Privacy Policy

This policy describes how MarionTek collects, uses, stores, and shares information in connection with the service. It applies to account holders (businesses) and their use of the platform. It does not create obligations beyond what applicable law requires.

Account and billing data: name, email address, business name, business phone number, billing contact, and payment method information (processed and held by our payment provider; we do not store raw card data).

Business profile data: business type, service area, services offered, business hours, and similar operational details you provide during setup.

Call and lead data: inbound caller phone numbers, call timestamps, call duration, structured notes and summaries generated from call handling, AI-generated lead classifications, urgency and intent signals, and follow-up activity records.

Transcript and AI data: spoken content captured during calls, which is processed to generate structured notes. We retain structured notes; raw audio is not retained by default.

Usage and log data: service usage metrics, API request logs, error logs, system event records, and feature interaction data used for operations, debugging, and abuse prevention.

Authentication data: login credentials (passwords are hashed; we do not store plaintext passwords), session tokens, and access logs.

We use collected information to: operate and deliver the service; route, handle, and process calls on your behalf; generate notes, summaries, and lead records; send service and billing communications; support account security and abuse prevention; improve reliability and performance; and maintain records required for legal and compliance purposes.

We do not sell personal information to third parties, and we do not use your data to advertise to your customers.

Caller information (such as phone numbers and spoken content) belongs to your business relationship with your customers. MarionTek processes this data on your behalf as a service provider. You are responsible for ensuring you have appropriate rights and, where required, consents to route calls and have them handled by an automated system.

We use third-party providers to deliver the service, including telephony (Twilio), database and infrastructure (Supabase), payment processing (Stripe), and AI processing (OpenAI). These providers process data on our behalf under their own data handling commitments. A current list of core subprocessors is maintained on the Subprocessors page.

We do not share your data with third parties for their own marketing or advertising purposes.

We retain account and billing data for as long as your account is active and for a reasonable period thereafter to support billing disputes, legal obligations, and account recovery.

Call, lead, and transcript data is retained for the duration of your subscription and for 90 days following termination or cancellation. During that window you may request an export of your data. After 90 days, data is deleted or anonymized except where retention is required by law.

System logs are retained for operational and security purposes on a rolling basis, typically 30–90 days depending on log type.

You may request deletion of your data at any time by contacting us. Deletion requests are subject to any applicable legal retention obligations and will be completed within a reasonable time.

We use reasonable technical and organizational safeguards to protect data, including encryption in transit and at rest for sensitive fields, access controls, and monitoring for anomalies. No system is perfectly secure. We will notify affected parties of significant security incidents as required by applicable law.

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal data. To exercise these rights, contact us at the address below. We will respond within a reasonable time and in accordance with applicable requirements.

We may update this policy over time. We will update the effective version identifier and communicate material changes where practical. Continued use of the service after an update indicates acceptance of the revised policy.

Privacy questions and data requests: privacy@mariontek.com.