Privacy Policy
ZeroMiss LLC 250 Marticville Rd Conestoga, PA 17516
Effective Date: April 3, 2026
1. Introduction
ZeroMiss LLC (“ZeroMiss”, “we”, “us”, or “our”) provides the Smart Voicemail platform – an AI‑powered service that answers missed calls, transcribes messages, books appointments, and sends SMS notifications. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when you (i) use our Services, (ii) visit our website, or (iii) otherwise interact with ZeroMiss.
The policy applies to: - Clients – businesses that subscribe to the Smart Voicemail service. - Callers – individuals who call a Client’s business through the Service. - Website Visitors – individuals who browse https://zeromiss.co.
ZeroMiss is a data processor; Clients are the data controllers for all caller information. Call‑related data remains the property of the Client.
2. Information We Collect
2.1 Information Provided by Clients
| Category | Examples | Purpose |
|---|---|---|
| Account Information | Business name, contact name, email, phone, billing address | Account creation, administration, invoicing |
| Payment Information | Credit‑card details (processed by Stripe) | Billing and receipt of fees |
| Business Configuration | Hours of operation, services offered, calendar credentials (Google or Microsoft) | Enable appointment scheduling and notifications |
| Optional Call Recording Settings | Preference to enable/disable recordings, retention period | Control of call‑recording feature |
| Usage Preferences | Notification settings, feature toggles | Tailor the Service to Client needs |
| Voice Samples (optional) | Audio recordings of Client’s voice (~5‑10 minutes) for AI voice cloning | Create a custom AI voice model via ElevenLabs (only if Client purchases voice cloning add‑on and signs a Voice Cloning Consent form) |
2.2 Information Collected from Callers (via the Service)
| Category | Examples | Purpose |
|---|---|---|
| Call Metadata | Caller phone number, call start time, duration, outcome, dialed number | Call logging, billing, analytics |
| Call Recordings (optional) | Audio of the conversation (when Client enables recording) | Provide transcript, quality assurance, dispute resolution |
| Transcripts | Text version of recorded calls (generated by Retell AI) | Deliverable to Client, analytics |
| Appointment Data | Caller name, phone, requested service, date/time (when booked) | Populate Client’s calendar (Google or Outlook) |
| SMS Notifications | Text messages sent to callers (via Twilio, SendGrid) | Confirmations, reminders |
Note on AI Voice Technology: ZeroMiss uses AI for transcription and scheduling. We do not engage in voice cloning or generate synthetic voice replicas of callers or clients.
2.3 Information Collected Automatically
| Category | Examples | Purpose |
|---|---|---|
| Device Information | IP address, browser type, operating system, device type | Security, troubleshooting, usage analytics |
| Cookies & Similar Technologies | Session cookie, essential analytics cookie | Maintain login session, essential site functionality |
| Log Data | Access timestamps, error messages, API request logs | System monitoring, security incident detection |
3. How We Use Information
3.1 To Provide and Improve the Service
- Operate the Smart Voicemail platform, including call answering, transcription, appointment scheduling, and SMS notifications.
- Store and retrieve call metadata, recordings, and transcripts for the duration specified in Section 5.
- Use aggregated, de‑identified data to improve AI models, develop new features, and perform product analytics.
3.2 To Manage the Business Relationship
- Process payments, issue invoices, and manage subscriptions.
- Communicate service updates, billing information, and support responses.
- Enforce the terms of the Client Service Agreement (CSA) and this Privacy Policy.
3.3 To Comply with Legal Obligations
- Respond to lawful requests, subpoenas, or court orders.
- Enforce our Terms of Service, protect our rights, and prevent fraud or illegal activity.
- Meet applicable record‑keeping requirements (e.g., payment records for 7 years).
4. Sharing of Information
4.1 Service Providers (Sub‑Processors)
We share data with the following sub‑processors, each bound by a Data Processing Agreement that imposes contractual data‑protection obligations: - Retell AI – Speech‑to‑text and AI processing (call audio, transcripts). - ElevenLabs – AI voice cloning and voice model generation (voice samples, voice models). Used only for Clients who purchase the optional voice cloning add‑on and sign a Voice Cloning Consent form. - Twilio – Telephony, SMS delivery, phone‑number provisioning (call metadata, SMS content). - Supabase – Database, authentication, file storage (all service data). - Google Cloud – Hosting and compute resources. - Microsoft Corporation – Outlook Calendar integration via Microsoft Graph. - SendGrid – Transactional email delivery. - Stripe – Payment processing (payment information only; ZeroMiss does not store raw card data).
4.2 With Clients
We provide Callers’ data (metadata, recordings, transcripts, appointment details) directly to the Client that owns the call. The Client is responsible for any further disclosure.
4.3 Legal Requirements & Business Transfers
We may disclose information to law‑enforcement or regulatory bodies when required by law. In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of the transaction, provided the successor assumes the same data‑protection obligations.
4.4 No Sale of Personal Data
ZeroMiss does not sell personal information to third parties. We do not share personal information for monetary consideration in a manner that constitutes a “sale” under the CCPA.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Call Recordings (when enabled) | 90 days (configurable by Client) |
| Call Transcripts | 12 months |
| Call Metadata (including caller number, timestamps, outcome) | 12 months |
| Account Information (profile, settings) | Duration of the account + 30 days |
| Payment Records (invoices, receipts) | 7 years (legal requirement) |
| Aggregated, de‑identified analytics data | Indefinitely |
| Voice Samples (when voice cloning purchased) | Duration of account + 30 days (deleted upon consent revocation) |
| AI Voice Models (when voice cloning purchased) | Duration of account + 30 days (deleted within 30 days of revocation; backups within 90 days) |
| Log files & security event data | 12 months |
Deletion Exceptions: Notwithstanding the above periods, ZeroMiss may retain personal information where necessary to: 1. Comply with Legal Obligations: Such as tax, accounting, or regulatory record‑keeping requirements. 2. Prevent Fraud or Abuse: To detect, prevent, or address technical issues, security vulnerabilities, or fraud. 3. Enforce Agreements: To enforce the terms of the Client Service Agreement or this Privacy Policy. 4. De‑identified Data: Data that has been anonymized and cannot be reasonably linked to an individual. 5. Backup Systems: Data retained in secure backup systems for disaster recovery purposes, which will be purged according to standard backup rotation schedules.
Upon termination of Services, ZeroMiss will delete Client‑owned data within 30 days, unless a Client requests export or an exception applies.
6. Security Measures
ZeroMiss implements industry‑standard safeguards, including: - Encryption in transit – TLS 1.2 or higher for all network traffic. - Encryption at rest – AES‑256 for stored data. - Role‑based access controls – Least‑privilege principle for employees and contractors. - Audit logging – Detailed logs of data access and administrative actions. - Regular security assessments – Vulnerability scanning and penetration testing. - Incident response plan – Procedures for detection, containment, and remediation of security events.
Security Liability Limitation: While we strive to protect personal data, no system can guarantee 100% security. ZeroMiss’s liability for any loss, damage, or expense arising from a security incident or data breach is limited to the amount of fees actually paid by the affected Client in the six (6) months preceding the incident, except for liability arising from fraud, willful misconduct, or breach of confidentiality obligations. This limitation excludes indirect, consequential, special, or punitive damages.
7. Your Rights
7.1 Rights of Clients (Data Controllers)
Clients may exercise the following rights with respect to their own data and the aggregated, de‑identified data we retain: - Access & Portability – Request a copy of the data we hold about the Client’s account. - Correction – Request correction of inaccurate account information. - Deletion – Request deletion of the Client’s account data (subject to payment‑record retention and deletion exceptions in Section 5). Aggregated, de‑identified data is exempt. - Restriction – Request limitation of processing for specific purposes (e.g., marketing). - Verification – We require reasonable verification of the requestor’s identity before fulfilling any request. This may include providing proof of authority to act on behalf of the Client account.
Requests should be directed to legal@zeromiss.co and will be responded to within thirty (30) days, unless a longer period is required by law.
