1. Introduction
Scaled Growth Agency ("we," "us," or "our") operates the website scaledgrowthagency.com and provides a suite of AI-powered business tools including voice agents, client portal software, CRM, reservations, loyalty programs, messaging, and analytics (collectively, the "Services").
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and Services. By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our Services.
2. Information We Collect
We collect information in several categories depending on how you interact with our Services.
2.1 Account Information
When you create an account or register for our Services, we collect:
- Full name and job title
- Email address
- Phone number
- Business name, address, and type
- Login credentials (passwords are stored in hashed form only)
2.2 Customer Data
Through your use of our platform, you may store data about your own customers, including:
- Contact information (names, phone numbers, email addresses)
- Reservation and booking details
- Order history and transaction records processed through our platform
- Customer notes, preferences, and tags
- Loyalty program membership and point balances
2.3 Call Data
Our AI voice agent feature processes phone calls on your behalf. In connection with this, we collect:
- Call recordings (audio files)
- Call transcriptions (text generated from recordings)
- Call metadata (caller phone number, call duration, timestamps, call outcome)
- AI-generated call summaries and sentiment analysis
2.4 Usage Data
We automatically collect certain information when you access our Services:
- Browser type, operating system, and device information
- IP address and approximate geographic location
- Pages visited, features used, and actions taken within the platform
- Login timestamps and session duration
- Referring URLs and search terms used to find our site
2.5 Payment Data
Payments are processed through Stripe, our third-party payment processor. When you subscribe to a paid plan:
- We collect your billing name, billing address, and subscription plan details
- Stripe collects and processes your credit card or payment method information directly
- We do not store full credit card numbers, CVVs, or other sensitive payment card data on our servers
- We retain a Stripe customer ID and last four digits of your card for reference purposes
2.6 Communication Data
If you use our messaging features, we collect:
- SMS and text messages sent and received through our platform
- Email campaign content, recipient lists, and delivery metrics
- Message templates and automation workflow configurations
3. How We Use Your Information
We use the information we collect for the following purposes:
3.1 Providing and Improving Our Services
- Operating, maintaining, and delivering the features and functionality of our platform
- Processing transactions and managing your account
- Troubleshooting technical issues and providing customer support
- Developing new features based on usage patterns and feedback
3.2 AI Voice Agent Training and Improvement
Your business data (menus, hours, reservation policies, FAQs) is used to train and configure your AI voice agent. We want to be clear about how this works:
- Your business data is used exclusively for your own AI agent and is never shared with or used to train agents belonging to other accounts
- Call recordings and transcripts may be reviewed to improve transcription accuracy and call handling for your account
- Aggregated, de-identified performance metrics (e.g., average call duration, resolution rates) may be used to improve our AI models generally
3.3 Analytics and Reporting
- Generating dashboards, reports, and customer intelligence insights for your business
- Producing RFM (Recency, Frequency, Monetary) analysis and customer segmentation
- Tracking campaign performance and return on investment
3.4 Communications
- Sending service-related notices (account confirmations, billing updates, security alerts)
- Responding to your inquiries and support requests
- Sending product updates and feature announcements (you may opt out at any time)
3.5 Security and Fraud Prevention
- Detecting and preventing unauthorized access, fraud, and abuse
- Monitoring for suspicious activity and enforcing our terms of service
- Maintaining audit logs for security and compliance purposes
4. How We Share Your Information
We do not sell your personal data to third parties. We share information only in the following limited circumstances:
4.1 Service Providers
We use trusted third-party service providers to operate our platform. These providers have access only to the information necessary to perform their services and are contractually obligated to protect it:
- Amazon Web Services (AWS) — Cloud hosting and infrastructure
- Stripe — Payment processing and subscription billing
- AI voice providers — Voice synthesis and conversational AI for our voice agent
- Telephony providers — SMS messaging, phone number provisioning, and call routing
4.2 Legal Requirements
We may disclose your information if required to do so by law or in response to valid legal process, including:
- Subpoenas, court orders, or other legal process
- Requests from law enforcement or government agencies
- To protect the rights, property, or safety of Scaled Growth Agency, our users, or others
4.3 Business Transfers
If Scaled Growth Agency is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website before your information becomes subject to a different privacy policy.
5. Call Recording Disclosure
Our AI voice agent records and transcribes phone calls made to your business. Here is how we handle call recordings:
- Caller notification: Callers are informed at the beginning of each call that the conversation may be recorded and transcribed. This disclosure is built into the AI agent's greeting.
- Access controls: Call recordings and transcripts are accessible only to the business account owner and authorized users on that account. We do not share recordings with other clients or third parties except as described in Section 4.
- Storage: Recordings are stored securely using encrypted storage. Access requires authentication through the client portal.
- Retention: Call recordings are retained for a configurable period (default 90 days). After the retention period, recordings are automatically deleted. Account owners can adjust retention settings or manually delete recordings at any time.
- Compliance: It is the responsibility of the business account owner to ensure compliance with applicable call recording laws in their jurisdiction, including one-party and two-party consent requirements.
6. Data Security
We take the security of your data seriously and implement industry-standard measures to protect it:
- Encryption in transit: All data transmitted between your browser and our servers is encrypted using 256-bit TLS (Transport Layer Security)
- Encryption at rest: Sensitive data, including call recordings and customer information, is stored using encrypted storage on our cloud infrastructure
- Access controls: We employ role-based access controls, strong password requirements, and session management to prevent unauthorized access
- Infrastructure security: Our servers are hosted on AWS with network firewalls, intrusion detection, and regular security patching
- Security assessments: We conduct regular security reviews and address vulnerabilities promptly
While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining robust protections.
7. Data Retention
We retain different categories of data for different periods:
- Account data: Retained for as long as your account is active. If you close your account, we retain your data for 30 days to allow for reactivation, after which it is permanently deleted.
- Call recordings: Retained for a configurable period. The default retention period is 90 days. Account owners can adjust this in their settings or delete recordings manually.
- SMS and message data: Retained for the duration of your account and for 30 days following account closure.
- Analytics data: Aggregated and de-identified analytics data may be retained indefinitely for product improvement. Personal identifiers are removed from analytics data after 2 years.
- Payment records: Billing records and transaction history are retained for 7 years as required for tax and accounting compliance.
8. Your Rights
You have the following rights regarding your personal information:
- Access: You can request a copy of the personal data we hold about you
- Correction: You can request that we correct any inaccurate or incomplete personal data
- Deletion: You can request that we delete your personal data, subject to certain legal obligations
- Export: You can request an export of your data in a commonly used, machine-readable format
- Opt out of marketing: You can unsubscribe from marketing communications at any time by clicking the "unsubscribe" link in any email or by contacting us
8.1 California Residents (CCPA)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:
- Right to know: You may request details about the categories and specific pieces of personal information we have collected about you
- Right to delete: You may request deletion of your personal information, subject to certain exceptions
- Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights
- No sale of personal information: We do not sell personal information as defined under the CCPA
To exercise any of these rights, contact us at support@scaledgrowthagency.com. We will respond to verified requests within 45 days.
9. Cookies and Tracking
We use cookies and similar technologies to operate and improve our Services:
- Essential cookies: Required for basic functionality such as session management, authentication, and security. These cannot be disabled.
- Analytics cookies: Help us understand how users interact with our platform so we can improve the experience. These collect aggregated, anonymous usage data.
We do not use third-party advertising cookies or trackers. We do not participate in ad networks or allow third parties to track our users for advertising purposes.
Most web browsers allow you to control cookies through their settings. Note that disabling essential cookies may prevent you from using certain features of our Services.
10. Children's Privacy
Our Services are designed for use by businesses and are not directed at individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at support@scaledgrowthagency.com.
11. International Data Transfers
Our Services are hosted and operated in the United States. If you access our Services from outside the United States, your information will be transferred to, stored, and processed in the United States. By using our Services, you consent to this transfer. We take appropriate measures to ensure your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:
- We will notify you by email at the address associated with your account
- We will update the "Last updated" date at the top of this page
- For significant changes, we may also display a notice within the client portal
We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes constitutes your acceptance of the updated policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
We aim to respond to all inquiries within 5 business days.