Privacy Policy

Account data: When you create an account, we collect your email address and profile information through Supabase Auth.

Caller profile: If you use AI Calling, we store your display name, website, and caller context that you provide. These are used to identify you on AI calls and voicemail greetings.

Phone numbers: We store information about your purchased phone numbers (including Twilio SID, capabilities, region, and country) and any verified caller IDs you add.

Call records: We maintain call logs including from/to numbers, duration, timestamps, and Twilio call SID for your account history.

Call recordings: When you enable call recording on outbound calls or AI calls, dual-channel audio is recorded by Twilio and stored on their servers. We store a reference to the recording and provide playback through our app.

Call transcripts: When you record a call, the audio is automatically sent to a third-party speech recognition service (Deepgram) for transcription. We store structured transcripts including speaker identification, text, and timestamps alongside the call record.

Call screening data: When call screening is enabled, we store the screening interaction data including the caller's stated identity and intent, a conversation identifier, and timestamp.

Call forwarding: If you configure call forwarding, we store your forwarding phone number and enabled/disabled preference on your profile.

Location data: When you make or receive calls, we may collect your device's GPS coordinates to associate a location with the call record. Location data is used to display your calls on the Call Map feature. Location collection requires your permission and can be disabled through your device's system settings.

SMS content: We store message bodies, sender/recipient numbers, timestamps, and delivery status for messages sent and received through the service.

Consent records: We maintain SMS consent status and timestamps to comply with telecommunications regulations.

Voicemail: We store voicemail recordings, transcriptions, duration, and caller information for voicemails left on your VeraDial number. Voicemail audio is recorded and transcribed by Twilio.

Voicemail greetings: If you create a custom voicemail greeting, we store the greeting audio file. For AI-generated greetings, we also store the text you write and the voice you select; audio is generated by a third-party AI provider (ElevenLabs). For recorded greetings, your uploaded audio is converted to MP3 format on our server. All greeting audio is stored in cloud storage (Supabase Storage).

AI Call data: When you use AI Call, we store the phone number called, your call goal and notes, call duration, the AI provider used, and the full conversation transcript and summary generated by the AI agent. If you enable recording on an AI call, the recording is stored by Twilio and referenced in your account. Call audio is processed in real-time by the selected AI provider (ElevenLabs, OpenAI, Google, or xAI) and is not stored by VeraDial.

Contact memory: If enabled (on by default, toggleable in Profile > Contact Memory), we generate a rolling AI summary for each phone number you interact with, using your call transcripts, voicemail transcriptions, AI call transcripts and summaries, and SMS message content from your own account. Summaries, a suggested next-call goal, and the phone number are stored in your account. Summarization is performed by a third-party AI provider (Google Gemini). When Contact Memory is disabled, existing summaries are not read and new summaries are not generated; summaries are deleted if you disable the feature permanently or delete your account.

Push notification tokens: We store device push tokens to deliver notifications to your device. Tokens are automatically deleted when you sign out or your session expires.

Billing: Purchase and subscription history is managed through RevenueCat and the App Store. We store your subscription status, billing period, and credit balance. We do not store payment card details directly.

Error and crash data: We collect error reports and crash data through Sentry to diagnose and fix issues with the app. This may include device information, OS version, and stack traces. No message content or call audio is included in error reports.

We share data with the following third-party services as necessary to provide VeraDial's features. Each service processes only the data required for its specific function.

