Privacy Policy

Effective: July 4, 2026  ·  Offworkr

Offworkr takes privacy seriously. This policy explains what data we collect, how we use it, and how we protect it when you use our AI receptionist service.

1. Who This Covers

This policy covers two groups of people:

2. Data We Collect

From clients (your business):

From callers (people who call your number):

Important: We do not accept protected health information (PHI), legally privileged communications, or any data subject to HIPAA, GDPR special-category requirements, or equivalent regulations. Do not use this service in regulated industries that require such compliance.

3. How We Use Your Data

We do not sell your data to third parties. We do not use call content to train AI models.

4. Third-Party Service Providers

We share data with the following sub-processors only as necessary to deliver the service:

5. Text Messaging (SMS)

When enabled, the service may send text (SMS) messages on behalf of a client business - for example, to follow up with a caller whose call was missed, to confirm details, or to request a review after a completed service. Mobile numbers used for messaging are collected when an individual contacts, or is a customer of, a client business, or when a person provides their number directly.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Text messaging originator opt-in data and consent will not be shared with any third parties. Numbers are shared with our messaging carrier only to deliver the messages you have consented to, and are never sold or used for third-party marketing.

Message frequency varies. Message and data rates may apply. Reply STOP to opt out at any time; reply HELP for help.

6. Call Recordings

Call recordings are stored by Vapi.ai on their own infrastructure. We store a reference URL and display it in your dashboard - we do not store audio files in our own database. If you need a recording deleted, email us and we will request its removal from Vapi on your behalf.

Your responsibility: You are solely responsible for complying with all applicable call-recording consent laws in your jurisdiction before deploying the AI receptionist. Many US states require callers to be informed that a call may be recorded.

7. Data Retention

8. Security

All data is transmitted over HTTPS. Our database uses encrypted storage. Access to production data is restricted to service-level credentials not exposed to end users. We review security practices periodically. No system is completely secure - if you believe there has been a data breach, please contact us immediately at hello@example.com.

9. Your Rights

You may contact us to:

Email requests to hello@example.com.

10. Children

This service is intended for business use by adults. We do not knowingly collect personal data from individuals under 18 years of age.

11. Changes to This Policy

We may update this Privacy Policy. We will notify you by email at least 14 days before any material changes take effect. The "Effective" date at the top of this page always reflects the current version.