Skip to main content

Privacy Policy

Last updated: March 18, 2026

1. Introduction

TRULNK LLC ("TRULNK," "we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI voice agent platform ("Service").

This policy applies to information we collect from our customers (businesses that use our Service) and from callers who interact with our AI agents on behalf of those customers.

2. Information We Collect

2.1 Customer Account Information

When you register for our Service, we collect:

  • Business name
  • Email address
  • Billing and payment information (processed securely by Stripe)
  • Account credentials (password is encrypted)

2.2 Agent Configuration Data

To customize your AI agent, we store:

  • Agent name, voice selection, and personality settings
  • Greeting messages and custom instructions
  • Business hours and scheduling preferences
  • Knowledge base documents and FAQs you upload
  • Calendar integration tokens (encrypted)

2.3 Call Data

When calls are processed through our Service, we collect and store:

  • Call recordings (audio files)
  • Voicemail recordings (when the AI agent is temporarily unavailable)
  • Call transcripts (text version of conversations)
  • Caller phone numbers
  • Call metadata (date, time, duration)
  • AI-generated call summaries
  • Sentiment analysis results

2.4 Automatically Collected Information

When you access our dashboard, we automatically collect:

  • IP address and device information
  • Browser type and operating system
  • Pages visited and features used
  • Date and time of access
  • Cookies and similar technologies (see Section 11)

3. How We Use Your Information

We use your information for the following purposes:

  • Provide the Service: Process calls, generate AI responses, record and transcribe conversations
  • Account Management: Create and manage your account, process payments, provide customer support
  • Service Improvement: Analyze usage patterns and enhance features
  • Communications: Send service updates, security alerts, and administrative messages
  • Security: Detect and prevent fraud, abuse, or unauthorized access
  • Legal Compliance: Comply with applicable laws, regulations, and legal requests

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

4.1 Service Providers

We use the following third-party service providers to operate the Service. These providers are contractually obligated to protect your data and use it only for specified purposes:

  • Twilio — Telephony, call routing, and phone number provisioning
  • Stripe — Payment processing and subscription billing
  • Supabase — Database, authentication, and file storage (US data centers)
  • Vercel — Web application hosting and analytics
  • Cloudflare — DNS, security, and content delivery
  • Resend — Transactional email delivery
  • Sentry — Application error monitoring
  • Betterstack — Uptime and infrastructure monitoring

Data is primarily stored and processed in United States data centers. We will update this list if we add or change service providers.

4.2 Legal Requirements

We may disclose your information if required by law, court order, or legal process, or to:

  • Comply with legal obligations
  • Protect our rights, property, or safety
  • Prevent fraud or illegal activity
  • Respond to government requests

4.3 Business Transfers

If TRULNK is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data becomes subject to a different privacy policy.

5. Data Retention

We give you control over how long your call data is stored:

  • Call recordings and transcripts: Retained according to the retention period you configure in your account settings. You can adjust this at any time from your dashboard.
  • Call metadata and summaries: Duration of your account
  • Account information: Until account deletion, plus up to 7 years for legal/tax purposes
  • Billing records: 7 years for tax and accounting compliance

Important: You are responsible for downloading call recordings and transcripts before they expire if you need to retain them longer.

6. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in transit (TLS/SSL) and at rest (AES-256)
  • Secure authentication with hashed passwords (passwords cannot be recovered or viewed by anyone, including TRULNK staff)
  • Row-level security policies in our database
  • OAuth tokens encrypted before storage
  • Regular security assessments
  • Access controls and audit logging

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data (subject to legal retention requirements)
  • Portability: Receive your data in a portable format
  • Restriction: Request limitation on processing
  • Objection: Object to certain processing activities
  • Opt-out: Opt out of marketing communications

To exercise these rights, contact us at privacy@trulnk.com. We will respond within 30 days (or sooner as required by applicable law).

8. Caller Data, AI, and Your Responsibility

We do not train or fine-tune AI models on your call recordings, transcripts, or caller data. Our AI models are pre-trained and their weights are never modified using your data. Your AI agent uses the information you provide — such as knowledge base documents, custom instructions, and business details — as contextual input at the time of each call, but this information is not used to retrain, fine-tune, or otherwise modify the underlying AI models. Call recordings and transcripts are stored solely for your review and are never used to train or improve AI models.

As a TRULNK customer, you are the data controller for information collected from your callers. This means:

  • You are responsible for providing privacy notices to your callers
  • You must handle data access, correction, and deletion requests from your callers
  • You must comply with applicable privacy laws for your callers' data
  • You should include appropriate disclosures about AI and call recording

TRULNK acts as a data processor for caller data, processing it only on your behalf to provide the Service.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: What personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt out of the sale or sharing of personal information
  • Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

We do not sell or share your personal information as defined under the CCPA/CPRA.

To exercise your California privacy rights, contact us at privacy@trulnk.com.

10. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

10.1 Legal Basis for Processing

We process your personal data based on:

  • Contract: Processing necessary to provide the Service you requested
  • Legitimate Interests: Improving our Service, security, and fraud prevention
  • Legal Obligation: Compliance with applicable laws
  • Consent: Where you have provided explicit consent

10.2 Your GDPR Rights

In addition to the rights listed in Section 7, you have the right to:

  • Withdraw consent at any time (where processing is based on consent)
  • Lodge a complaint with your local data protection authority

10.3 International Data Transfers

Your data is stored and processed in the United States. By using our Service, you acknowledge and consent to the transfer of your data to the United States, which may have different data protection laws than your country of residence. Where required by applicable law, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for such transfers.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Authenticate your session and maintain security
  • Preference Cookies: Remember your settings and preferences
  • Analytics: We use Vercel Analytics to understand how you use our Service and to improve it. Vercel Analytics is privacy-focused and does not use cookies for tracking

You can control cookies through your browser settings. Note that disabling essential cookies may prevent you from using certain features of the Service.

Do Not Track: We do not currently respond to Do Not Track (DNT) browser signals, as there is no industry-standard interpretation of this signal for web applications.

12. Children's Privacy

Our Service is intended for business use and is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly. If you believe we have collected information from a child, please contact us at privacy@trulnk.com.

13. Healthcare and HIPAA Notice

TRULNK is not currently HIPAA-compliant. We do not currently execute Business Associate Agreements ("BAAs") as defined under the Health Insurance Portability and Accountability Act ("HIPAA"). If you are a covered entity or business associate under HIPAA, you should not use TRULNK to process, store, or transmit Protected Health Information ("PHI") until TRULNK has achieved HIPAA compliance and a BAA has been executed between your organization and TRULNK.

We are actively working toward HIPAA compliance. Please contact us at legal@trulnk.com for updates on our compliance timeline.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service at least 30 days before the changes take effect. The "Last updated" date at the top indicates when changes were made.

Your continued use of the Service after the effective date constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

TRULNK LLC
Email: privacy@trulnk.com

For data protection inquiries from the EEA, you may also contact your local data protection authority.

Privacy Policy | TRULNK