7.2 Rights of Callers (Individuals)
Callers, as individuals, have the following rights under applicable U.S. law: - Access & Deletion – May request access to or deletion of their personal data from the Client. ZeroMiss will cooperate with the Client, who is the data controller, to fulfill such requests. - Opt‑out of Marketing – Callers may opt out of any marketing communications sent by the Client.
ZeroMiss does not retain caller‑specific data beyond the retention periods in Section 5, except as required for legal compliance.
7.3 California Residents (CCPA/CPRA)
If you are a California resident, you have additional rights: - Right to Know – Request disclosure of the categories of personal information we collect and the purposes of processing. - Right to Delete – Request deletion of your personal information, subject to the exemptions in the CCPA. - Right to Opt‑Out of Sale – ZeroMiss does not sell personal information. This right is therefore moot. - Right to Non‑Discrimination – We will not discriminate against you for exercising any CCPA right.
To exercise these rights, email legal@zeromiss.co with “CCPA Request” in the subject line.
7.4 Pennsylvania Breach Notification (BPINA)
In the event of a data breach affecting Pennsylvania residents, ZeroMiss will: 1. Notify affected individuals without unreasonable delay, but no later than 45 days after discovery of the breach. 2. Provide a description of the breach, types of information compromised, and steps individuals can take to protect themselves. 3. Notify the Pennsylvania Attorney General’s office as required by the Breach of Personal Information Notification Act (BPINA).
8. Cookies and Similar Technologies
We use essential cookies only to enable core website functions such as login and session management. No analytics or advertising cookies are deployed at this time.
- Cookie Name:
session_id - Purpose: Maintain authenticated session.
- Expiration: Session (cleared when the browser is closed).
You may disable cookies via your browser settings; however, disabling essential cookies may prevent you from accessing certain features of our website.
9. Children’s Privacy
Our Services are not directed to children under 18 years of age, and we do not knowingly collect personal information from children. If we become aware of such collection, we will promptly delete the data.
10. Third‑Party Links
Our website or Service may contain links to third‑party sites. This Privacy Policy does not apply to those sites, and we encourage you to review the privacy policies of any linked services.
11. International Data Transfers
ZeroMiss operates solely in the United States. We do not currently transfer personal data outside the U.S. If future transfers occur, they will be protected by appropriate safeguards (e.g., Standard Contractual Clauses) and will be disclosed in an updated version of this Policy.
12. HIPAA / Protected Health Information (PHI)
ZeroMiss does not handle PHI in the standard Smart Voicemail service. The Service is NOT designed for Protected Health Information (PHI) and is not HIPAA compliant by default. If a Client requires PHI handling, a separate Business Associate Agreement (BAA) must be executed, and the Client must configure the Service in compliance with HIPAA. The BAA supersedes this Privacy Policy with respect to PHI.
13. Limitation of Liability for Security Incidents
ZeroMiss’s liability for any loss, damage, or expense arising from a security incident or data breach is limited to the amount of fees actually paid by the affected Client in the six (6) months preceding the incident, except for liability arising from fraud, willful misconduct, or breach of the confidentiality obligations set forth in the CSA. This limitation does not affect any rights or remedies that may be available under applicable law.
14. Changes to This Policy
ZeroMiss reserves the right to revise this Privacy Policy from time to time at its sole discretion. For material changes we will: 1. Post the revised Policy on our website with an updated “Effective Date”. 2. Email a notice to the primary contact listed in the Client’s account.
Your continued use of the Service after such notice constitutes acceptance of the updated Policy. If you do not agree with the changes, you may terminate your account in accordance with the CSA prior to the effective date of the changes.
15. Contact Information
If you have questions about this Privacy Policy or wish to exercise any of your rights, please contact us:
ZeroMiss LLC Email: legal@zeromiss.co Address: 250 Marticville Rd, Conestoga, PA 17516
This Privacy Policy was prepared on April 3, 2026. It is intended for internal use and distribution to ZeroMiss clients and website visitors. Review by legal counsel is recommended before final adoption.