Callisi

Callisi

Privacy Policy

Effective Date:
Aug 1, 2024
Last Updated
Aug 28, 2025

1. INTRODUCTION

Callisi (“we,” “us,” or “our”) is a Software-as-a-Service (SaaS) platform and agency operated by Hyperdimensional LLC, a US-based company. We provide voice AI agent management and distribution services that enable companies to use their voice AI projects under their own brand.

This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our services, including our website, platform, and related services (collectively, the “Services”). We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

By using our Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

We collect information that you provide directly to us, including:

  • Account Registration Information: Name, email address, business name, business domain, phone number, and billing address
  • Integration Information: API keys for voice AI providers (Vapi, Retell AI, ElevenLabs), Stripe account API keys for billingintegration
  • Customer Account Information: Information about your customers’ accounts, including names and email addresses
  • Communications: Messages, feedback, and other communications you send to us

2.2 Voice Call Data

As a voice AI platform, we handle specific types of voice-related data:

  • Call Metadata: Call duration, timestamps, phone numbers, call status, and analytics data
  • Call Transcripts: We store links to call transcripts hosted by your voice AI provider, not the actual transcript content
  • Call Recordings: We store links to voice recordings hosted by your voice AI provider, not the actual audio files
  • End-User Information: Personal details collected during voice calls, including names, phone numbers, email addresses, and other information shared during conversations

2.3 Automatically Collected Information

We automatically collect certain information when you use our Services:

  • Usage Data: Information about how you use our Services, including features accessed, time spent, and user interactions
    Device Information: IP address, browser type, device type, operating system, and unique device identifiers
  • Fraud Detection: Device fingerprints and unique device identifiers, browser characteristics and technical specifications, account creation patterns and behavioral analytics, cross-account linking information for security purposes
  • Log Data: Server logs, error logs, and system performance data
  • Cookies and Tracking Technologies: Session cookies, Google Analytics cookies, and similar tracking technologies

3. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

3.1 Service Provision

  • Provide and maintain our voice AI services
  • Connect your voice AI provider accounts and display call data
  • Process billing and payment transactions through integratedStripe accounts
  • Manage customer accounts and user access controls

3.2 Platform Operations

  • Monitor and analyze platform performance and usage
  • Provide technical support and customer service
  • Detect, prevent, and address technical issues and security threats
  • Maintain and improve our Services

3.3 Analytics and Insights

  • Display call analytics and performance metrics from voice AI providers]
  • Generate usage reports and dashboard analytics
  • Analyze user behavior to improve platform functionality

3.4 Legal and Compliance

  • Comply with applicable laws and regulations
  • Respond to legal requests and prevent fraud
  • Enforce our terms of service and policies

3.5 E-mail Communications

From time to time, we may contact you via email for the purpose of providing announcements, promotional offers, alerts, confirmations, surveys, and/or other general communication. In order to improve our Services, we may receive a notification when you open an email from us or click on a link therein.

If you would like to stop receiving marketing or promotional related communications via email from us, you may opt out of such communications by clicking “unsubscribe” and replying “STOP”.

4. DATA SHARING AND DISCLOSURE

4.1 Third-Party Service Providers

We share information with third-party service providers who perform services on our behalf:

Service Provider

Purpose

Data Shared

Amazon Web Services (AWS)

Cloud infrastructure and hosting

All platform data for processing and storage

Voice AI Providers (complete list is available within our sub-processors list)

Voice AI services integration

API keys and call configuration data

Stripe

Payment processing

Billing configuration and pricing information

Google Analytics

Website analytics

Usage data and website interactions

Make.com / N8N

Internal automation

Account management data

GitHub

Code repository

Technical logs and development data

Verisoul

Fraud Detection

User &Device Info

Microsoft Clarity

User Activity Analytics

Usage data &app interactions

4.2 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

4.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction.

4.4 No Sale of Personal Information

We do not sell, rent, or trade your personal information to third parties for their direct marketing purposes.

