How It Works Features Pricing FAQ Book a Demo

Privacy Policy

Effective Date: March 21, 2026 Last Updated: March 2026

1. Introduction

Momentum AI Co., LLC ("Momentum AI," "we," "us," or "our") is committed to protecting the privacy of our clients, their customers, and visitors to our website. This Privacy Policy explains how we collect, use, disclose, and safeguard information through our AI-powered virtual assistant platform and related services.

By using our platform or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

When you sign up for and use our services, you may provide us with:

  • Business name, address, and contact information
  • Service preferences and business hours
  • Billing and payment information
  • FAQ content and scripted responses for your AI assistant
  • Calendar availability and scheduling preferences
  • Staff names, roles, and contact details

2.2 Information Collected Through Our Platform

As our AI assistant interacts with your customers, we collect:

  • Caller name and phone number
  • Call recordings and transcripts
  • Appointment booking details (date, time, service type, provider)
  • SMS message content and delivery logs
  • CRM contact records and interaction history
  • Call analysis data, including sentiment, reason for call, and outcomes

2.3 Information Collected Automatically

When you visit our website or use our platform, we may automatically collect:

  • IP address, browser type, and operating system
  • Device information and screen resolution
  • Website usage data (pages visited, time spent, referral sources)
  • Cookies and similar tracking technologies

2.4 Payment Information

Credit card and billing details are processed through Stripe, our third-party payment processor. We do not store full credit card numbers on our systems. Stripe's handling of your payment information is governed by their privacy policy and PCI-DSS compliance standards.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and operate our AI virtual assistant services
  • Process and book appointments on behalf of your business
  • Send SMS confirmations, reminders, and follow-up messages
  • Manage your CRM contacts and lead pipeline
  • Generate call transcripts, analytics, and performance reports
  • Process payments and manage your subscription
  • Improve our AI models and overall service quality
  • Communicate with you about your account, updates, and support inquiries
  • Comply with applicable legal obligations

4. How We Share Your Information

We do not sell personal information to third parties. We may share information in the following circumstances:

4.1 Service Providers and Subprocessors

We use trusted third-party service providers to help deliver our platform. These providers are contractually bound to use your data only as necessary to perform services on our behalf:

Provider Purpose
GoHighLevel CRM, workflows, calendar management, communications
Retell AI AI voice agent — processes call audio and generates responses
Twilio SMS messaging, SIP trunking, phone numbers
OpenAI (via Retell) Large language model powering AI conversation
Stripe Payment processing and subscription billing
Make.com Automation and webhook processing

When you explicitly direct us to share information with a third party.

We may disclose information if required to do so by law, regulation, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.4 Business Transfers

In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

5. Data Retention

We retain your information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.

Data Type Retention Period
Call recordings and transcripts Duration of subscription plus 90 days
CRM data and contact records Duration of subscription; exported upon request at termination
Payment records As required by tax law (typically 7 years)
Website analytics Aggregated and anonymized after 26 months

6. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your data, subject to legal retention requirements.
  • Opt-Out: Opt out of marketing communications at any time by contacting us or using the unsubscribe link in our emails.
  • Data Portability: Request export of your data in a standard, machine-readable format.

6.1 California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request details about the categories and specific pieces of personal information we have collected.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale: We do not sell personal information. No opt-out is necessary, but you may still submit a request.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, please contact us at dlynn@momentumaico.com. We will respond to verifiable requests within 45 days.

7. Data Security

We implement industry-standard technical and organizational measures to protect your information, including:

  • Encryption in transit (TLS 1.2+) and at rest
  • Access controls and role-based permissions
  • Regular security assessments and vulnerability testing
  • Incident response procedures and breach notification protocols
  • Breach notification within 72 hours as required by Georgia law
  • Breach notification within 60 days as required under federal HIPAA regulations, if applicable

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. HIPAA Compliance

For clients in healthcare industries (including medical spas, dental practices, and similar providers): We will execute a separate Business Associate Agreement (BAA) before processing any Protected Health Information (PHI).

Our platform supports HIPAA-compliant data handling, including:

  • Encryption of PHI in transit and at rest
  • Role-based access controls limiting PHI access to authorized personnel
  • Audit logging of all PHI access and modifications
  • Breach notification procedures compliant with HIPAA requirements
Important: Healthcare clients must execute a BAA with Momentum AI before onboarding. Failure to do so may result in non-compliance with HIPAA regulations.

9. AI and Automated Decision-Making

Our platform uses artificial intelligence to power its core functionality:

  • Answer phone calls using AI-generated voice technology
  • Analyze call content and caller sentiment
  • Qualify and score leads based on call interactions
  • Generate automated responses to online reviews

AI Disclosure: Callers are informed that they are interacting with an AI system within the first two seconds of each call, in compliance with TCPA and FCC regulations.

Inbound Only: Our AI processes inbound calls only. We do not initiate outbound AI voice calls without explicit consent from all parties involved.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes via email or through our platform at least 30 days before the changes take effect. Your continued use of our services after such notification constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us:

Momentum AI Co., LLC

Email: dlynn@momentumaico.com

Website: momentumaico.com

Phone: (678) 462-5079