordings or transcripts

8.4 Objection and Restriction

You have the right to:

• Object to certain processing of your personal information
• Request restriction of processing in certain circumstances
• Opt out of marketing communications
• Opt out of AI training data usage

8.5 Exercising Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within 30 days. We may need to verify your identity before processing your request.

9. End-Caller Privacy Rights

Individuals who call businesses using FrontSail AI services ("End-Callers") also have privacy rights.

9.1 End-Caller Rights

End-Callers may:

• Request information about data collected during their call
• Request a copy of their call recording or transcript
• Request deletion of their call data
• File a privacy complaint

9.2 How End-Callers Exercise Rights

End-Callers should first contact the business they called. If the business is unable to assist, End-Callers may contact us directly at privacy@frontsail.ai with:

• The approximate date and time of the call
• The business name or phone number called
• A description of the request

We will work with the business to fulfill legitimate requests in accordance with applicable law.

10. Children's Privacy

Our Services are designed for business use and are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

If you believe we have collected information from a child, please contact us at privacy@frontsail.ai.

11. International Data Transfers

FrontSail AI is a Canadian company, but our Services utilize cloud infrastructure in various locations. Your information may be transferred to, stored, and processed in different countries where our service providers operate.

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by relevant authorities
• Data processing agreements with service providers
• Compliance with applicable cross-border transfer requirements

By using our Services, you consent to the transfer of your information as described in this Policy.

12. Third-Party Links and Services

Our website and Services may contain links to third-party websites, services, or integrations. This Policy does not apply to those third-party services, and we are not responsible for their privacy practices.

We encourage you to review the privacy policies of any third-party services you access through our platform.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

How We Notify You:

• Material changes will be communicated via email to the address associated with your account
• A notice will be posted on our website
• The "Last Updated" date at the top of this Policy will be revised

Your continued use of our Services after changes become effective constitutes acceptance of the updated Policy. If you do not agree with the changes, you should discontinue use of our Services.

14. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact us:

We aim to respond to all inquiries within 30 days.

14.1 Privacy Complaints

If you are not satisfied with our response to your privacy concern, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada:

For Quebec residents, you may also contact the Commission d'accès à l'information du Québec (CAI).

15. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the Province of Ontario and the federal laws of Canada applicable therein, without regard to conflict of law principles.

Any disputes arising out of or relating to this Privacy Policy shall be resolved exclusively in the courts located in Ontario, Canada.

16. Additional Information for Specific Jurisdictions

16.1 California Residents (CCPA/CPRA)

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know, delete, and opt-out of sale of personal information.

We do not sell personal information as defined under California law.

To exercise your California privacy rights, contact us at privacy@frontsail.ai.

16.2 European Economic Area (EEA) Residents

If you are located in the EEA, you may have additional rights under the General Data Protection Regulation (GDPR), including rights to access, rectification, erasure, data portability, restriction, and objection.

Our legal bases for processing include: performance of contract, legitimate interests, consent, and legal obligations.

---

FrontSail AI Inc.
© 2025 FrontSail AI Inc. All Rights Reserved.

This Privacy Policy was last updated on September 01, 2025.