1. Who We Are
Captomi LLC ("Captomi," "we," "our," or "us") is a software company headquartered in the United States. We build AI-powered software products and workflow tools for businesses, including AI receptionist systems, lead-management tools, marketing automation, and finance workflow automation.
This Privacy Policy describes how Captomi collects, uses, shares, and protects personal information across websites, applications, products, and services operated under the Captomi brand, including but not limited to:
- The captomi.com website
- Captomi Office and related verticalized products
- Voice, SMS, and communication services operated by Captomi
- Captomi demos, trials, and support services
Some Captomi products may publish supplemental privacy disclosures specific to that product or industry use case.
2. Roles and Scope (Controller vs. Processor)
This section explains how Captomi handles personal information depending on the context of use.
2.1 Captomi as a Service Provider / Processor
When Captomi processes personal information on behalf of a business customer, Captomi acts as a service provider or processor under applicable privacy laws.
This includes situations where Captomi processes:
- Customer phone calls and call recordings
- SMS and MMS messages
- Call transcripts and summaries
- Appointment scheduling data
- Lead and contact information provided by the customer
- AI-generated outputs derived from customer communications
- Workflow automation data initiated by business customers
In these cases:
- The business customer is the controller/business
- Captomi processes data only on the customer's documented instructions
- Captomi does not determine the purpose of processing for that data
- Captomi does not use such data for its own independent purposes except as necessary to provide the service
2.2 Captomi as a Business (Controller)
Captomi acts as a controller/business when it collects and processes personal information for its own purposes, including:
- Website and product usage analytics
- Account creation and authentication data
- Billing and payment processing (via third parties)
- Sales and marketing communications
- Support interactions
- Security and fraud prevention
- Website cookies and tracking technologies
For this category of data, Captomi determines the purposes and means of processing.
3. Information We Collect (Captomi as Controller)
We collect personal information directly and indirectly in the following ways when acting as a business/controller.
(a) Information You Provide Directly
This may include:
- Name
- Email address
- Phone number
- Business name
- Business address
- Website
- Account credentials
- Billing and payment-related information
- Information submitted through forms, demos, support requests, or communications
Payment card data is processed by third-party payment providers. Captomi does not store full payment card numbers.
(b) Information Collected Automatically
We may automatically collect:
- IP address
- Browser and device information
- Operating system
- Device identifiers
- Usage and interaction data
- Referring URLs
- Approximate geographic location
- Cookie and analytics data
We use cookies and similar technologies for functionality, analytics, fraud prevention, authentication, and product improvement.
4. Information Processed on Behalf of Customers (Processor Data)
When providing voice, SMS, AI, or workflow automation services, Captomi processes data strictly on behalf of business customers.
This may include:
- Call recordings
- Call transcripts
- SMS and MMS message content
- Phone numbers and caller ID information
- Voicemail data
- Communication timestamps
- Appointment and scheduling data
- Customer-generated leads and contact records
- AI-generated summaries, classifications, and outputs
In these cases:
- The business customer determines what data is collected and why
- Captomi processes data only to provide the contracted services
- Captomi does not use this data for unrelated purposes
- Captomi acts as a service provider / processor under applicable law
Calls may be recorded or transcribed only after appropriate notice and consent where required by applicable law. Where Captomi acts as a processor, the business customer is responsible for providing such notice and obtaining such consent from call participants and message recipients.
5. How We Use Information
We use personal information (as a controller and processor) to:
- Provide, operate, and improve our services
- Authenticate users and verify phone numbers
- Send one-time passcodes (OTP)
- Route and manage phone calls and SMS communications
- Schedule appointments and service workflows
- Deliver customer support
- Process billing and payments
- Send service-related communications
- Detect fraud, abuse, and security incidents
- Monitor system performance and reliability
- Conduct analytics and internal research
- Comply with legal obligations
Captomi does not use customer voice recordings, SMS content, or transcripts processed on behalf of customers to train general-purpose AI models.
AI-generated outputs, summaries, and transcriptions may contain inaccuracies and should be reviewed before reliance.
6. SMS and Text Messaging
Captomi operates a consumer-initiated, conversational text messaging service. When you text or call the business first, an automated assistant replies by SMS to answer your questions and help you schedule appointments, and the business may send related confirmations and reminders. Your own message or call is what starts the conversation. Captomi does not use purchased lists and does not send unsolicited marketing messages.
Types of SMS messages we send include:
- Replies from the automated assistant answering your questions
- Messages that help you book, reschedule, or cancel an appointment
- Appointment confirmations
- Appointment reminders
Message frequency varies; about 2 to 10 messages per week during active scheduling.
Message and data rates may apply.
Reply STOP to opt out. Reply HELP for help.
Captomi LLC does not sell, rent, or share mobile phone numbers, SMS opt-in, or consent information with any third parties or affiliates for their own marketing or promotional purposes. This information is used solely to operate the messaging service the consumer requested.
Additional SMS terms apply and are available in our SMS Terms of Service at captomi.com/sms-terms. For how consumers opt in to this messaging, see our SMS Opt-In page at captomi.com/sms-opt-in.
7. How We Share Information
We share personal information only as described below.
(a) Service Providers and Subprocessors
We use third-party providers to operate our infrastructure, including:
- Google Cloud Platform — hosting and infrastructure
- Twilio — SMS and voice services
- Retell.ai — voice AI processing and call transcription
- Stripe — payments
- SendGrid — email delivery
These providers are contractually restricted from using data for their own purposes.
