Privacy Policy

Last updated: March 31, 2026

Revenue Systems AI ("we," "our," or "the Company") operates the revenuesystems.ai platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By accessing or using the Service, you agree to the terms of this Privacy Policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your name, email address, and password. If you create or join an organization, we also collect your organization name, business address, phone number, website, industry, and timezone.

1.2 Lead and Contact Data

Our Service processes lead and contact information submitted by your customers or received through integrated webhooks and lead forms (including Facebook Lead Ads). This may include:

Name, phone number, and email address
Street address, city, state, ZIP code, and GPS coordinates
Service requests, comments, and referral source
Custom fields and tags defined by the business
Interaction history: first contact, last contact, and service dates

1.3 Communication Data

We collect and store data from communications facilitated through the Service:

Voice Calls: Call recordings (audio files), AI-generated transcripts, call duration, call outcomes, ended reason, AI-generated summaries, and structured data extracted from conversations (e.g., appointment times, pricing)
SMS Messages: Message content, delivery status, timestamps, sender/recipient information, and AI-generated conversation summaries
Email: Owner notification emails and invoice delivery emails including recipient address, subject, and content

1.4 Property and Research Data

When our AI research agent runs, we collect publicly available property data through third-party APIs, including: square footage, number of stories, bedrooms, bathrooms, year built, lot size, roof type and pitch, construction materials, tax assessed value, estimated market value, and GPS coordinates. We may also retrieve Google Street View images of the property for AI vision analysis.

1.5 Payment Information

Payment processing is handled by Stripe. We do not store your full credit card number or bank account details on our servers. We retain Stripe customer IDs, payment method references, transaction records, credit balances, and invoicing data (amounts, descriptions, line items, due dates, payment status) to manage your account and facilitate customer billing through Stripe Connect.

1.6 Event and Usage Data

We log platform events to operate and improve the Service. Events include lead lifecycle activity, call and SMS outcomes, research results, booking activity, invoice status changes, engagement state changes, and automation execution details (duration, steps, cost, tool calls). Events may contain metadata such as channel, actor type, severity, and structured payloads. We also collect AI model usage, token counts, API call volumes, and credit consumption.

1.7 Cookies and Tracking Technologies

We use the following cookies and tracking technologies:

Authentication cookies (Supabase) — Session management and secure login. Expires after 1 year or on logout.
Theme preference cookie — Stores your light/dark mode selection. Persistent.
Facebook Pixel — Tracks page views and conversion events (e.g., demo requests) for advertising measurement. You can opt out via Facebook's ad settings.
Vercel Analytics — Collects Core Web Vitals and page performance data. No personally identifiable information is collected.
Microsoft Clarity (when enabled) — Session replay and heatmap analytics to understand user behavior. May record mouse movements, clicks, and scrolling.

2. How We Use Your Information

Provide the Service: Facilitate AI-powered voice calls, SMS conversations, property research, appointment scheduling, and invoicing on behalf of your business
Process Payments: Manage credits, process deposits, track usage costs, and facilitate customer invoicing through Stripe Connect
Improve AI Performance: Analyze call outcomes, conversation patterns, and automation effectiveness to improve our AI models and service quality
Send Notifications: Deliver call summaries, lead alerts, booking confirmations, and system notifications to business owners via email
Provide Support: Respond to your inquiries and resolve technical issues
Ensure Security: Detect and prevent fraud, abuse, and unauthorized access
Marketing Measurement: Measure the effectiveness of our advertising via Facebook Pixel conversion tracking

3. Third-Party Service Providers

We use the following third-party services to operate our platform. Each processes data in accordance with their own privacy policies:

Provider	Purpose	Data Shared
Supabase	Database, authentication	All platform data
VAPI	AI voice calling	Customer name, phone, address, service context, AI prompts
Deepgram	Speech-to-text (via VAPI)	Call audio for transcription
Twilio	SMS messaging	Phone numbers, message content
OpenRouter	AI language models	Conversation context, customer details, prompts
RapidAPI	Property data lookup	Property addresses
Google	Street View, Calendar, Maps	Addresses, coordinates, appointment details
Stripe	Payments, invoicing	Customer name, email, payment method tokens
Resend	Email delivery	Recipient email, notification content
Facebook	Lead Ads, Pixel analytics	Lead form data, page view events
Vercel	Hosting, performance analytics	Page performance metrics (no PII)

4. Data Sharing

We do not sell, rent, or trade your personal information or your customers' personal information to third parties for marketing purposes. We share data only with the third-party service providers listed above, solely to provide and improve the Service. We may also disclose information if required by law, legal process, or to protect our rights, privacy, safety, or property.

5. Multi-Tenant Data Isolation

Our platform operates on a multi-tenant architecture. Each organization's data — including contacts, conversations, messages, call recordings, and integration credentials — is logically isolated. Organization administrators control access through role-based permissions (owner, admin, member). Row-level security policies enforce data isolation at the database level.

6. AI and Automated Decision-Making

Our Service uses artificial intelligence to:

Conduct outbound voice calls and engage in real-time conversation
Generate and send SMS messages to leads and customers
Research property data and calculate pricing estimates
Classify call outcomes and extract structured information from conversations
Schedule appointments and manage follow-up sequences

Important: When AI calls or texts are made, the customer's personal information (name, phone number, address, service request, and property data) is transmitted to our AI providers (VAPI, OpenRouter) as part of the system prompt so the AI can personalize the conversation. AI-generated communications are sent on behalf of and under the direction of the business owner. AI outputs may contain errors; business owners should verify critical information.

7. Call Recording and Transcription

Voice calls made through our Service are recorded and automatically transcribed using Deepgram speech-to-text technology (via VAPI). Call recordings are stored on VAPI's infrastructure; recording URLs and transcripts are stored in our database and are accessible to the organization that initiated the call. It is the responsibility of the business owner to comply with applicable call recording consent laws, including one-party and two-party consent requirements.

8. SMS, Voice, and TCPA Compliance

Our Service sends automated SMS messages and makes automated voice calls on behalf of businesses. Business owners using our Service are responsible for:

Obtaining proper prior express written consent from recipients before automated calls or SMS messages are sent
Complying with the Telephone Consumer Protection Act (TCPA), A2P 10DLC registration requirements, and all applicable federal, state, and local telecommunications regulations
Honoring opt-out requests promptly — recipients can opt out by replying STOP at any time
Maintaining records of consent obtained from their customers

Our system enforces a Do Not Contact (DND) flag on contacts who opt out, preventing further automated outreach. Message and data rates may apply to recipients.

9. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service:

Account dataRetained until account deletion

Contact and conversation dataRetained until the organization deletes the data or terminates the account

Call recordingsRetained per VAPI's retention policy; recording URLs stored in our database until account termination

Transcripts and AI summariesRetained until the organization deletes the data or terminates the account

SMS message historyRetained in our database and by Twilio per their retention policy

Billing and transaction recordsRetained for the period required by applicable tax and financial regulations

Event and automation logsRetained for operational, debugging, and audit purposes

10. Data Security

We implement industry-standard security measures to protect your data:

All data encrypted in transit (TLS/HTTPS) and at rest
Row-level security (RLS) policies enforced at the database level
Integration credentials stored in encrypted JSONB columns
Authentication managed through Supabase Auth with secure session tokens
Role-based access control within organizations (owner, admin, member)

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

11. Your Rights

Depending on your jurisdiction, you may have the right to:

Access: Request a copy of the personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Deletion: Request deletion of your personal data, subject to legal retention requirements
Opt-Out: Opt out of automated communications by requesting a Do Not Contact flag
Data Portability: Request your data in a structured, commonly used format

To exercise any of these rights, contact us at hello@revenuesystems.ai.

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

The right to know what personal information is collected, used, shared, or sold
The right to delete personal information held by us
The right to opt out of the sale of personal information — we do not sell personal information
The right to non-discrimination for exercising your CCPA rights

13. Children's Privacy

Our Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child under 13, we will take steps to delete it promptly.

14. International Data Transfers

Our Service is hosted in the United States. If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

16. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us:

Email: hello@revenuesystems.ai

Website: revenuesystems.ai