Privacy Policy

Sefia ("we", "us", or "our") operates the Sefia service (the "Service"), an AI-powered assistant that answers phone calls, sends and receives text messages, and schedules appointments on behalf of our customers. This Privacy Policy explains what information we collect, how we use it, and the choices you have.

By using the Service, you agree to the practices described here. If you do not agree, please do not use the Service.

1. Information we collect

1.1 Information you provide

When you create an account or configure Sefia, we collect:

• Account details — name, email address, phone number, business name, and billing information.
• Business configuration — services, hours, pricing, policies, and any instructions you provide to train Sefia.
• Connected accounts — credentials and metadata for the calendars, messaging tools, or other integrations you authorize.

1.2 Information from calls and messages

To deliver the Service, Sefia processes:

• Call audio and transcripts from incoming and outgoing calls handled by Sefia on your behalf.
• Text messages sent to and from your business line through Sefia.
• Caller information such as phone numbers, names, and any details a caller provides during the interaction.
• Appointment details created or modified by Sefia.

1.3 Information collected automatically

• Usage data — how you interact with the dashboard, including pages viewed, features used, and timestamps.
• Device and log data — IP address, browser type, operating system, and diagnostic information.
• Cookies and similar technologies — used for authentication, preferences, and analytics.

2. How we use information

We use the information we collect to:

• Operate, maintain, and improve the Service, including answering calls, sending messages, and scheduling appointments.
• Authenticate users, process payments, and provide customer support.
• Generate transcripts, summaries, and analytics for your own review.
• Detect, prevent, and respond to fraud, abuse, security incidents, or violations of our Terms.
• Comply with applicable legal obligations.

3. How we share information

We do not sell your personal information. We share it only as described below:

• Service providers. We work with vetted vendors for voice infrastructure, telephony, speech recognition, large language model inference, hosting, payments, and analytics. These providers process data only on our instructions and under contractual confidentiality and security obligations.
• Your integrations. When you connect a calendar or other tool, we share information with that service as needed to perform the action you requested.
• Legal and safety. We may disclose information when required by law, subpoena, or to protect the rights, property, or safety of Sefia, our users, or the public.
• Business transfers. If Sefia is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information becomes subject to a different privacy policy.

4. Calls, recordings, and consent

Sefia answers and may record calls placed to your business line. You are responsible for ensuring that callers are notified about recording and AI handling to the extent required by applicable law in your jurisdiction (for example, two-party consent states in the U.S.). On request, we can configure Sefia to play a disclosure at the start of each call.

5. Data retention

We retain call recordings, transcripts, and message content for as long as your account is active or as needed to provide the Service. You can delete individual records or request full deletion of historical data at any time from your dashboard or by contacting us. Some information may be retained in backups or as required by law for a limited period after deletion.

6. Security

We use industry-standard administrative, technical, and physical safeguards to protect your information. This includes encryption in transit (TLS), encryption at rest for sensitive fields, access controls, and regular security review. No system is perfectly secure, however, and we cannot guarantee absolute security.

7. Your rights and choices

Depending on where you live, you may have the right to:

• Access, correct, or delete personal information we hold about you.
• Object to or restrict certain processing.
• Request a portable copy of your information.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a data protection authority.

To exercise these rights, email us at [email protected]. We will respond within the time required by applicable law.

8. International data transfers

We are based in the United States and process information there and in other countries where our service providers operate. Where required, we rely on appropriate safeguards such as standard contractual clauses to transfer personal information internationally.

9. Children's privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date above and, for material changes, provide additional notice through the Service or by email.

11. Contact us

If you have questions about this Privacy Policy or how we handle your information, contact us at [email protected].