Privacy Policy

Last updated: April 2026

This Privacy Policy explains how Dendrites Technologies Co, a Texas limited liability company ("CallWise," "we," or "us") collects, uses, and shares information when you use the CallWise AI service. It applies to our website, dashboard, and the phone calls our AI handles on your behalf.

1. Information We Collect

We collect the following categories of information:

• Account information: email address, business name, business address, industry, and phone numbers you register.
• Caller information: when a call is placed to your CallWise number, we record the caller's phone number and (if provided during the call) name, email, address, and any details shared with the AI.
• Call recordings and transcripts: we record and transcribe calls to produce reports and improve service quality.
• Payment information: payment card data is collected and stored directly by our payment processor, Stripe. We never see your full card number.
• Usage data: log entries, IP addresses, browser information, and dashboard activity for security and debugging.
• Cookies and similar technologies: we use first-party cookies for authentication and core site function; we do not sell behavioral advertising data.

2. How We Use Information

We use the information we collect to:

• Deliver the CallWise AI service — handle incoming calls, generate reports, send SMS follow-ups, and display analytics in your dashboard.
• Improve our AI models and conversation quality. Anonymized and aggregated call data may be used for training; we never use raw personal information for training without your consent.
• Send billing notifications, receipts, and service-related emails.
• Detect fraud, abuse, and TCPA violations.
• Comply with legal obligations — tax reporting, lawful requests from authorities, fraud investigation.

3. Who We Share Information With

We share information only with the following categories of third parties:

• Telecom carriers: Twilio (and other carriers we integrate with) handles voice call routing, SMS delivery, and caller ID lookup.
• Cloud infrastructure: Amazon Web Services (AWS) hosts the service, stores data, and runs transcription/AI inference.
• AI model providers: OpenAI and Google process the audio and text of calls in real time to produce AI responses. Calls are processed under provider terms that prohibit training on your data by default.
• Payment processor: Stripe handles billing, card storage, and tax. Stripe is a PCI-DSS Level 1 certified service provider.
• Email delivery: Amazon SES sends transactional and notification emails.
• Legal authorities: we may disclose information in response to lawful subpoenas or to protect the safety of our users and the public.

We do not sell personal information. We do not share data with advertising networks.

4. Data Retention

• Call records (metadata, transcripts, reports): 365 days after the call, then deleted.
• Call recordings: 30 days in "hot" storage for immediate retrieval, then moved to "cold" archive storage for 335 days, for a total of 365 days, then deleted.
• Billing records: 7 years, as required by US tax authorities.
• Account information: kept while your account is active. On account deletion, personally-identifying information is removed within 30 days except where required for legal, tax, or anti-fraud purposes.

5. Your Rights

You have the right to:

• Access the personal data we hold about you.
• Export your call records, recordings, transcripts, and account data in a machine-readable format.
• Delete your data — either specific records or your entire account.
• Correct inaccurate information in your account.
• Object to certain uses (such as improvement-of-service data sharing).

To exercise any of these rights, email us at privacy@dendritesai.com from the email associated with your account. We respond within 30 days.

6. Security

We take security seriously. Our measures include:

• Encryption at rest (AES-256) for all stored call recordings, transcripts, and business data.
• Encryption in transit (TLS 1.2+) for all network connections.
• Web Application Firewall (WAF) in front of our API and dashboard.
• Audit logging of administrative access and data access.
• Least-privilege access: employees only access customer data when investigating a support request you initiate.
• Annual security reviews and penetration testing.

No system is perfectly secure. In the event of a breach affecting your personal data, we will notify affected account owners within 72 hours of discovery.

7. Children

CallWise AI is a business-to-business service and is not intended for anyone under the age of 18. We do not knowingly collect personal information from minors. If you believe we have collected information from a person under 18, please email privacy@dendritesai.com and we will delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced by email to the account owner at least 30 days before taking effect. We'll also note the effective date at the top of this page.

9. GDPR and International Users

CallWise AI is operated from the United States. All data is hosted in US data centers. We do not currently offer service in the European Union or United Kingdom. If you are a resident of those jurisdictions and access the service anyway, you acknowledge that your data will be transferred to and processed in the United States.

10. Contact

Privacy questions: privacy@dendritesai.com
Legal questions: legal@dendritesai.com
General support: support@dendritesai.com