Privacy Policy
Sparkwright AI LLC ("Sparkwright," "we," "us," or "our") provides AI-powered receptionist and appointment scheduling services for home service businesses. This Privacy Policy explains how we collect, use, store, and protect your information, including data accessed through third-party services like Google.
Effective Date: February 14, 2026
1. Information We Collect
1.1 Information You Provide
- Account Information: Name, email address, phone number, business name, and business address when you sign up
- Payment Information: Billing details processed securely through Stripe (we do not store full credit card numbers)
- Business Configuration: Service types, pricing, service areas, business hours, and custom knowledge base content
1.2 Information Collected Automatically
- Call Recordings: Phone calls handled by our AI receptionist are recorded for quality assurance and as proof of consent for SMS messaging
- Call Metadata: Phone numbers, call duration, timestamps
- Usage Data: How you interact with our dashboard and services
1.3 Google User Data
When you connect your Google account, we access the following data:
Google Calendar Data Accessed:
- Calendar Events: We read your calendar events to check availability before scheduling appointments
- Calendar Metadata: Calendar names and IDs to identify which calendar to use for scheduling
Specific Google API Scopes Used:
| Scope | Purpose |
|---|---|
| calendar.events | Read existing events to check availability; create, modify, and delete appointment events scheduled through our service |
| calendar.readonly | List available calendars so you can select which one to use for appointments |
2. How We Use Your Information
2.1 Service Delivery
- Appointment Scheduling: We use Google Calendar data to check your availability and create appointments when customers call
- AI Receptionist: Your business configuration data is used to personalize how our AI answers calls for your business
- SMS Notifications: Phone numbers are used to send appointment confirmations, reminders, and emergency alerts
2.2 Google Data Usage
We use Google Calendar data solely for:
- Checking your calendar availability before booking appointments
- Creating new calendar events for appointments booked through our service
- Modifying or canceling appointments when customers request changes
We do NOT use Google data for:
- Advertising or marketing purposes
- Training AI or machine learning models
- Selling to third parties
- Any purpose unrelated to appointment scheduling
2.3 Communication
- Sending transactional emails about your account
- Providing customer support
- Notifying you of service updates or issues
3. Data Sharing
3.1 Third-Party Service Providers
We share data with the following service providers who help us deliver our service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Vapi | AI voice processing | Call audio, business configuration |
| Telnyx | Phone and SMS services | Phone numbers, SMS content |
| Supabase | Database hosting | All account and appointment data |
| Stripe | Payment processing | Billing information |
| Calendar integration | OAuth tokens (to access your calendar) |
3.2 Google Data Sharing
We do not share Google user data with any third parties except as required to provide the calendar integration service (i.e., communicating with Google's APIs).
3.3 Legal Requirements
We may disclose information if required by law, legal process, or government request.
3.4 No Sale of Data
We do not sell, rent, or trade your personal information or Google user data to any third parties.
4. Data Storage and Security
4.1 Where Data is Stored
- Account and appointment data: Stored in Supabase (cloud database with servers in the United States)
- Google OAuth tokens: Encrypted and stored in our secure database
- Call recordings: Stored by our voice provider (Vapi) with encryption at rest
4.2 Security Measures
- Encryption: All data is encrypted in transit (TLS/SSL) and at rest
- Access Controls: OAuth tokens and sensitive data are accessible only to authorized systems
- Secure Authentication: We use industry-standard OAuth 2.0 for Google integration
- No Plain-Text Secrets: API keys and tokens are never stored in plain text
4.3 Google Data Security
Google OAuth refresh tokens are:
- Encrypted before storage
- Never shared with third parties
- Only used to maintain your calendar connection
- Immediately deleted when you disconnect your Google account
5. Data Retention and Deletion
5.1 Retention Periods
| Data Type | Retention Period |
|---|---|
| Account information | Duration of account + 30 days after deletion |
| Appointment records | 2 years (for business records) |
| Call recordings | 14 days |
| Call transcripts | Duration of account |
| Google OAuth tokens | Until you disconnect or delete your account |
5.2 Deleting Your Data
You can request deletion of your data at any time by:
- Emailing support@sparkwright.ai with subject "Data Deletion Request"
- Disconnecting your Google account from our dashboard (immediately revokes our access)
5.3 Google Data Deletion
When you disconnect your Google account or delete your Sparkwright account:
- Your Google OAuth tokens are immediately and permanently deleted from our systems
- We lose all access to your Google Calendar
- Appointments previously created remain on your Google Calendar (you can delete them directly in Google)
5.4 Revoking Google Access
You can also revoke Sparkwright's access to your Google account at any time by visiting Google Account Permissions.
6. Your Rights
You have the right to:
- Access: Request a copy of your personal data
- Correction: Update or correct inaccurate data
- Deletion: Request deletion of your data
- Portability: Receive your data in a structured format
- Revoke Consent: Disconnect third-party integrations at any time
To exercise these rights, contact us at support@sparkwright.ai.
7. SMS Communications
For details about our SMS messaging practices, consent collection, and opt-out procedures, please see our SMS Terms & Consent Policy.
8. Children's Privacy
Our services are designed for businesses and are not intended for children under 18. We do not knowingly collect personal information from children.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through our dashboard. Continued use of our services after changes constitutes acceptance of the updated policy.
10. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
Sparkwright AI LLC
Email: support@sparkwright.ai
Website: sparkwright.ai
Last updated: February 14, 2026