Twilio: Voice calls, SMS delivery, phone number provisioning, call recording, and voicemail recording and transcription. Twilio processes call audio and message content. Twilio Privacy Policy

Supabase: Authentication, database hosting (US-West-2 region), and file storage for voicemail greeting audio. Supabase Privacy Policy

RevenueCat: In-app purchase management and subscription tracking. RevenueCat Privacy Policy

ElevenLabs: AI voice processing for three features: (1) AI Call — call audio and your instructions are processed to generate the AI agent's responses; (2) Call Screening — inbound call audio is processed to identify the caller; (3) Voicemail Greetings — your greeting text is converted to speech audio. ElevenLabs receives call audio during AI calls and screening interactions. ElevenLabs Privacy Policy

OpenAI: AI voice processing for AI Call. When OpenAI is selected as the AI provider, call audio and your instructions are processed in real-time by OpenAI's Realtime API to generate the AI agent's responses. OpenAI receives call audio during the conversation. OpenAI Privacy Policy

Google (Gemini): AI processing for two features: (1) AI Call — when Gemini is selected as the AI provider, call audio and your instructions are processed in real-time by Google's Gemini Live API to generate the AI agent's responses; (2) Contact Memory — text from your call transcripts, voicemail transcriptions, AI call summaries, and SMS messages is sent to Google's Gemini API to generate per-contact summaries. Google receives this content only when the corresponding feature is used. Google Privacy Policy

xAI (Grok): AI voice processing for AI Call. When xAI is selected as the AI provider, call audio and your instructions are processed in real-time by xAI's Grok API to generate the AI agent's responses. xAI receives call audio during the conversation. xAI Privacy Policy

LiveKit: Real-time audio routing and SIP connectivity for AI calls. When LiveKit transport is used, call audio is routed through LiveKit's infrastructure to connect the AI agent with the phone call. LiveKit processes call audio in transit but does not store it. LiveKit Privacy Policy

Google Maps: The Call Map feature uses Google Maps to display your call locations. When you use Call Map, Google receives map tile requests and your viewport region. Google Maps is subject to Google's Privacy Policy.

Deepgram: Speech-to-text transcription for recorded calls. When you record a call, the audio is sent to Deepgram for automatic transcription. Deepgram Privacy Policy

Sentry: Error tracking and crash reporting. We send error reports and diagnostic data to Sentry to identify and fix technical issues. Sentry does not receive message content or call audio. Sentry Privacy Policy

Expo: Push notification delivery. Device push tokens are sent through Expo's push notification service, which routes them to Apple Push Notification service (APNs) or Firebase Cloud Messaging (FCM) for delivery to your device. Expo Privacy Policy

Vercel: Website hosting and analytics. We use Vercel Analytics and Speed Insights to understand website performance. These tools collect anonymous usage data and do not use cookies for tracking. Vercel Privacy Policy

Apple / Google: App distribution and payment processing via the App Store and Google Play Store.

VeraDial sends push notifications for incoming messages, new voicemails, missed calls, AI call completions, and low credit balance alerts.

For your privacy, notifications display only the sender or caller number — no message content, voicemail transcriptions, or AI summaries appear on your lock screen.

You can disable notifications at any time through your device's system settings. Push tokens are stored on our server and are automatically deleted when you sign out or your session expires.

We use industry-standard measures to protect your data, including encryption in transit (TLS/HTTPS), authenticated API access, and secure credential storage. Authentication tokens are validated using public-key cryptography (ES256 via JWKS).

While we take reasonable steps to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

Your data is stored and processed in the United States (US-West-2 region, Oregon). If you are located outside the United States, your data will be transferred to and processed in the United States. By using VeraDial, you consent to this transfer.

Our third-party service providers may process data in their own data centers, which may be located in different regions. See Section 3 for details on each provider.

California residents (CCPA): You have the right to know what data we collect, request deletion, and opt-out of the sale of personal information. We do not sell your personal data.

Canadian residents (PIPEDA): You have the right to access your personal information held by VeraDial, challenge its accuracy, and withdraw consent for its collection, use, or disclosure. We collect and use personal information only for purposes that a reasonable person would consider appropriate.

EU/EEA residents (GDPR): You have the right to access, rectify, erase, and port your data.

To exercise your rights, email support@veradial.com.

VeraDial is NOT a replacement for traditional phone service. 911 and emergency calling is not supported. Do not rely on VeraDial for emergency communications.