(b) Business Customers (Processor Data)
When Captomi processes data on behalf of a business customer:
- Data is shared with that customer and its authorized users
- Captomi does not control further use by the customer
- Customers are responsible for their own legal compliance
(c) Legal and Safety Disclosures
We may disclose information when required to:
- Comply with law or legal process
- Respond to government requests
- Protect rights, users, or systems
- Investigate fraud or security incidents
(d) Corporate Transactions
Personal information may be transferred in connection with mergers, acquisitions, or asset sales.
8. Sale or Sharing of Personal Information
Captomi does not sell personal information.
Captomi does not share personal information for cross-context behavioral advertising.
9. Data Retention
We retain personal information only as long as necessary for business, legal, and operational purposes.
Typical retention periods include:
- Voice recordings: ~180 days
- Call transcripts: ~6 months
- Authentication logs: ~30–90 days
- Account and billing records: up to 7 years
- Analytics data: up to 14 months
Retention may vary based on customer configuration or legal requirements.
10. Your Privacy Rights
Depending on your jurisdiction, you may have rights to:
- Access personal information
- Correct inaccurate information
- Delete personal information
- Restrict or object to processing
- Data portability
- Withdraw consent
To exercise rights, contact privacy@captomi.com.
We may verify your identity before responding.
If you are a California resident, see Section 10.1 below for additional disclosures and rights specific to California.
10.1 California Privacy Disclosures
This section provides additional disclosures required under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).
Categories of Personal Information Collected
In the past twelve months, Captomi may have collected the following categories of personal information, as defined under the CCPA:
- Identifiers — name, email address, postal address, phone number, account credentials, IP address, device identifiers
- Customer records — billing details, business name, business contact information
- Commercial information — records of services purchased and transaction history
- Internet or other electronic network activity — interactions with our website and products, cookies, referring URLs, usage data
- Geolocation data — approximate location derived from IP address
- Audio, electronic, or similar information — call recordings, voicemails, transcripts, and SMS message content (primarily processed on behalf of business customers)
- Professional or employment-related information — business role and affiliation
- Inferences — inferences drawn from the above to characterize preferences, behavior, or attributes
Sources of Personal Information
We collect personal information from:
- You directly (forms, demos, support requests, account signup)
- Automatically through your use of our website and products
- Service providers and subprocessors that operate our infrastructure
- Business customers, when processing data on their behalf
Categories of Third Parties
We disclose personal information to the categories of recipients identified in Section 7, including service providers and subprocessors, business customers (in processor contexts), legal and governmental authorities, and acquirers in corporate transactions.
Sensitive Personal Information
Captomi may process the following categories of sensitive personal information as defined under the CPRA:
- Account login credentials
- Contents of voice recordings, transcripts, and SMS messages, primarily processed on behalf of business customers
Captomi uses sensitive personal information only as reasonably necessary to provide the requested services, authenticate users, prevent fraud, and ensure security and integrity. Captomi does not use sensitive personal information to infer characteristics about consumers or for any purpose that would require offering a separate Right to Limit beyond these permitted purposes.
California Privacy Rights
If you are a California resident, you have the right to:
- Know what personal information we collect, use, disclose, and sell or share
- Request access to or a copy of personal information we hold about you
- Request correction of inaccurate personal information
- Request deletion of personal information
- Limit the use and disclosure of sensitive personal information
- Opt out of the sale or sharing of personal information (Captomi does not sell or share personal information for cross-context behavioral advertising)
- Be free from discrimination or retaliation for exercising your privacy rights
How to Submit a Request
To exercise California privacy rights, contact us using either of the following methods:
- Email: privacy@captomi.com
- Phone: (858) 988-3678
We will verify your identity using information reasonably necessary to confirm the request. We will respond within the timeframes required by California law.
Authorized Agents
You may designate an authorized agent to submit a request on your behalf. We may require:
- Written, signed permission authorizing the agent to act on your behalf, and
- Verification of your own identity directly with us
Non-Discrimination
We will not discriminate against you for exercising your California privacy rights, including by denying services, charging different prices, or providing a different level or quality of service.
11. Children's Privacy
Captomi services are intended for businesses and adults.
We do not knowingly collect information from children under 13.
12. Security
We use reasonable administrative, technical, and organizational safeguards including:
- Encryption in transit (TLS)
- Encryption at rest where appropriate
- Role-based access controls
- Audit logging
- Tenant isolation
- Monitoring and incident response
No system is completely secure.
Contact security@captomi.com if you suspect an issue.
13. International Data Transfers
Captomi operates in the United States. Data may be transferred to and processed in the U.S. or other jurisdictions where service providers operate.
14. HIPAA and Sensitive Data
Unless otherwise agreed in writing under a Business Associate Agreement (BAA), Captomi services are not intended for Protected Health Information (PHI) under HIPAA.
Customers are responsible for determining whether their use is subject to HIPAA or other regulated frameworks.
15. Changes to This Policy
We may update this Privacy Policy from time to time.
Material changes will be reflected by updating the "Last Updated" date.
Continued use of services after updates indicates acknowledgment of the updated policy.
16. Contact Us
- Email: privacy@captomi.com
- Security: security@captomi.com
- Phone: (858) 988-3678
- Mail: Captomi LLC, 2108 N St Ste N, Sacramento, CA 95816, United States
17. Business Customers (DPA)
A Data Processing Addendum (DPA) may be available for eligible business customers upon request.
Business customers are responsible for:
- Providing required notices
- Obtaining required consents
- Ensuring lawful use of Captomi services
- Configuring retention and messaging appropriately