1. Who We Are
This Privacy Policy describes how Oprantis ("we," "us," "our") collects, uses, and shares information about you when you visit oprantis.com or use our AI receptionist service (collectively, the "Service").
Oprantis is a California-based business with mailing address PO Box 2549, Mission Viejo, CA 92690. Email: privacy@oprantis.com. Phone: (949) 791-4332.
2. Information We Collect
From you, our subscriber
- Account information: name, business name, email, phone number, mailing address, business type/industry
- Onboarding details: services you offer, pricing, hours of operation, after-hours protocol, scripts, escalation contacts
- Payment information: handled by Stripe; we receive only the last 4 digits of your card and your billing zip code, not the full card number
- Communications with us: emails, support requests, calls to our team
From your callers (people who call your business)
- Voice recordings and transcripts of calls Aria handles on your behalf
- Caller name, phone number, address as collected during the call
- Lead details Aria captures (job type, scope, budget signals, urgency, requested appointment time)
Automatically (from the website)
- IP address, browser type, device type, referring URL, pages viewed
- Cookies and similar technologies (see Section 12 below)
- Aggregate usage analytics via Google Analytics 4
3. How We Use Information
- To provide, maintain, and improve the Service
- To process payments and send invoices
- To answer phone calls on your behalf via Aria, qualify leads, and book appointments
- To send service-related notifications (booking confirmations, payment receipts, usage threshold alerts)
- To respond to your support requests
- To comply with legal obligations
- For de-identified product improvement (see Section 8 of Terms of Service)
4. Call Recording — Specifically
Aria, our AI receptionist, records all calls it handles. Aria announces the recording at the start of every call (sample script: "This call is being recorded for quality and to capture appointment details"). Callers who do not consent may end the call.
Recordings and transcripts are stored encrypted at rest and accessible only to:
- You (the subscribing business) via your account portal
- Oprantis personnel for support and quality assurance, on an as-needed basis
- Our subprocessors (see Section 5) strictly to deliver the Service
Default retention: 90 days, configurable in your portal settings (range: 30–365 days). After the retention period expires, recordings are permanently deleted from primary storage; encrypted backup copies are purged within an additional 30 days per our backup rotation schedule.
5. Information Sharing and Subprocessors
We do not sell your information or your callers' information to anyone for any purpose. We share information with the following third-party processors solely to deliver the Service:
| Processor | Purpose | What is shared |
|---|---|---|
| Stripe, Inc. | Payment processing | Your billing details and subscription status |
| HubSpot, Inc. | CRM hosting | Your callers' lead details (name, phone, job, etc.) |
| Retell AI, Inc. | Voice AI infrastructure (Aria) | Call audio, transcripts, your business knowledge base |
| Twilio Inc. | Telephony / SMS | Phone numbers, call routing metadata |
| Calendly, LLC | Appointment scheduling | Booking details, your subscriber's email |
| Cloudflare, Inc. | Hosting, CDN, DNS, KV storage | All Service traffic + persistent state we store |
| Google LLC (Workspace + GA4) | Email infrastructure + website analytics | Outbound email, aggregate site usage |
| Meta Platforms, Inc. | Conversion analytics (server-side CAPI) | Hashed lead/purchase events for ad attribution |
We may also disclose information when required by law (e.g., subpoena, court order, valid legal request), to protect Oprantis's legal rights, to enforce our Terms of Service, or in connection with a merger, acquisition, or sale of assets (in which case we will notify subscribers in advance and offer the opportunity to delete your data before the transfer takes effect).
6. Data Retention
- Account information: retained for the duration of your active subscription plus 90 days after cancellation, then anonymized
- Call recordings and transcripts: default 90 days, configurable 30–365 days, then permanently deleted
- Payment records: retained 7 years to satisfy California Bus. & Prof. Code recordkeeping requirements and tax law
- Web analytics (GA4): aggregate retention per Google's defaults (currently 14 months)
- Email correspondence: retained for the duration of your active subscription plus 24 months
7. Your California Privacy Rights
If you are a California resident, you have the following rights regarding your personal information:
- Right to Know: the categories and specific pieces of personal information we have collected about you, the sources, the business purpose, and the categories of third parties we share it with
- Right to Delete: request that we delete personal information we have collected from you, subject to legal exceptions (e.g., we cannot delete information we are required to retain under tax or accounting law)
- Right to Correct: request that we correct inaccurate personal information about you
- Right to Opt-Out: of the sale or sharing of your personal information for cross-context behavioral advertising. Note: Oprantis does not sell or share personal information for cross-context behavioral advertising. This right is meaningful only if that practice changes; we commit to notifying you if it does
- Right to Limit Use of Sensitive Personal Information: you may request that we limit our use of sensitive personal information (e.g., precise geolocation, racial or ethnic origin) to what is reasonably necessary to provide the Service. Note: Oprantis does not currently collect categories of sensitive personal information beyond what is necessary to provide the Service
- Right to Non-Discrimination: we will not deny services, charge different prices, or provide a different level of quality because you exercised any of these rights
- Right to Data Portability: request your personal information in a portable, machine-readable format
8. How to Exercise Your Rights
To exercise any of the rights in Section 7, contact us:
- Email: privacy@oprantis.com
- Phone: (949) 791-4332
- Web form: oprantis.com/privacy-request (form coming soon — until live, use email)
We will verify your identity before fulfilling the request (typically by confirming you can receive an email at the address on the account, or by phone callback). We respond within forty-five (45) days as required by CCPA, with a possible 45-day extension if needed; we will notify you of any extension within the original 45-day window.
Authorized agents may submit requests on your behalf; we will require written proof of authorization.
9. Children's Privacy
The Service is intended for businesses, not individuals, and is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it promptly. If you believe a child under 13 has provided us with personal information, please contact privacy@oprantis.com.
10. International Users
Oprantis is a U.S.-based business serving U.S. customers. Our Service is hosted in the United States. We do not currently support GDPR-style consent flows or data residency in the EU/UK/EEA. If you access the Service from outside the United States, you consent to the transfer and processing of your information in the United States, which may have different data protection laws than your jurisdiction.
11. Online Privacy Practices and "Do Not Track"
This Privacy Policy is published in compliance with CalOPPA. Per CalOPPA disclosure obligations, we treat browser "Do Not Track" signals as follows: we do not track users across third-party websites, so DNT signals do not change our behavior. We use Google Analytics 4 for first-party site analytics only; we do not run advertising or remarketing trackers.
12. