Effective date: [FOR COUNSEL: set on approval] · Last updated: 2026-07-03 (draft)
BoringSales operates an AI-powered appointment-setting service: our AI assistants place and answer phone calls and text messages on behalf of the businesses that hire us ("Clients"), hold conversations, and book appointments. This policy explains what personal information we handle, why, who sees it, how long we keep it, and the choices and rights you have. The Service is operated by [FOR COUNSEL: legal entity name; operating as "BoringSales"], based in Ontario, Canada, serving businesses in the United States.
Privacy contact / rights requests: support@boringsales.ai [PLACEHOLDER — confirm mailbox is live and monitored before publishing]
"An AI assistant called or texted me." You are a Lead — a customer or prospective customer of one of our Clients (or of BoringSales itself, if you filled out a form on our site). Your information reached us from that business or from a form or ad you submitted to them. Sections 2–4, 6–9, and 11–12 are about you. The fastest answers: to stop contact, text STOP (Section 8); to exercise privacy rights, email support@boringsales.ai (Section 9).
"I'm a business client (or evaluating becoming one)." Sections 2, 5, 6–7, and 10–15 are about you, and your contract's data-ownership and export terms (Terms of Service, Section 8) apply on top of this policy.
process personal information under that Client's instructions to provide the Service. The Client decides who to contact and owns the resulting data. Requests about that data can go to the Client or directly to us — we honor both (Section 9).
on boringsales.ai, and our Clients' account data, we decide how the information is used. (BoringSales uses its own platform for its own sales outreach, so if you submitted a form to us, we are both the platform and the business in Section 3.)
| Category | What, specifically |
|---|---|
| Identifiers | Name, phone number, email address, time zone |
| Lead details | What you told the business or its forms: service interest, project/business details, and similar free-text fields; lead source; tags |
| Consent record | The consent basis under which your contact info was provided (e.g., "form — express written," "demo request," "inbound call") and its timestamp |
| Messages | The full content of SMS conversations with the AI assistant, timestamps, and delivery status |
| Call recordings | Audio recordings of calls with the AI assistant |
| Call transcripts | Text transcripts of those calls |
| Appointments | Appointment times, status (booked, confirmed, cancelled, no-show), and reschedule history |
| Activity timeline | An event log of interactions on your record (form submitted, message sent, appointment booked, opt-out received, etc.) |
| Quality-control data | Grades and compliance flags our reviewers and automated checks derive from call recordings and transcripts (e.g., whether the recording disclosure played) |
We do not ask Leads for, and do not want: government ID numbers, financial account numbers, health information, or precise geolocation. Do not share such information with the AI assistant; if it appears in a conversation you initiate, it will be captured in the message log or recording like any other content.
consent to be contacted (the Client warrants this consent in our Terms).
on calls and in texts, and bookings you make on our booking pages or widgets.
We do not buy Lead data from data brokers and do not permit Clients to load purchased or scraped lists.
Company and contact details, brand settings, the approved business facts the AI is allowed to speak from, portal login phone numbers (portal login is by SMS magic link), hashed API credentials, audit logs of actions taken in the account, and — when card billing is live — billing details processed by Stripe (we never store card numbers).
manage appointments, send confirmations and reminders, and route conversations to a human when needed.
Section 7), grade them against a quality rubric, and automatically flag compliance issues such as a missing recording disclosure. This is how we keep the AI honest.
time), and per-contact "human takeover."
based on QC results.
What we do not do: we do not sell personal information; we do not share it for cross-context behavioral advertising; we do not use third-party advertising trackers on the Service's pages; and we do not use Lead conversations to train foundation AI models. [FOR COUNSEL: verify the model-training statement against Retell AI's and Cloudflare's current data-use terms before publishing — our own platform does not train on conversations, but the subprocessor terms must back the sentence.]
Calls with our AI assistants are recorded and transcribed. The assistant discloses the recording in its opening line on every call, and our compliance monitoring flags any call where that disclosure did not play. Recordings and transcripts are stored in our own storage (Section 10) and are accessible to us and to the Client whose campaign the call belonged to. [FOR COUNSEL: confirm opening-line wording also satisfies AI/bot disclosure statutes in the states that have them.]
Opt-out is honored at the phone-carrier level and in our systems; every scheduled follow-up for you is cancelled immediately.
using our platform, not only the one that messaged you.
can never make you contactable again (Section 11).
If you are a resident of California (CCPA/CPRA) or a state with a comparable privacy law (Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others), you may have the rights to:
including the categories collected, sources, and purposes (this policy's Sections 3–6 are our notice at collection).
fields, tags, messages, event history, and open opportunities, cancels upcoming appointments, and strips your name, phone, email, and time zone from the contact record. Opt-out suppression records are retained (that retention is what keeps you from being re-contacted) and limited records may be retained where the law requires.
exercising rights (for Leads, there is no service to deny — exercising rights costs you nothing).
personal information or use it for targeted advertising, so there is nothing to opt out of. For that reason we do not currently respond to Global Privacy Control signals. [FOR COUNSEL: confirm GPC posture and whether a "we do not sell" statement plus this explanation is sufficient in lieu of a "Do Not Sell or Share" link.]
How to exercise rights: email support@boringsales.ai with your name and the phone number or email the AI contacted. We verify requests by confirming control of that phone number or email. Authorized agents may submit requests with proof of authorization. We respond within 45 days (extendable once by 45 days with notice). If we deny a request, you may appeal by replying to our decision email with "Appeal" in the subject; appeals are reviewed by someone other than the original decision-maker and answered within 45 days. [FOR COUNSEL: confirm appeal windows per state — Virginia/Colorado-class statutes require a formal appeal process.]
