Privacy Policy
Last updated: March 8, 2026
1. Introduction & Scope
Welcome to Iris, an AI-powered virtual receptionist service operated by DotFun, LLC, a Texas limited liability company ("Company," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, applications, and services (collectively, the "Service").
This policy applies to all users of the Service, including business customers who register for accounts ("Customers"), end users who call businesses using our AI receptionist ("Callers"), and visitors to our website ("Visitors"). By using the Service, you consent to the data practices described in this policy.
2. Information We Collect
We collect information that you provide directly to us, information we collect automatically, and information from third parties.
Waitlist & Pre-Registration Information
Name and email address submitted through our waitlist signup form
Bot verification data processed by Cloudflare Turnstile (see Section 9 for details)
Account Information
Name and email address
Google account profile information (when signing in via Google OAuth)
Organization membership role and status
Organization Data
Business name, industry vertical, and organization type (e.g., solo practitioner, small business, enterprise, non-profit, agency)
Website URL and scraped website content (for knowledge base)
Business hours and holiday schedules
Service pricing, descriptions, and offerings
Staff information and availability
Uploaded knowledge base documents and AI-generated knowledge base suggestions
Phone Line Configuration
Twilio account credentials and SIP trunk credentials (stored encrypted with AES-256-GCM)
Phone numbers associated with your account
Call & SMS Data
Call recordings, AI-generated transcripts, and voice audio data (which may include voice characteristics; see Section 7 regarding biometric information)
Caller phone numbers and call metadata (duration, timestamps, status)
AI-generated responses and actions taken during calls
SMS messages sent and received through the Service
CRM & Lead Data
Contact information captured during calls (name, email, phone number, notes)
Interaction records including conversation identifiers, captured field values, and interaction status
Custom CRM field definitions and values configured by your organization
Calendar Integration Data
When you connect your Google Calendar, we request the following Google API permissions (OAuth scopes): calendar.events (read and write access to your calendar events) and calendar.calendarlist.readonly (read-only access to your list of calendars). This allows Iris to view your list of calendars, read your existing events to determine availability, create new appointments, update event details, and cancel events on your behalf. We collect the following data:
Google Calendar OAuth access and refresh tokens (stored encrypted with AES-256-GCM)
Calendar event details including title, description, start/end times, timezone, location, recurrence rules, event status, and attendee information (name, email, phone, response status)
Calendar list metadata (calendar IDs, calendar names) to identify which calendar to use for scheduling
Sync tokens and ETags for efficient incremental synchronization
Webhook channel and resource identifiers for real-time push notification subscriptions
Payment Information
Payment processing is handled by Stripe. We do not store credit card numbers or bank account details on our servers. We receive and store transaction confirmations, subscription status, and billing-related metadata (such as your email and billing address as provided to Stripe) from our payment processor.
Usage & Diagnostic Data
Feature usage metrics, including onboarding progress and task completions
Error logs and performance data collected via Sentry (with automatic redaction of sensitive fields such as passwords, tokens, and API keys)
In-app notification delivery records
3. How We Collect Information
Directly From You
When you sign up for our waitlist, register for an account, complete our onboarding wizard, configure your AI receptionist, upload knowledge base documents, connect your Google Calendar, or contact customer support.
Automatically
Through session cookies, usage logs, error tracking (Sentry), and similar technologies when you access or use our Service. See Section 18 (Cookies and Tracking) for details.
From Third Parties
Through Google OAuth when you sign in, from caller interactions with the AI receptionist, from Google Calendar when you connect calendar integration, and from Google Maps/Places for business location enrichment.
Website Scraping
With your consent during onboarding, we scrape publicly available information from your business website to build and enhance your AI receptionist's knowledge base. This content is processed using AI to generate FAQs and relevant business information.
4. How We Use Information
We use the information we collect to:
Provide, maintain, and improve the AI receptionist service
Handle inbound calls, book appointments, and capture lead information on your behalf
Perform two-way synchronization with your Google Calendar: read your existing events to determine availability, create new appointment events when callers book through the AI receptionist, update event details (e.g., rescheduling), and cancel events on your behalf
Enable the AI receptionist to check your real-time calendar availability and schedule, reschedule, or cancel appointments during live phone calls on your behalf
Maintain an audit log of all calendar actions taken by the AI receptionist for your review
Manage CRM contacts and interaction records
Process payments and manage subscriptions
Train and improve AI models (using de-identified and aggregated data only)
Manage waitlist signups and communicate about early access and product availability
Provide customer support and send service-related communications
Detect, prevent, and address technical issues, fraud, and security incidents
Comply with legal obligations
5. AI and Machine Learning Practices
Disclosure: Iris uses artificial intelligence to handle calls on behalf of your business. Callers are informed at the start of each call that they are speaking with an AI-powered assistant.
