Privacy Policy

Last updated: March 27, 2026

This Privacy Policy describes how Power Dialer, Inc. ("we", "us", "our") collects, uses, shares, and protects information when you use the Power Dialer platform ("Service"). By using the Service, you consent to the practices described in this policy.

1. Information We Collect

Account information

When you create an account, we collect:

  • Your name
  • Company email address
  • Organization name
  • Role and team information

Contact data

When you upload contact lists or create contacts through the API, we process:

  • Phone numbers
  • Contact names
  • Custom metadata fields you provide (e.g., tags, notes, external identifiers)

Contact data is uploaded and managed by you. We process it solely to provide the Service.

Call data

When calls are placed through the platform, we generate and store:

  • Call recordings -- audio files of completed calls
  • Transcripts -- text transcriptions produced by our transcription provider
  • Summaries -- AI-generated call summaries produced by our AI summarization provider
  • Dispositions -- outcome codes assigned by agents or automation
  • Call metadata -- duration, timestamps, caller/callee identifiers, campaign association

Usage data

We collect operational data about how you use the Service:

  • API call logs (endpoints, timestamps, response codes)
  • Campaign statistics (calls placed, connection rates, outcomes)
  • Feature usage patterns

Consent records

When users complete the onboarding consent flow, we record:

  • IP address at the time of consent
  • Timestamp for each consent checkbox
  • The specific consent items acknowledged
  • User and organization identifiers

2. How We Use Your Information

Providing the Service

  • Placing and managing outbound calls
  • Generating transcriptions and AI summaries
  • Sending SMS follow-up messages
  • Enforcing DNC lists and compliance rules

Billing

  • Tracking call minutes and SMS message counts
  • Reporting metered usage to our billing provider for invoicing
  • Processing subscription payments

Compliance

  • Enforcing Do Not Call (DNC) regulations
  • Maintaining audit trails for TCPA compliance
  • Logging consent records with immutable timestamps
  • Enforcing calling hour restrictions

3. Third-Party Data Sharing

We share data with the following third-party service providers, solely to deliver the Service:

Telephony provider

Phone numbers and call audio are transmitted to our telephony provider to place and manage calls and SMS messages.

Transcription provider

Call audio is transmitted to our transcription provider for speech-to-text transcription. Audio is processed in real time and is not retained beyond the transcription session.

AI summarization provider

Transcript text is sent to our AI summarization provider to generate call summaries. We use the provider's API with data retention disabled; transcript content is not used to train third-party models.

Billing provider

Billing information, including subscription details and metered usage counts, is shared with our billing provider for payment processing. We do not store your full credit card number. The billing provider's handling of payment data is governed by their own privacy policy.

No data sales

We do not sell your data to third parties. We do not share your data with advertisers, data brokers, or any party not directly involved in delivering the Service.

4. Data Retention

We retain different categories of data for different periods:

  • Call recordings: 90 days from creation. This period may be configurable based on your account settings.
  • Transcripts: 2 years from creation.
  • Contact data: Retained until you delete it or your account is terminated. After account termination, contact data is retained for 30 days and then permanently purged.
  • Consent records: Retained permanently. Consent records are a compliance requirement under TCPA and cannot be deleted.
  • Account information: Retained for the duration of your account plus 30 days after termination.
  • Usage data: Retained for 2 years for operational and billing purposes.

5. Your Rights

Access

You can access your data at any time through the platform dashboard or via the API. You can request a complete export of your data by contacting us.

Correction

You can update or correct your account information and contact data through the platform at any time.

Deletion

You can delete individual contacts, recordings, and campaign data through the platform. For full account deletion, contact us at privacy@dialer.io.

GDPR right to erasure

If you are subject to the GDPR, you may request erasure of your personal data. Upon receiving a valid erasure request:

  • Contact data (names, phone numbers, metadata) is anonymized
  • Call recordings associated with the contact are deleted
  • Structural records (call logs, campaign statistics) are retained in anonymized form for compliance and operational integrity
  • Consent records are retained in anonymized form as required by law

Data portability

You can export your data at any time via the API. Exports are available in standard formats (JSON, CSV). Contact data, call logs, transcripts, and campaign data are all exportable.

6. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS 1.2+) and at rest (AES-256)
  • API keys are SHA-256 hashed, never stored in plaintext
  • Webhook signatures validated on every callback
  • Rate limiting on all API endpoints
  • Role-based access controls
  • Regular security assessments

7. Cookies

We use essential cookies for authentication and session management. We do not use tracking or advertising cookies.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email at least 30 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at: