Legal • Privacy Policy

Calla AI — Privacy Policy

Effective Date: January 1, 2026
Entity: Calla AI LLC (“Calla AI,” “we,” “us,” “our”)
Contact: [email protected]
Location: Fresno, CA

1. Scope and Roles

This Privacy Policy describes how Calla AI collects, uses, and protects information in connection with our website, platform, and related services (“Service”).

  • For website visitors and marketing leads, Calla AI acts as a data controller.
  • For customer accounts (practices) and PHI processed during communications or integrations, Calla AI acts as a service provider / processor and a Business Associate under HIPAA.
  • For PHI, the terms of the Business Associate Agreement (BAA) control in the event of any conflict.

2. Information We Collect

2.1 Account and Business Information

Practice information, contacts, authorized users, billing details, plan selections, and configuration settings.

2.2 Communications and Interaction Data

Call recordings, transcripts, call audio, caller ID, timestamps, SMS logs, messaging content, and call outcomes.

2.3 Integration Data

Information transmitted to or from connected Practice Management Systems (PMS), telephony platforms, calendars, or other systems you enable.

2.4 Technical and Usage Information

IP address, device and browser type, operating system, access logs, cookies, referral URLs, analytics data, and approximate geolocation.

3. How Information Is Used

We may use information to:

  • Provide, maintain, and improve the Service.
  • Schedule appointments and process communications.
  • Comply with laws, including HIPAA and TCPA.
  • Monitor performance, detect fraud, and enhance security.
  • Analyze de-identified or aggregated data for product improvement.
  • Provide billing, customer support, and account administration.

We do not sell personal information or PHI.

4. Call Recording and Messaging Consent

4.1 Call Recording

You are solely responsible for informing callers and obtaining all legally required call-recording consent, including in one-party or two-party consent jurisdictions. You control recording settings.

4.2 Automated Text Messages

By providing a mobile number, users consent to automated scheduling texts and related notifications. Reply STOP to opt out and HELP for support. Standard carrier rates may apply.

5. Cookies and Tracking

We use essential cookies and analytics tools, including Google Analytics and Meta Pixel. Users may disable cookies in browser settings. Global Privacy Control (GPC) signals are honored where required by law.

6. Retention

Communications data (recordings, transcripts, SMS logs) is generally retained for approximately six (6) months, unless your plan states otherwise. Billing and administrative records may be kept as required for tax or audit purposes.

7. Security

We use administrative, technical, and physical safeguards, including encryption, access controls, authentication, and system monitoring, to protect information.

8. Sharing of Information

We may share information with:

  • Cloud hosting providers;
  • Telephony and SMS vendors;
  • Email and communication platforms;
  • AI model infrastructure providers;
  • Analytics and support services;
  • Payment processors such as Stripe.

All vendors are required to maintain confidentiality and security. We do not sell or rent personal data or PHI.

9. Marketing Communications

We may send newsletters or product updates; you may unsubscribe at any time using the link in the email or by contacting us. Transactional and administrative messages will continue as required to support your account.

10. Consumer Privacy Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict certain uses of personal information. Requests may be submitted to [email protected]. We will verify your identity and respond within applicable statutory timeframes.

11. California (CPRA)

We disclose the categories of personal information collected and shared upon request. We do not sell personal information. If cross-context behavioral advertising ever applies, appropriate opt-out mechanisms will be provided in accordance with the law.

12. Health Data Protections

For health-related website data collected outside HIPAA (for example, expressed symptoms or treatment interest), we obtain consent where required, honor withdrawal requests, and do not engage in prohibited uses such as geofencing around health facilities.

13. Children

The Service is not intended for use by children under 13 (or under 16 where applicable). If you believe a child’s information has been collected, please contact us so we can delete it.

14. Changes

We may update this Privacy Policy periodically. A new effective date will be posted at the top of this page. Continued use of the Service after changes are posted constitutes your acceptance of the updated Policy.

15. Contact

Calla AI LLC
Fresno, CA
[email protected]