Privacy Policy

1. Introduction

This Privacy Policy describes how Banana Intelligence, LLC ("we," "us," or "our") collects, uses, and shares information when you use the Sticky Calls API service ("Service") available at https://stickycalls.com and https://api.stickycalls.com.

By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

• Email address (for authentication and communication)
• Name (optional, if provided)
• Authentication data (managed by Auth0)

2.2 API Usage Data

When you use our API, we collect:

• API keys and authentication credentials
• API call events and timestamps
• Usage metrics (number of API calls, credits consumed)
• IP addresses (for security and rate limiting)
• Error information for debugging

2.3 Customer Data Transmitted via API

Data you transmit through our API may include:

• Phone numbers (ANI/DNIS)
• Customer identifiers (external IDs, CRM references)
• Conversation context and variables you choose to save
• Intent data and call metadata

Important: You are solely responsible for ensuring you have the legal right to transmit this data to our Service. You must not transmit any data you are not authorized to share.

2.4 Billing Information

Payment information is processed by Stripe, Inc. We do not store your credit card details. We receive and store:

• Stripe customer ID
• Subscription status and tier
• Billing history and transaction records
• Last 4 digits of payment method (from Stripe)

2.5 Automatically Collected Information

We automatically collect:

• Device information (browser type, operating system)
• Log data (access times, pages viewed, IP address)
• Cookies and similar tracking technologies

3. How We Use Your Information

We use collected information for:

• Service Provision: To provide, maintain, and improve our API service
• Authentication: To verify your identity and secure your account
• Billing: To process payments and manage subscriptions
• Usage Tracking: To monitor API usage, enforce rate limits, and track credits
• Analytics: To understand usage patterns and improve our Service
• Security: To detect, prevent, and address fraud, abuse, and security issues
• Communication: To send service-related announcements, updates, and support responses
• Compliance: To comply with legal obligations and enforce our Terms of Service

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We share data with third-party vendors who assist in operating our Service:

• Auth0: Authentication and identity management
• Stripe: Payment processing
• Google Cloud Platform: Hosting and infrastructure
• Vercel: Dashboard and website hosting

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (subpoenas, court orders)
• Requests from law enforcement or government agencies
• Protection of our rights, property, or safety
• Emergency situations involving danger of death or serious physical injury

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

4.4 No Data Selling

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Retention

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

• Account Data: Retained while your account is active. Deleted within 30 days of account closure request.
• API Usage Data: Retained for operational purposes. You may request deletion at any time.
• Customer Context Data: Retained according to TTL (time-to-live) settings you specify (default 30 days). Expired data is removed periodically.
• Billing Records: Retained for 7 years as required by law for tax and accounting purposes.
• Security Logs: Managed by infrastructure providers (Google Cloud Platform) according to their retention policies.

You may request deletion of your data at any time by contacting us at nate@bananaintelligence.ai. We will process deletion requests within 30 days.

6. Data Security

We implement industry-standard security measures to protect your data:

• Encryption in transit (HTTPS/TLS 1.3)
• Encryption at rest for database storage
• Secure authentication via Auth0
• API key-based authentication for service access
• Regular security audits and monitoring
• Access controls and logging
• Rate limiting and DDoS protection

However, no method of transmission over the Internet or electronic storage is 100% secure.While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights and Choices

7.1 Access and Correction

You have the right to access and update your account information through the dashboard at https://stickycalls.com/dashboard.

7.2 Data Portability

You can export your data via the API or by requesting a data export at nate@bananaintelligence.ai.

7.3 Deletion

You can request account deletion by contacting nate@bananaintelligence.ai. We will delete your data within 30 days, except for data we are legally required to retain.

7.4 Marketing Communications

We will only send you marketing emails if you opt in. You can unsubscribe at any time using the link in any email. Service-related emails (billing, security alerts) cannot be opted out of.

7.5 Do Not Track

We do not currently respond to Do Not Track signals.

8. Cookies and Tracking

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication and service functionality
• Analytics: To understand how users interact with our Service (Google Analytics)
• Preferences: To remember your settings and preferences

You can control cookies through your browser settings, but disabling essential cookies may affect Service functionality.

9. International Data Transfers

Our Service is hosted in the United States. If you access our Service from outside the U.S., your data will be transferred to and processed in the United States.

By using our Service, you consent to the transfer of your information to the United States and processing in accordance with this Privacy Policy.

10. GDPR Compliance (European Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

• Legal Basis: We process your data based on contract performance, legitimate interests, and legal compliance
• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restriction: Limit how we use your data
• Right to Object: Object to data processing
• Right to Data Portability: Receive your data in a portable format
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at nate@bananaintelligence.ai.

11. CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of personal information collected
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: We do not sell personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at nate@bananaintelligence.ai. We will respond within 45 days.

12. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at nate@bananaintelligence.ai.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification for significant changes

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

14. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us: