calls.guru

Privacy Policy

Last Updated: May 9, 2025

1. Introduction

calls.guru ("we," "our," or "us") is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our HIPAA-compliant call recording and compliance scoring services. As a service provider that may handle Protected Health Information (PHI), we are committed to maintaining compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Centers for Medicare & Medicaid Services (CMS) requirements.

2. HIPAA Compliance

calls.guru is designed to be HIPAA-compliant. When we provide services to covered entities or business associates subject to HIPAA, we enter into a Business Associate Agreement (BAA) that establishes our obligations to protect PHI. We implement physical, technical, and administrative safeguards to protect the confidentiality, integrity, and availability of PHI in accordance with the HIPAA Security Rule.

3. Information We Collect

We collect the following types of information:

  • Account Information: When you register for our services, we collect your name, email address, phone number, and business information.
  • Call Recordings: Our service records telephone calls as directed by you. These recordings may contain PHI.
  • Call Transcripts: We generate and store transcripts of recorded calls, which may contain PHI.
  • Compliance Data: We collect and analyze data related to compliance with applicable regulations, including CMS requirements.
  • Usage Information: We collect information about how you use our services, including log data, device information, and analytics data.

4. How We Use Your Information

We use your information for the following purposes:

  • To provide and maintain our services
  • To process and complete transactions
  • To generate call transcripts and compliance scores
  • To store recordings and transcripts in accordance with regulatory requirements
  • To improve and personalize our services
  • To communicate with you about our services
  • To comply with legal obligations

5. Data Retention

We retain call recordings and transcripts for a period of 10 years to comply with CMS and other regulatory requirements. This retention period ensures that Medicare Advantage Organizations, ACA agencies, and other regulated entities can meet their obligations for record retention. Account information is retained for as long as you maintain an account with us and as required by applicable laws.

6. Data Security

We implement robust security measures to protect your information, including:

  • Encryption of data in transit using TLS 1.3
  • Encryption of data at rest using AES-256
  • Secure, redundant storage with S3 and Glacier
  • Access controls and authentication mechanisms
  • Regular security assessments and audits
  • SOC-2 Type II compliance

7. Sharing Your Information

We may share your information in the following circumstances:

  • Service Providers: We may share information with third-party service providers who perform services on our behalf, such as hosting, data analysis, and customer service. All service providers are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
  • Compliance with Laws: We may disclose your information to comply with applicable laws and regulations, including responding to lawful requests from public authorities.
  • Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.
  • With Your Consent: We may share your information with third parties when we have your consent to do so.

8. Your Rights

Depending on your location, you may have certain rights regarding your personal information, including:

  • The right to access your personal information
  • The right to correct inaccurate or incomplete information
  • The right to request deletion of your personal information
  • The right to restrict or object to processing
  • The right to data portability

To exercise these rights, please contact us at privacy@calls.guru.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: privacy@calls.guru
Address: 123 Compliance Way, Suite 456, San Francisco, CA 94105