Privacy Policy

AutoRev AI LLC (“AutoRev,” “we,” “us,” or “our”) explains how we collect, use, and protect your personal information when you use our services at autorev.ai and any related websites, applications, integrations, or phone numbers we operate (collectively, the “Services”).

We operate in two capacities: as a data processor for call recordings, transcripts, and customer interactions generated by AI receptionists we run on behalf of our business customers, and as a data controller for account, billing, and marketing data we collect directly from visitors and customers of AutoRev.

If you do not agree with this Policy, please do not use the Services. Questions can be directed to privacy@autorev.ai.

The categories of personal information we collect depend on how you interact with us.

Account Data

Name, email address, company name, phone number, and role, collected when you create an account, book a demo, request a free audit, or sign up for a trial.

Billing Data

Payment is processed by PCI-compliant third-party payment processors. We store only customer identifiers, subscription status, and invoice history. We do not store full payment card numbers or CVV codes on our systems.

AI Receptionist Configuration

Business name, service areas, hours of operation, scripts, pricing, FAQs, routing rules, booking logic, voice selection, and integration credentials you provide so we can configure your AI receptionist.

Call Data (Processed on Behalf of Our Customers)

When a caller dials a phone number routed to an AutoRev AI receptionist, we and our voice infrastructure providers process:

• Caller phone number, call start and end timestamps, call duration, and call direction (inbound or outbound).
• Audio recordings and AI-generated transcripts of the conversation.
• Information the caller provides during the call (name, address, service requested, appointment preferences, issue description).
• Appointment, quote, and disposition records written back to your connected CRM or field service management system.
• SMS messages sent and received through numbers we provision, including opt-in and opt-out records.

We act as a data processor for this call data. Our business customer is the data controller and is responsible for disclosing call recording to their callers where required by law, obtaining consent, and providing a privacy notice to their end users.

Lead and Marketing Data

When you submit a form, book a demo, request an audit, download a resource, or interact with our chat widget, we collect the information you provide plus referral source, UTM parameters, and form submission timestamp. If you consent to SMS or email marketing, we retain a record of that consent (timestamp, IP address, form text, and channel).

Usage and Technical Data

IP address, browser type, device type, operating system, pages visited, referral source, session duration, clicks, scrolls, API calls to your agent, agent actions, login history, error logs, and performance metrics.

Cookies and Similar Technologies

Authentication session cookies, analytics cookies, and limited advertising cookies set by our measurement and marketing partners. See our Cookie Policy for the full list and opt-out instructions.

We use personal information to:

• Provision, configure, and operate your AI receptionist.
• Route calls, book appointments, dispatch technicians, and write records to your connected systems.
• Process payments, issue invoices, and manage subscriptions.
• Monitor quality, detect abuse, prevent fraud, and debug issues.
• Improve voice models, transcript accuracy, routing logic, and booking flows using de-identified and aggregated data.
• Send transactional communications (receipts, deploy notifications, security alerts, service outages).
• Send marketing communications where you have opted in, with a clear opt-out link in every message.
• Comply with legal, regulatory, and tax obligations.

We do not use your account data or call data for third-party marketing and we do not sell personal information. We do not use call recordings or transcripts from your AI receptionist to train publicly available AI models.

For individuals in the European Economic Area, United Kingdom, and Switzerland, we process personal information on the following legal bases:

• Contract: processing necessary to deliver the Services you signed up for.
• Legitimate interests: fraud prevention, security, product improvement, direct sales to business contacts.
• Legal obligation: tax, accounting, and telecommunications compliance.
• Consent: marketing communications, non-essential cookies, and optional integrations.

We share personal information only with service providers who need it to operate the Services, and only under written data protection agreements. Categories include:

• Cloud hosting and infrastructure providers.
• Voice, telephony, and messaging infrastructure providers, including upstream carriers.
• Speech-to-text and large language model providers.
• Payment processors.
• Analytics, marketing automation, and customer communication platforms.
• Field service management and CRM platforms that you authorize us to integrate with on your behalf.
• Database and form submission infrastructure providers.
• Professional advisors (lawyers, auditors, accountants) under confidentiality obligations.