AI Processing: Call audio is processed in real-time using AI models to understand caller intent, generate responses, and take actions such as scheduling appointments or capturing lead information. Your website content and uploaded documents are processed by AI to build and refine your receptionist's knowledge base.
Third-Party AI Services: We use ElevenLabs for voice synthesis and real-time call handling, and Anthropic (Claude) for natural language processing, prompt generation, and knowledge base enhancement. These providers process data according to their respective privacy policies and our data processing agreements.
Model Improvement: We may use de-identified and aggregated data to improve our AI models. Individual call recordings are not shared with third parties for model training purposes without your explicit consent.
6. Call Recording Practices
Recording Disclosure: All calls handled by the AI receptionist may be recorded and transcribed. Callers are notified at the beginning of each call that the call may be recorded and that they are speaking with an AI assistant.
Two-Party Consent: Several U.S. states require all parties to consent to call recording, including California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania, and Washington. Our AI receptionist provides the required disclosure to obtain consent in compliance with these laws.
Retention Period: Call recordings and transcripts are retained for up to two (2) years through our voice AI provider (ElevenLabs). After expiration, recordings are automatically deleted.
Caller Rights: If a caller does not wish to be recorded, they may end the call at any time.
7. Biometric Information
What We Collect: The Service records and processes voice audio from phone calls handled by the AI receptionist. Voice recordings inherently contain voice characteristics that may constitute biometric identifiers or biometric information under certain state laws, including the Illinois Biometric Information Privacy Act (BIPA) and the Texas Capture or Use of Biometric Identifier Act (CUBI Act).
Purpose: Voice audio is collected and processed solely for the purpose of providing the AI receptionist service, including real-time voice recognition and synthesis, call transcription, and quality assurance. We do not use voice data to create persistent voiceprint templates for the purpose of identifying specific individuals across calls.
Disclosure & Consent: By using the Service, you acknowledge and consent to the collection and processing of voice audio data as described in this policy. Callers are informed at the start of each call that the call may be recorded and that they are interacting with an AI assistant. By continuing the call after this disclosure, callers consent to the recording and processing of their voice data. Customers are responsible for ensuring that this disclosure mechanism satisfies applicable biometric data consent requirements in their jurisdiction.
Storage & Security: Voice recordings are stored by our voice AI provider (ElevenLabs) on servers located in the United States. Voice data is encrypted in transit and at rest. Access to voice recordings is restricted to authorized personnel and systems necessary to provide the Service.
Retention & Destruction: Voice recordings are retained for a maximum of two (2) years from the date of collection, after which they are automatically and permanently destroyed. If your account is terminated, voice recordings associated with your account will be destroyed within the earlier of (a) the standard two-year retention period, or (b) the end of the 30-day post-cancellation data export window plus a reasonable period for deletion processing. We do not sell, lease, trade, or otherwise profit from biometric data.
Third-Party Sharing: Voice audio data is shared only with ElevenLabs (for call processing and storage) and is not disclosed to any other third parties except as required by law, legal process, or valid court order.
Your Rights: To the extent required by applicable state biometric privacy laws, you may request information about our biometric data practices, request deletion of biometric data, or withdraw consent for future biometric data collection by contacting us at connect@dotfun.co. See also Sections 14, 15, and 16 for additional privacy rights.
8. SMS Communications & TCPA Compliance
SMS Functionality: The Service may send and receive SMS messages on behalf of your business through Twilio. SMS messages may include appointment confirmations, follow-up messages, and other business communications. Message content, sender and recipient phone numbers, and delivery metadata are processed and stored as part of the Service.
Consent & TCPA: The Telephone Consumer Protection Act (TCPA) and applicable state laws regulate automated text messages. SMS messages are sent only to individuals who have provided their phone number during a call with the AI receptionist and have consented to receive messages in the context of that interaction (e.g., confirming an appointment). You, as the Customer, are responsible for ensuring that your use of the SMS features complies with the TCPA, state telemarketing laws, and all applicable regulations. You must not use the Service to send unsolicited bulk SMS messages, marketing messages without prior express written consent, or messages to numbers on the National Do-Not-Call Registry.