If you are a Lead, we may act as a service provider for the Client that contacted you; where required, we will forward your request to that Client and assist them in honoring it. We honor requests either way — you do not need to figure out which business "owns" your record.
We share personal information only with the service providers below, only as needed to run the Service, and with the Client whose campaign your data belongs to. We do not sell it to anyone.
| Provider | Role | What they process |
|---|---|---|
| Cloudflare, Inc. | Hosting, database, object storage, and AI inference (the SMS assistant runs on Cloudflare Workers AI) | All Service data in transit and at rest; SMS conversation content during AI reply generation |
| Retell AI | Voice AI runtime (speech recognition, voice synthesis, call LLM) | Call audio, transcripts, and the lead details needed to conduct the call |
| Twilio Inc. | Telephony and SMS carrier; carrier-level opt-out | Phone numbers, message content, call routing metadata |
| Stripe, Inc. | Payment processing (Clients only; active only when card billing is enabled) | Client billing details; card data goes to Stripe directly, never to us |
| Meta Platforms (Conversions API) | Server-side ad conversion events — currently disabled; used only for Clients who run Meta ads, only when switched on for that Client | If enabled: hashed identifiers and conversion events (e.g., "appointment booked") tied to the Client's own ad campaigns [FOR COUNSEL: this requires its own disclosure and possibly consent treatment before activation — flag as a gating item for turning the feature on] |
| Slack Technologies | Internal operational alerting for our on-call staff | Alert messages about system health; these can include contact identifiers in operational context [FOR COUNSEL: confirm Slack should be listed, or scrub identifiers from alert payloads and drop it from this table] |
Retell AI and Cloudflare in turn use their own infrastructure and model subprocessors. [FOR COUNSEL: obtain and attach current subprocessor lists / DPAs from Retell, Twilio, Cloudflare, Stripe; decide whether to publish a change-notification mechanism for subprocessor updates.]
We may also disclose information if required by law, to enforce our Terms, or to protect the safety and rights of any person, and to a successor in a merger or acquisition (with notice on this page).
| Data | Retention |
|---|---|
| Messages and activity events | Live database for 90 days, then automatically archived nightly to encrypted object storage under the owning Client's account and removed from the live database |
| Contact records, appointments, pipeline records | For the duration of the Client relationship (they remain exportable and deletable throughout) |
| Call recordings and transcripts | Archived to object storage at call end; retained for the duration of the Client relationship [FOR COUNSEL + STEVE: no automatic expiry exists today — set a cap (e.g., 24 months) or confirm relationship-length retention] |
| Database backups | Nightly encrypted snapshots, automatically deleted after 60 days; a daily backup mirror is also kept on operator-controlled storage as a disaster-recovery measure and pruned on the same schedule [FOR COUNSEL: confirm the off-platform mirror's description and safeguards] |
| Opt-out (do-not-contact) records | Retained indefinitely, by design — deletion of a person must never make them contactable again |
| Consent records | For as long as the underlying contact exists, plus any period needed to demonstrate compliance [FOR COUNSEL: set statute-of-limitations-based minimum, TCPA is 4 years] |
| Client account and billing records | Life of the account plus what tax and accounting law requires |
When a Client leaves, they can take a complete export (JSON, CSV, MP3, plain text) and request deletion of their data from live systems and scheduled backups within 30 days, except opt-out records and legally required retention. Deleted individual contacts are purged and tombstoned as described in Section 9.
The Service's application pages use the minimum possible:
qcs) on the call-review pages, HttpOnly and Secure, expiringafter 24 hours — it keeps a logged-in reviewer logged in. It is not used for tracking.
(24-hour) session token after login and interface preferences (such as which client view is selected). These never leave your browser except to authenticate you to us.
surfaces (dashboard, portal, booking pages, forms).
Because none of this is advertising or cross-site tracking, there is no cookie-consent banner on application pages. [FOR COUNSEL: the public marketing site at boringsales.ai is being migrated to this stack — confirm the marketing site's analytics posture at cutover and update this section if any analytics tool is added.]
infrastructure provider.
24-hour sessions; the client portal uses SMS magic-link login.
enforced centrally, and cross-tenant access attempts simply return "not found."
that performed it.
public links.
No system is perfectly secure; if we learn of a breach affecting your personal information we will notify affected Clients and individuals as applicable law requires. [FOR COUNSEL: breach-notification clock differs by state; PIPEDA requires real-risk-of-significant-harm notification to individuals and the Privacy Commissioner — confirm incident-response plan language.]
BoringSales is operated from Ontario, Canada; the platform and its data are hosted on Cloudflare infrastructure with processing primarily in the United States. For any Canadian individuals whose information we handle, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA): we process personal information with consent obtained by the responsible business, limit use to the purposes described here, and provide access and correction on request via support@boringsales.ai. By interacting with a Service that operates across the Canada–U.S. border, information may be processed in either country and be subject to lawful access requests there. [FOR COUNSEL: confirm whether CASL (for any commercial electronic messages to Canadian recipients) needs treatment — the Service currently targets U.S. leads only.]
The Service is business-to-business and contacts adults about home services. It is not directed to anyone under 18, and we do not knowingly collect information from children under 13. If you believe a child's information reached us, email support@boringsales.ai and we will delete it.
We may update this policy as the Service evolves. Material changes will be announced to Clients by email or dashboard notice at least 14 days before taking effect, and the current version with its effective date is always at /legal/privacy.
Email: support@boringsales.ai [PLACEHOLDER] Postal: [FOR COUNSEL: registered address of operating entity, Ontario, Canada] Rights requests and appeals: see Section 9.