Hvaq

Privacy Policy

Last updated May 27, 2026

This Privacy Policy explains how Hvaq collects, uses, shares, and protects information when customers use our AI receptionist, booking, review, messaging, billing, integrations, analytics, and mobile app features for home service businesses.

1. Who this policy covers

This policy applies to visitors to the Hvaq website, account users, workspace administrators, dispatchers, platform administrators, mobile app users, and callers or end customers whose information is processed through a customer's Hvaq workspace.

In many cases, the home service company using Hvaq controls why and how caller and customer information is processed. Hvaq processes that information to provide the service configured by that customer.

2. Information we collect and process

Account and workspace information

  • User name, email address, authentication identifiers, organization membership, role, and onboarding status.
  • Business profile details such as company name, website, main phone number, timezone, service area, ZIP codes, service radius, hours, supported trades, and booking rules.
  • Configured services, intake guidance, emergency eligibility, estimated revenue, job type mappings, and AI receptionist settings.

Call, booking, and customer information

  • Caller name, phone number, email, service address, requested service, trade, urgency, preferred appointment window, consent-to-book status, notes, summaries, outcomes, and review reasons.
  • Call metadata such as direction, timestamps, duration, provider call identifiers, call cost, status, confidence signals, sentiment, and guardrail flags.
  • Transcripts, recordings or recording links when available, AI-generated summaries, conversation analysis, review tasks, booking records, customer profiles, invoices, and follow-up history.

Connected services and integrations

  • OAuth tokens, refresh tokens, tenant identifiers, provider account identifiers, webhook events, sync status, and integration health for connected providers.
  • Jobber, Calendly, Google Calendar, Apple Calendar, Retell, Stripe, RevenueCat, Supabase, Resend, future ServiceTitan and Housecall Pro connections, and other operational providers used to run the service.
  • Provider data needed to create or update customers, clients, addresses, jobs, service requests, appointment windows, calendar events, booking links, and webhook-driven status updates.

Billing, usage, and communications data

  • Stripe and RevenueCat billing identifiers, subscription status, invoices, checkout state, payment-provider customer IDs, add-on status, usage meters, overage state, and billing emails.
  • Voice usage down to seconds, included usage, outbound usage, SMS message counts, estimated overage amounts, and add-on request history.
  • Email, SMS, notification, and webhook delivery data, including templates, sender labels, quiet-hour settings, delivery state, replies, and notification preferences.

Website, device, and support information

  • Website analytics and marketing interaction data collected through tools such as Google Tag and embedded scheduling or widget scripts.
  • Device, browser, log, IP-derived, session, and diagnostic information used for security, routing, performance, debugging, and fraud prevention.
  • Support tickets, screenshots, admin notes, troubleshooting records, mobile notification test data, App Store subscription restore events, and messages sent to Hvaq support.

3. How we use information

  • Operate the AI receptionist, answer calls, qualify requests, capture caller details, route calls, create bookings, and generate summaries.
  • Configure the receptionist prompt around the customer's business profile, service catalog, trades, service area, hours, emergency handling, and booking rules.
  • Create or prepare jobs, clients, service requests, calendar events, booking links, customer records, review tasks, notifications, and provider sync records.
  • Provide dashboards, analytics, call history, customer history, review workflows, usage reporting, billing, add-on management, and mobile app features.
  • Send customer-facing and business-facing communications such as confirmations, reminders, replies, billing notices, support messages, and operational alerts.
  • Protect the platform, enforce access controls, detect abuse, troubleshoot integrations, verify webhooks, maintain audit records, and improve safety and reliability.
  • Develop and improve AI prompts, call handling, service eligibility, review rules, analytics, documentation, and support workflows.

4. AI processing, calls, transcripts, and recordings

Hvaq uses AI and voice technology to answer calls, understand caller requests, follow configured business rules, summarize calls, identify review needs, and support booking workflows. Call transcripts, summaries, structured intake fields, confidence signals, and recordings or recording links may be stored so the business can review what happened and improve operations.

