Privacy Policy

1. Who We Are

Tredovo ("Tredovo," "we," "us," or "our") operates an AI-powered SMS customer relationship management platform at tredovo.com. Our platform enables service businesses to automatically respond to missed calls via SMS using artificial intelligence.

For questions about this Privacy Policy, contact us at contact@tredovo.com.

Note: Tredovo is currently operating as an unincorporated business. This policy will be updated upon formal entity formation to reflect the legal entity name and registered address.

2. Information We Collect

2.1 Information You Provide Directly

• Account information: Name, email address, password when you create an account
• Business profile: Business name, industry, owner name, timezone, business hours
• Phone numbers: Your business phone number and the Tredovo-provisioned number assigned to your account
• AI configuration: Your customized AI opening message, lead collection preferences
• Billing information: Payment details processed securely through Stripe (we do not store full card numbers)
• Communications: Any messages, support requests, or correspondence you send us

2.2 Information Collected Automatically

• Usage data: Pages visited, features used, clicks, time spent, error logs
• Device and browser information: Browser type, operating system, IP address, referring URLs
• Cookies and similar technologies: Session tokens, preference cookies, analytics identifiers
• Log data: Server logs including timestamps, requests, and response codes

2.3 Information About Your Customers (End Users)

When your customers contact you and are routed through our platform, we process on your behalf:

• Phone numbers of callers
• SMS message content between your AI assistant and callers
• Information callers voluntarily provide during AI conversations (name, address, service needed, etc.)
• Call timestamps and metadata
• Opt-out requests and consent records

You, as the business owner using Tredovo, are the data controller for your customers' information. Tredovo acts as a data processor on your behalf. See our Data Processing Agreement for details.

3. How We Use Your Information

• Providing the service: Operating the platform, processing missed calls, sending AI-generated SMS responses, managing your pipeline
• Account management: Creating and maintaining your account, authenticating your identity, processing payments
• Communications: Sending transactional emails (account confirmations, receipts, alerts), responding to support requests
• Safety and compliance: Detecting and preventing fraud, abuse, and violations of our Terms of Service and Acceptable Use Policy; maintaining TCPA compliance records
• Product improvement: Analyzing usage patterns to improve features and performance (using aggregated, de-identified data)
• Legal obligations: Complying with applicable laws, responding to lawful requests from authorities

We do not use your data or your customers' data to train AI models for purposes beyond providing the Tredovo service.

4. AI Disclosure

Tredovo uses artificial intelligence (powered by OpenAI and potentially other providers) to generate SMS responses on behalf of businesses. When a customer contacts a business using Tredovo, their messages may be processed by AI systems to generate responses. Businesses using Tredovo are responsible for ensuring appropriate disclosure to their customers as required by applicable law.

We do not make automated decisions that produce legal or similarly significant effects on individuals using our AI features.

5. How We Share Information

We do not sell, rent, or trade your personal information. We share information only in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who help us operate Tredovo:

5.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or if we believe disclosure is necessary to protect the rights, property, or safety of Tredovo, our users, or the public.

5.3 Business Transfers

If Tredovo is acquired, merged, or its assets transferred, user information may be part of that transaction. We will notify you before your information is transferred and subject to a different privacy policy.

6. Data Retention

• Account data: Retained for the duration of your account plus 90 days after deletion request
• SMS conversation data: Retained for 2 years for compliance purposes, then deleted
• Opt-out records: Retained indefinitely as required by TCPA compliance
• Billing records: Retained for 7 years as required by tax law
• Log data: Retained for 90 days

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Request your data in a portable format
• Objection: Object to certain processing of your information
• Opt-out of sale: We do not sell personal information, but you may submit an opt-out request for the record

To exercise any of these rights, email contact@tredovo.com with "Privacy Request" in the subject line. We will respond within 45 days. We may need to verify your identity before processing requests.

7.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act. You have the right to know what personal information we collect, the right to delete, the right to opt-out of sale (we do not sell data), and the right to non-discrimination for exercising your privacy rights. To submit a California privacy request, contact contact@tredovo.com.

7.2 European Residents (GDPR)

If you are located in the European Economic Area, you have rights under the General Data Protection Regulation including the right of access, rectification, erasure, restriction of processing, data portability, and objection. Our legal basis for processing is legitimate interests (providing the service you requested) and contract performance. You may lodge a complaint with your local supervisory authority.

8. Cookies

We use essential cookies for authentication and session management. We use analytics cookies to understand how the platform is used. You can control cookies through your browser settings, though disabling essential cookies will prevent you from using the platform.

9. Security

We implement industry-standard security measures including:

• Encryption in transit (TLS/HTTPS) for all data
• Encryption at rest via Supabase's PostgreSQL encryption
• Row-level security ensuring users can only access their own data
• Regular security reviews and dependency updates
• Access controls limiting employee access to user data

In the event of a data breach affecting your information, we will notify you within 72 hours of discovery as required by applicable law.

10. Children's Privacy

Tredovo is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us immediately at contact@tredovo.com.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by email or by posting a prominent notice on our platform at least 30 days before the change takes effect. Continued use of Tredovo after changes constitutes acceptance of the updated policy.

12. Contact Us

For privacy questions, requests, or complaints:

• Email: contact@tredovo.com
• Subject line: "Privacy Request" or "Privacy Question"
• Response time: Within 45 days