Privacy Policy

This Privacy Policy explains how ReceptionEase ("we", "us", or "our"), operated by Vampo Group, collects, uses, stores, and protects information when you use our AI-powered receptionist platform at receptionease.com (the "Service").

By using the Service, you agree to the collection and use of information as described in this policy.

ReceptionEase is an AI-powered receptionist platform that answers business phone calls 24/7, books appointments, manages contacts, and provides businesses with a real-time dashboard of their communications.

Data controller:
Vampo Group
Rruga Ibrahim Rugova, Building No. 28, Entrance 9, Ap. 7
Tiranë, Albania 1019
contact@receptionease.com

2.1 Account & Business Information

When you register, we collect:

• Business name, phone number, address, and description
• User email address and password (hashed with Argon2 — we never store plaintext passwords)
• Team member names and email addresses

2.2 Call Data

Our AI telephony system (powered by Twilio) processes and stores the following for every call handled on your behalf:

• Caller phone number and identity (where provided by the caller or matched to existing contacts)
• Call date, time, and duration
• AI-generated call summary — a brief description of the call's purpose
• Intent, sentiment, and urgency classification — automatically assessed by the AI
• Call outcome — e.g., appointment booked, message taken, call transferred
• Call transcript — a full text transcription of the conversation

2.3 Contact Information

We store contact records for your callers, which may include:

• Full name
• Phone number
• Email address
• Any notes added by your team

2.4 Appointment & Calendar Data

We store appointment details including:

• Contact name and phone number
• Appointment date, time, duration, and service type
• When Google Calendar is connected: we read and write events to your linked Google Calendar using OAuth tokens stored securely in our database

2.5 Usage & Technical Data

We may automatically collect:

• IP address and browser/device type when you access the dashboard
• Authentication tokens (JWT) stored in HTTP-only cookies for session management
• Server logs for security and debugging purposes

We use the information we collect to:

• Provide and operate the Service — answer calls, book appointments, manage contacts, and display your dashboard
• Sync with Google Calendar — create, update, and delete calendar events when the integration is enabled
• Send service communications — account alerts, billing notices, and support responses
• Ensure security — detect fraud, unauthorized access, and abuse
• Comply with legal obligations — retain records as required by applicable law

We do not use your call transcripts or any call data to train AI models. Your data is used solely to provide the Service to you.

Calls handled by ReceptionEase are answered by an AI system powered by Twilio. Conversations are transcribed and stored in your dashboard. Call audio recording is currently disabled.

It is your responsibility as the business owner to notify your callers that calls are handled by an AI system and may be transcribed, in compliance with applicable laws in your jurisdiction. Transcripts are accessible only to authenticated users of your business account.

We do not sell your data. We share data only in the following circumstances:

Our database is self-hosted. No third-party cloud database provider processes your stored data.

We retain your data for as long as your business maintains an active subscription with ReceptionEase.

When you cancel your subscription or request account closure, all data associated with your account — including contacts, call records, transcripts, appointments, and business information — is permanently deleted within a reasonable period following account closure. This action is irreversible.

Server logs are retained for up to 30 days for security and debugging purposes.

We implement the following security measures:

• Passwords are hashed using Argon2 before storage
• API authentication uses signed JWT tokens stored in HTTP-only cookies
• AI system API access uses per-business API keys
• Our database is self-hosted and not exposed to the public internet
• All connections use TLS encryption

No method of transmission over the internet is 100% secure. While we use commercially reasonable measures, we cannot guarantee absolute security.

We use one first-party cookie:

We do not use third-party tracking cookies, advertising cookies, or analytics cookies.

You have the right to:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate data
• Erasure — request deletion of your personal data
• Portability — receive your data in a machine-readable format
• Withdraw consent — disconnect Google Calendar at any time from your dashboard

To exercise any of these rights, contact us at contact@receptionease.com. We will respond within 30 days.

The Service is intended for use by businesses and is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will delete it.

Our servers are self-hosted in Albania. If you access the Service from outside Albania, your data is processed on servers located in Albania.

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and notify you by email.

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

For privacy-related questions, requests, or complaints:

Vampo Group
Email: contact@receptionease.com
Rruga Ibrahim Rugova, Building No. 28, Entrance 9, Ap. 7, Tiranë, Albania 1019