Effective Date: October 5, 2025

1. Introduction

Rocket Solutions LLC (“Rocket Solutions,” “we,” “us”) operates CallBird AI, an AI-powered phone answering and appointment scheduling service. CallBird AI automatically handles inbound calls, books appointments, transcribes calls, and routes emergency calls to the owner’s cell phone. The associated app provides access to call transcripts, summaries, and key details.

This Privacy Policy explains how we collect, use, store, and share personal and business information when you use CallBird AI, our website, mobile or web applications, or other services (collectively, the “Services”).

By using our Services, you consent to the practices described herein.

2. Scope

This Policy applies to:

Business clients using CallBird AI services

Individuals whose calls are processed by CallBird AI

Website users interacting with CallBird AI content or data collection tools

3. Information We Collect

We collect information to provide, improve, and secure our Services:

A. Call Data

Audio recordings of calls

AI-generated transcripts and call summaries

Call metadata: phone numbers, timestamps, duration, routing details, emergency flags

B. Account Data

Business name, contact information, billing information

Owner’s phone number for emergency transfers

Login credentials and authentication data

C. Usage and Technical Data

App access logs

IP addresses, device identifiers, browser type

Cookies and analytics data

D. Derived Data

Call intent, appointment status, and key notes extracted by AI

Aggregated insights for service improvement

E. Protected Health Information (PHI)

If calls contain PHI and you are a HIPAA-covered entity, PHI is handled under a Business Associate Agreement (BAA).

4. How We Use Information

To answer calls, schedule appointments, and summarize call content

Route emergencies to the owner’s cell phone

Provide app access to transcripts and call details

Improve AI models and Service functionality using de-identified or aggregated data

Billing, customer support, and legal compliance

5. HIPAA Compliance

If you are a covered entity, a BAA must be executed before routing PHI through CallBird AI

CallBird AI acts as a business associate under HIPAA, implementing safeguards consistent with HIPAA Security Rule

PHI is encrypted in transit and at rest, and access is limited to authorized personnel

6. Legal Bases (for EEA/UK users)

We rely on lawful bases such as:

Consent

Performance of contract

Compliance with legal obligations

Legitimate interests (e.g., service improvement, fraud prevention)

7. Sharing Information

We may share your information with:

Vendors and subprocessors (hosting, transcription, analytics, payment processors) under contract

Affiliates in connection with mergers, acquisitions, or business transfers

Legal authorities if required by law or court order

To protect Rocket Solutions’ or users’ rights, safety, or property

All subprocessors are contractually bound to maintain security and confidentiality. PHI sharing is governed by HIPAA and BAA requirements.

8. AI Model Use

CallBird AI may use de-identified or aggregated data to improve models

Identifiable call content is never used for AI model training without explicit consent or contractual authorization

9. Data Retention

We retain call recordings, transcripts, and account data as required to provide services and comply with legal obligations

Deletion requests will be honored subject to business record retention requirements

10. Security

Administrative, physical, and technical safeguards are implemented to protect data

For PHI, additional HIPAA-compliant safeguards are in place under a BAA

Security audits and encryption standards are continuously maintained

11. Your Rights

Access, correction, deletion, and portability of personal data where law allows

California residents may exercise CCPA/CPRA rights to know, delete, and opt-out of sale of personal information (we do not sell personal info without disclosure)

12. Children

We do not knowingly collect information from children under 13. If discovered, it will be deleted immediately.

13. International Transfers

Data may be transferred outside your country. Legal mechanisms such as Standard Contractual Clauses (SCCs) are used to ensure protection.

14. Changes to This Policy

Updates will be posted on this page, with notification to account holders where legally required.