Opt-Out: All SMS messages sent through the Service include instructions for recipients to opt out by replying STOP. Once a recipient opts out, no further messages will be sent to that number through the Service. Standard messaging rates from the recipient's carrier may apply.
Message Frequency & Content: Message frequency varies based on caller interactions and your configuration. Messages are limited to transactional and informational purposes related to the caller's interaction with your business. We do not send marketing or promotional messages on behalf of your business unless you explicitly configure and authorize such messages with appropriate consent mechanisms in place.
9. Information Sharing & Subprocessors
We share your information with the following categories of service providers (subprocessors):
| Service | Purpose | Data Shared | Location |
|---|---|---|---|
| ElevenLabs | AI voice agents, call recordings, transcription, calendar-based appointment scheduling | Call audio (including voice data), transcripts, agent configuration, calendar availability and event data (for scheduling during calls) | USA |
| Twilio | Telephony, SMS, phone number management | Phone numbers, call metadata, SMS content | USA |
| Anthropic (Claude) | Natural language processing, prompt generation | Website content, business data for knowledge base | USA |
| Supabase | Database, authentication, authorization | All account and operational data | USA |
| Stripe | Payment processing, subscription management | Email, billing address, transaction amounts | USA |
| OAuth authentication, Calendar event read/write (calendar.events scope), calendar list read-only (calendar.calendarlist.readonly scope), Places enrichment | Email, calendar list metadata, calendar events, attendee data, business location | USA | |
| Sentry | Error monitoring, performance tracking | Error logs, request metadata (sensitive fields redacted) | USA |
| GoHighLevel | CRM, marketing automation, waitlist contact management | Name, email address, tags (e.g., waitlist, support) | USA |
| Cloudflare | Bot protection (Turnstile) on public forms | Browser interaction data for bot verification (no personal data stored) | USA |
Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.
Legal Requirements: We may disclose information if required by law, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
No Sale of Personal Data: We do not sell, rent, or lease your personal information to third parties. We do not share personal information for cross-context behavioral advertising purposes.
10. International Data Transfers
The Service is operated from the United States, and all data is processed and stored on servers located in the United States. All of our subprocessors (listed in Section 9) are based in the United States.
If you access the Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to the United States.
11. Data Retention
We retain your information for the following periods:
| Data Type | Retention Period |
|---|---|
| Account Information | Duration of account + 3 years |
| Call Recordings & Voice Data | Up to 2 years (then permanently destroyed) |
| Call Transcripts | Up to 2 years |
| Biometric Information (voice characteristics) | Up to 2 years (co-terminous with call recordings) |
| CRM & Lead Data | Duration of account + 3 years |
| Usage Logs | 24 months |
| Billing Records | 7 years |
| Session Cookies | 30 days |
| Google Calendar Tokens | Until integration is disconnected (deleted immediately upon disconnection) |
| Synchronized Calendar Event Data | Duration of account (deleted upon account cancellation per the data export window above) |
| Calendar Action Audit Logs | Duration of account |
| Waitlist Signups | Until the Service is generally available, then deleted or migrated to an account upon registration |
Account Cancellation: When you cancel your account, you have a 30-day window to export your data. After this period, your data will be scheduled for deletion in accordance with the retention periods listed above. Certain data may be retained longer where required by law (e.g., billing records for tax compliance).
Soft Deletion: When data is deleted through the Service (e.g., removing an agent or deactivating a membership), it is initially soft-deleted (marked as inactive) and excluded from active queries. Soft-deleted data is permanently purged during routine maintenance cycles.
12. Data Security
We implement appropriate technical and organizational measures to protect your information:
AES-256-GCM encryption for sensitive credentials including phone line credentials, SIP trunk passwords, and integration tokens
Row-level security (RLS) in our database ensuring strict data isolation between organizations
Service-role access controls with the principle of least privilege
HTTPS/TLS encryption for all data in transit
Automatic redaction of sensitive fields (passwords, tokens, API keys, credentials) in all error logs and monitoring systems
JWT-based authentication with custom claims for organization-scoped access
Regular security assessments and monitoring
While we strive to protect your information using commercially reasonable measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
13. Data Breach Notification
Notification Commitment: In the event of a security breach that results in the unauthorized acquisition or access to your personal information, we will notify affected individuals and applicable regulatory authorities as required by law, including under the Texas Identity Theft Enforcement and Protection Act (Texas Business & Commerce Code Chapter 521), the California Consumer Privacy Act (CCPA), and other applicable state breach notification statutes.
Timing: We will provide notification as expeditiously as practicable and without unreasonable delay, and in no event later than sixty (60) days after discovering the breach, except where a shorter timeline is required by applicable law or where a law enforcement agency determines that notification would impede a criminal investigation.
Content of Notice: Breach notifications will include, to the extent known: a description of the incident, the types of personal information involved, the steps we are taking to investigate and remediate the breach, steps you can take to protect yourself, and contact information for follow-up inquiries.
Method of Notice: We will notify affected individuals by email to the address associated with their account. If we are unable to reach you by email, we may provide notice through the Service dashboard, our website, or by mail. Where required by law, we will also notify the applicable state attorney general or other regulatory authority.
14. Your Privacy Rights
You have the following rights regarding your personal information:
Access: Request a copy of the personal information we hold about you
Correction: Request correction of inaccurate or incomplete personal information
Deletion: Request deletion of your personal information, subject to legal retention requirements
Portability: Request your data in a portable, machine-readable format (CSV export)
Restrict Processing: Request that we limit how we process your personal information in certain circumstances
Withdraw Consent: Where processing is based on consent (e.g., website scraping for knowledge base, biometric data collection), you may withdraw consent at any time
To exercise these rights, please contact us at connect@dotfun.co. We will respond to your request within 30 days. We may ask you to verify your identity before fulfilling your request.
Revoking Google Calendar Access: You may disconnect your Google Calendar integration at any time from your Iris dashboard settings. When you disconnect, we will immediately stop accessing your Google Calendar data, delete your stored OAuth tokens, and cancel all active webhook subscriptions. You may also revoke Iris's access to your Google account directly through your Google Account permissions page at myaccount.google.com/permissions. Previously synchronized calendar data stored in Iris will be deleted in accordance with the retention schedule in Section 11.
15. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
Right to Know: You may request information about the categories and specific pieces of personal information we have collected, the sources of collection, our business purposes for collecting it, and the categories of third parties with whom we share it.
Right to Delete: You may request deletion of personal information we have collected from you, subject to certain exceptions.
Right to Correct: You may request correction of inaccurate personal information.
Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information. Note: We do not sell or share personal information for cross-context behavioral advertising.
Right to Limit Use of Sensitive Personal Information: You may limit the use of sensitive personal information to purposes necessary for providing the Service.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To submit a CCPA/CPRA request, contact us at connect@dotfun.co. We will verify your identity before processing your request and respond within 45 days as required by law.
16. Texas Privacy Rights (TDPSA)
If you are a Texas resident, you have rights under the Texas Data Privacy and Security Act (TDPSA), effective July 1, 2024. As a Texas-based company, we are committed to compliance with the TDPSA.
Your Rights Under TDPSA:
Right to Access: You may confirm whether we are processing your personal data and request access to that data.
Right to Correct: You may request correction of inaccuracies in your personal data.
Right to Delete: You may request deletion of personal data we have collected from you, subject to certain exceptions.
Right to Data Portability: You may request a copy of your personal data in a portable, readily usable format.
Right to Opt-Out: You may opt out of: (a) the sale of personal data (we do not sell personal data); (b) targeted advertising (we do not engage in targeted advertising); and (c) profiling that produces legal or similarly significant effects.
Right to Non-Discrimination: We will not discriminate against you for exercising your TDPSA rights.
Sensitive Data: Under the TDPSA, certain categories of data are considered "sensitive," including biometric data. We process voice audio data that may contain biometric characteristics as described in Section 7. We obtain consent for this processing through the call disclosure mechanism described in Sections 6 and 7.
How to Exercise Your Rights: To submit a TDPSA request, contact us at connect@dotfun.co. We will verify your identity and respond within 45 days. If we decline your request, you may appeal by contacting us at the same email address. If your appeal is denied, you may file a complaint with the Texas Attorney General at https://www.texasattorneygeneral.gov/.
17. Children's Privacy
The Service is not directed to children under the age of 13, and we require all account holders to be at least 18 years old. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly. If you believe we may have collected information from a child under 13, please contact us at connect@dotfun.co.
18. Cookies and Tracking
We use cookies and similar technologies as follows:
Session Cookie (iris.supabase.session): Required for authentication and maintaining your login session. This cookie contains your access token and session information and expires after 30 days of inactivity.
Error Tracking (Sentry): We use Sentry to monitor and fix technical issues. In production, Sentry samples approximately 10% of requests for performance monitoring. Sensitive data (passwords, tokens, API keys) is automatically redacted before transmission.
Google Tag Manager (GTM): We use GTM to manage marketing and analytics scripts. GTM may set cookies for campaign attribution tracking. You can opt out of GTM via the Cookie Preferences link in the page footer.
Attribution Cookies (iris.utm.first_touch, iris.utm.last_touch): These cookies track how you discovered our Service (marketing campaign source, medium, etc.) and are used for internal marketing attribution. They expire after 30 days.
Cookie Preferences (iris.cookie_consent): Stores your cookie category preferences (analytics, marketing). Expires after 1 year.
You can manage your cookie preferences at any time using the "Cookie Preferences" or "Do Not Sell or Share My Personal Information" links in the page footer. Disabling the session cookie will prevent you from using authenticated features of the Service.
Cookie Categories
| Category | Cookies | Can Opt Out? |
|---|---|---|
| Strictly Necessary | iris.supabase.session, iris.cookie_consent, Cloudflare Turnstile, Stripe | No |
| Analytics | Sentry | Yes |
| Marketing & Attribution | Google Tag Manager, iris.utm.first_touch, iris.utm.last_touch | Yes |
19. Automated Decision-Making
The Service uses AI to make automated decisions during phone calls on behalf of your business. These automated decisions may include:
Determining caller intent and routing conversations accordingly
Scheduling appointments based on your configured availability
Capturing and categorizing lead information from callers
Generating responses based on your business knowledge base
These automated actions are performed within the parameters you configure through the Service. You can review and adjust your AI receptionist's behavior through your dashboard settings. Callers are informed at the start of each call that they are interacting with an AI assistant.
20. Do Not Track Signals
Some browsers transmit "Do Not Track" (DNT) signals. Because there is no common industry standard for interpreting DNT signals, the Service does not currently respond to DNT signals. We do not track users across third-party websites. However, we provide cookie preference controls that allow you to opt out of analytics and marketing cookies. See Section 18 for details.
21. Google API Services User Data Disclosure
Iris's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Scope of Access
When you connect your Google Calendar to Iris, we request two specific OAuth scopes: calendar.events (read/write access to calendar events) and calendar.calendarlist.readonly (read-only access to your list of calendars). We do not request access to any other Google services or data beyond these scopes.
Limited Use Compliance
In accordance with Google's Limited Use requirements, Iris:
Only uses Google Calendar data to provide and improve the user-facing calendar integration features described in this privacy policy (checking availability, scheduling appointments, synchronizing events, and managing bookings)
Does not use Google Calendar data for serving advertisements, including retargeting, personalized advertising, or interest-based advertising
Does not allow humans to read Google Calendar data unless: (a) you provide affirmative consent (e.g., when you view your own calendar events in the Iris dashboard), (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) our use is limited to internal operations and the data has been aggregated and de-identified
Does not transfer Google Calendar data to third parties except: (a) as necessary to provide or improve user-facing features that are prominent in Iris's user interface (the AI receptionist's appointment scheduling functionality via ElevenLabs), (b) to comply with applicable laws, or (c) as part of a merger, acquisition, or asset sale with prior notice to users
Stores Google Calendar OAuth tokens encrypted at rest using AES-256-GCM and deletes them promptly when you disconnect the integration
Data Retention for Google User Data
Google Calendar OAuth tokens are retained only while your calendar integration is active and are deleted immediately upon disconnection. Synchronized calendar event data is retained for the duration of your account and deleted in accordance with the retention schedule in Section 11. Audit logs of calendar actions taken by the AI receptionist are retained for the duration of your account for your review.
22. Contact & Changes
Contact Us: If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our data practices, please contact us at:
DotFun, LLC
Email: connect@dotfun.co
Changes to This Policy: We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page, updating the "Last updated" date, and, where appropriate, sending you a notification via the Service. Your continued use of the Service after any changes constitutes acceptance of the updated policy.