5. DATA CONTROLLER VS. DATA PROCESSOR

5.1 Our Role as Data Processor

For voice call data and end-user interactions, we act as a data processor. We process this data on behalf of our agency clients (data controllers) by:

  • Displaying call data from voice AI providers on client dashboards
  • Providing frontend interfaces for call management
  • Facilitating billing management through integrated Stripe accounts

5.2 Our Role as Data Controller

For agency client account information and platform usage data, we act as a data controller and make decisions about how this data is processed.

6. DATA SECURITY

6.1 Security Measures

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption: Data in transit is encrypted using HTTPS/TLS protocols
  • Access Controls: Restricted access to personal information limited to authorized personnel
  • Infrastructure Security: Secure cloud infrastructure hosted on AWS with industry-standard security measures
  • Monitoring: Continuous monitoring for security threats and unauthorized access attempts
    Incident
  • Response: Established procedures for detecting and responding to security incidents

6.2 Voice Data Security

We do not store actual voice recordings or transcripts on our servers. We only maintain links to this data hosted by voice AI providers, reducing security risks associated with sensitive voice data.

6.3 Data Breach Notification

In the event of a data breach, we will notify affected users and relevant authorities in accordance with applicable laws, including GDPR requirements for notification within 72 hours.

7. DATA RETENTION

7.1 Retention Periods

  • Account Data: Retained for the duration of your account and immediately deleted upon account cancellation
  • Log Data: Retained for 7 days in CloudWatch logs
  • Backup Data: Retained for 7 days for disaster recovery purposes
  • Voice DataLinks: Retained according to your voice AI provider’s retention policies

8. INTERNATIONAL DATA TRANSFERS

Our servers are located in the United States through AWS infrastructure. When you use our Services, your information may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequate security measures for data protection
  • Compliance with applicable data transfer regulations

9. YOUR RIGHTS AND CHOICES

9.1 GDPR Rights (For EU Residents)

If you are located in the European Union, you have the following rights:

  • Access: Request access to your personal information
  • Rectification: Request correction of inaccurate personal information
  • Erasure: Request deletion of your personal information
    Portability: Request a copy of your personal information in a portable format
  • Restriction: Request restriction of processing under certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent where processing is based on consent

9.2 CCPA Rights (For California Residents)

If you are a California resident, you have the following rights:

  • Know: Request information about the categories and specific pieces of personal information we collect
  • Delete: Request deletion of your personal information
  • Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
    Non
  • Discrimination: Not receive discriminatory treatment for exercising your rights

9.3 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in Section 12. We will respond to your request within the timeframes required by applicable law.

10. COOKIES AND TRACKING TECHNOLOGIES

10.1 Cookies We Use

  • Session Cookies: Essential for platform functionality and user authentication
  • Google Analytics Cookies: To understand website usage and improve our Services
  • Future Marketing Cookies: We may implement Facebook Pixel and other marketing cookies in the future

10.2 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may limit your ability to use some features of our Services.

11. CHILDREN'S PRIVACY

Our Services are not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

For voice calls involving minors, our agency clients are responsible for ensuring appropriate consents and protections are in place according to applicable laws.

12. CONTACT INFORMATION

Data Protection Officer: Lynn Schulte-Kellinghaus
Email: team@callisi.com
Company: Hyperdimensional LLC
Service: Callisi

For privacy-related inquiries, data subject requests, or concerns about this Privacy Policy, please contact us at the above information. We will respond to your inquiry within 30 days.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by:

  • Posting the updated Privacy Policy on our website
  • Sending an email notification to registered users

Your continued use of our Services after any changes indicates your acceptance of the updated Privacy Policy.

14. GOVERNING LAW

This Privacy Policy shall be governed by and construed in accordance with applicable data protection laws, including GDPR for EU residents and CCPA for California residents. For users outside these jurisdictions, the laws of US shall apply.