A current list of AutoRev’s subprocessors is available to customers under NDA on request to privacy@autorev.ai.

We do NOT sell your personal data to third parties, and we do not share call recordings or transcripts for advertising.

We may disclose information when required by law, subpoena, or court order, or to protect the rights, property, or safety of AutoRev, our customers, or the public.

AutoRev records and transcribes calls handled by the AI receptionist in order to deliver the service. If you are a business customer, you are responsible for confirming that call recording is permitted under the laws of the states or countries where your callers are located, and for providing any required disclosure at the start of the call (for example, in two-party-consent states such as California, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania, and Washington).

AutoRev’s default greeting includes language that notifies callers the call may be recorded. You may customize this disclosure, but removing it shifts all disclosure responsibility to you.

• Account data: duration of your subscription plus 90 days after termination.
• Call recordings and transcripts: default retention is 90 days; customers on eligible plans can configure shorter retention or request immediate deletion.
• Appointment and CRM write-back records: controlled by the customer’s CRM; AutoRev retains a copy for the duration of the subscription.
• Billing records: 7 years for tax compliance.
• SMS opt-in records: duration of the opt-in plus 4 years after opt-out, as required by TCPA and CTIA guidance.
• Audit logs: 2 years.
• Server logs: 90 days.
• Marketing data: until you unsubscribe, plus a suppression record to honor your opt-out.

You may request deletion at any time by emailing privacy@autorev.ai. We will honor the request within 30 days unless retention is required by law.

AutoRev’s infrastructure is primarily hosted in the United States. If you are located outside the United States, your information will be transferred to, stored, and processed in the United States. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses approved by the European Commission and on equivalent mechanisms with our subprocessors.

Depending on where you live, you may have some or all of the following rights:

GDPR (EEA, UK, Switzerland)

• Access to your personal information
• Rectification of inaccurate information
• Erasure (“right to be forgotten”)
• Restriction of processing
• Data portability
• Objection to processing
• Withdrawal of consent at any time
• Lodging a complaint with your local data protection authority

CCPA and US State Laws (California, Colorado, Connecticut, Virginia, Utah, and others)

• Right to know what personal information we collect
• Right to access and receive a copy
• Right to correct inaccurate information
• Right to delete
• Right to opt out of sale or sharing for cross-context behavioral advertising (AutoRev does not sell personal information)
• Right to limit the use of sensitive personal information
• Right to non-discrimination for exercising these rights

How to Exercise Your Rights

Email privacy@autorev.ai from the email address associated with your account. We may ask for additional information to verify your identity. We respond to GDPR requests within 30 days and CCPA requests within 45 days.

We protect your data with:

• TLS 1.2+ encryption in transit for all traffic.
• AES-256 encryption at rest for databases and backups.
• Role-based access control, least-privilege IAM, and MFA for all staff with access to production systems.
• Audit logging, anomaly detection, and periodic security reviews.
• Rate limiting, WAF rules, and DDoS protection.
• Isolated environments for development, staging, and production.
• Subprocessor due diligence and signed data processing agreements.

No method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we maintain a security program designed to reduce risk to a reasonable level and to respond quickly to incidents.

The Services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact privacy@autorev.ai and we will delete it.

When you consent to SMS from AutoRev, message frequency varies. Message and data rates may apply. Text STOP to unsubscribe and HELP for help. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. See our SMS Consent Policy for full terms.

Because no uniform industry standard for Do Not Track signals has been adopted, we do not currently respond to DNT browser signals. You can manage tracking through our cookie preferences and through browser settings.

We may update this Policy from time to time. When we make material changes, we will update the “Last updated” date and, where required by law, send email notice at least 30 days before the change takes effect. Continued use of the Services after the effective date constitutes acceptance of the updated Policy.

Privacy inquiries:

• Email: privacy@autorev.ai
• General support: support@autorev.ai

Postal address: