Privacy Policy
Last updated: March 17, 2026
This Privacy Policy explains how MyPhoneGenie, operated by Medtivio ("Company," "we," "us," or "our"), collects, uses, shares, and protects your information when you use our AI-powered phone answering and chat service (the "Service").
This policy applies to both Account Holders (businesses that subscribe to MyPhoneGenie) and End Users (people who interact with the AI via phone, chat, or SMS).
1. Information We Collect
From Account Holders (Business Subscribers)
- Account information: name, email address, business name, business address, phone number
- Payment information: credit card details (processed and stored by Stripe — we do not store card numbers)
- Knowledge base content: business information you provide or that we scrape from your website with your permission (services, hours, policies, pricing, FAQ answers)
- Account settings: AI voice preferences, greeting messages, workflow configurations
- Usage data: login history, dashboard activity, feature usage
From End Users (Callers, Chat Visitors, SMS Contacts)
- Call data: phone number, call duration, call timestamp
- Call recordings and transcripts: audio processed in real time by our AI; transcripts may be generated and stored
- Chat messages: text of conversations with the AI chat agent
- SMS messages: content of text message exchanges
- Information voluntarily provided: name, appointment details, callback requests, or other information shared during a conversation
Automatically Collected
- Technical data: IP address, browser type, device type, operating system
- Usage analytics: pages visited, features used, session duration
2. How We Use Your Information
| Purpose |
Data Used |
| Deliver the Service (answer calls, chat, SMS) |
Knowledge base, call audio, chat messages |
| Generate AI responses |
Conversation context, knowledge base content |
| Process payments and manage subscriptions |
Payment info, account details |
| Provide call logs and analytics in your dashboard |
Call metadata, transcripts, chat logs |
| Improve AI response quality |
Anonymized conversation patterns, question frequency |
| Customer support |
Account info, usage history, support tickets |
| Prevent abuse and enforce Acceptable Use |
Usage patterns, content analysis |
3. Third-Party Service Providers
We share data with the following providers to deliver the Service. Each processes data under their own privacy policies:
| Provider |
Purpose |
Data Shared |
| Twilio |
Phone calls, SMS, telephony |
Call audio (real-time stream), phone numbers, SMS content |
| Google Gemini |
AI language processing |
Conversation text, call audio (for voice), knowledge base context |
| OpenAI |
Text-to-speech for chat |
AI response text (converted to audio) |
| Stripe |
Payment processing |
Payment method, billing address, subscription details |
| Microsoft Azure |
Cloud hosting |
All data is hosted on Azure infrastructure |
We do not sell your personal information to third parties. We do not share data with advertisers.
4. Data Retention
| Data Type |
Retention Period |
| Call transcripts and logs |
90 days from the date of the call |
| Chat transcripts |
90 days from the date of the conversation |
| SMS messages |
90 days from the date of the message |
| Account data and knowledge base |
Retained while your account is active, plus 90 days after cancellation |
| Payment records |
As required by law (typically 7 years for tax purposes) |
| Server logs |
30 days |
5. Your Rights and Choices
You have the following rights regarding your data:
For Account Holders
- Access: View all your data through your dashboard, including call logs, transcripts, and knowledge base content.
- Export: Request a full export of your data (knowledge base, call logs, account settings) by contacting us at info@medtivio.com.
- Correction: Update your account information and knowledge base at any time through your dashboard.
- Deletion: Request deletion of your account and all associated data. We will process deletion requests within 30 days.
- Opt out of AI training: You may request that your conversation data not be used to improve our AI models. Email info@medtivio.com with the subject "Opt Out of AI Training."
For End Users (Callers and Chat Visitors)
- You may request deletion of your conversation data by contacting the business you interacted with, or by emailing us directly at info@medtivio.com.
- If you do not wish to interact with an AI, you may request to speak with a human representative of the business.
6. Security
We take reasonable measures to protect your data:
- Encryption in transit: All connections use HTTPS (TLS 1.2+) for web traffic and WSS (WebSocket Secure) for real-time voice and chat.
- Secure hosting: Data is hosted on Microsoft Azure with enterprise-grade physical and network security.
- Payment security: Credit card information is handled entirely by Stripe (PCI DSS Level 1 certified). We never see or store your full card number.
- Access controls: Account data is protected by password authentication and JWT-based session tokens.
No system is 100% secure. While we work hard to protect your data, we cannot guarantee absolute security. If we discover a data breach that affects your personal information, we will notify you as required by applicable law.
7. California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: You may request details about the categories and specific pieces of personal information we have collected about you.
- Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
- Right to Opt Out of Sale: We do not sell personal information. No opt-out is necessary.
- Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
To exercise these rights, email info@medtivio.com with the subject "CCPA Request."
8. European Residents (GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom, the following applies:
- Legal basis: We process your data based on contractual necessity (to deliver the Service), legitimate interest (to improve the Service), and consent (where required).
- Data transfers: Your data is processed in the United States. By using the Service, you consent to this transfer. We rely on standard contractual clauses where applicable.
- Your rights: You have the right to access, rectify, erase, restrict processing, data portability, and object to processing. You may also lodge a complaint with your local data protection authority.
To exercise these rights, email info@medtivio.com with the subject "GDPR Request."
9. Children's Privacy
MyPhoneGenie is designed for business use and is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.
10. Cookies and Tracking
Our website uses minimal cookies:
- Authentication cookies: To keep you logged in to your dashboard.
- Session cookies: To maintain chat sessions and demo state.
We do not use third-party advertising cookies or tracking pixels.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on our website at least 30 days before taking effect. The "Last updated" date at the top of this page indicates the most recent revision.
12. Contact Us
For privacy questions, data requests, or concerns, contact us at:
Medtivio
Email: info@medtivio.com
Website: myphonegenie.com
We aim to respond to all privacy-related inquiries within 30 days.