AI outputs can be incomplete or incorrect. Customers should review call records, booking decisions, urgent requests, low-confidence calls, and provider sync failures. Hvaq is not a replacement for emergency services, licensed trade advice, or human judgment.

5. Communications, SMS, email, outbound calls, and notifications

If enabled by the customer, Hvaq may send or help send booking confirmations, reminders, replies, missed-call responses, outbound follow-up calls, billing messages, support messages, webhook updates, and mobile or browser notifications. Message content, delivery status, replies, opt-out signals, quiet-hour settings, and sender labels may be processed to operate those features.

Customers are responsible for configuring communications lawfully, honoring consent and opt-out requirements, and making any required disclosures to callers and message recipients.

6. How information is shared

Service providers

We share information with vendors that host, process, transmit, secure, bill, analyze, or support the platform. These include infrastructure, authentication, database, voice, AI, email, SMS, payment, mobile billing, analytics, logging, and support providers.

Connected integrations

When a customer connects an available provider such as Jobber, Calendly, Google Calendar, or Apple Calendar, Hvaq sends and receives the data needed for that workflow. ServiceTitan and Housecall Pro are planned integrations. For example, caller contact details, service address, job notes, appointment windows, provider IDs, and webhook updates may be exchanged.

Customer-directed communications

If a customer enables email, SMS, outbound calling, calendar sync, booking links, or provider booking, Hvaq may send information to callers, customers, staff, calendars, and connected systems as configured by that customer.

Legal, safety, and business transfers

We may disclose information when required by law, to protect users or the public, to prevent fraud or abuse, to enforce our terms, or as part of a merger, financing, acquisition, reorganization, or sale of assets.

7. Third-party services

Third-party services have their own privacy and security practices. When a customer connects or uses a third-party provider, that provider may process information under its own terms. Examples include Supabase for authentication and data storage, Retell for voice services, Stripe for web billing, RevenueCat for mobile billing, Resend for email, Google services for analytics or calendar features, and connected field-service or scheduling providers.

8. Security

Hvaq uses access controls, organization membership checks, administrative role checks, webhook verification, encrypted token storage where supported, transport security, audit records, and operational monitoring to protect platform data. OAuth tokens and sensitive provider credentials are encrypted at rest when the required encryption keys are configured.

No system is perfectly secure. Customers should use strong account credentials, restrict user access to authorized staff, keep provider credentials private, and promptly report suspected unauthorized access.

9. Data retention

We retain information for as long as needed to provide the platform, support customer operations, maintain records, comply with legal or billing obligations, resolve disputes, improve reliability, and enforce agreements. Retention periods may vary by data type, customer configuration, provider settings, billing records, backup systems, and legal requirements.

A customer may request deletion or export of workspace data by contacting us. Some information may be retained where required for security, fraud prevention, billing, legal compliance, backup integrity, or legitimate business records.

10. Your choices and rights

  • Account users can update many workspace settings directly in the platform.
  • Customers can disconnect supported integrations from settings or from the third-party provider.
  • Customers can manage Stripe billing through the billing portal and restore mobile purchases through the iOS app when applicable.
  • Customers can request access, correction, export, or deletion of information by contacting Hvaq.
  • Message recipients may use available opt-out methods for SMS where supported, and customers should honor any direct opt-out request they receive.

11. Children's information

Hvaq is a business platform and is not intended for children. We do not knowingly collect personal information from children through the website or customer accounts.

12. International processing

Information may be processed in the United States or other locations where Hvaq or its service providers operate. By using the platform, customers understand that information may be transferred and processed outside the location where it was originally collected.

13. Changes to this policy

We may update this Privacy Policy as the platform, integrations, providers, or legal requirements change. The updated date above shows when this page was last revised. Continued use of the platform after an update means the revised policy applies going forward.

14. Contact

Privacy questions, data requests, or security concerns can be sent to hello@hvaq.pro.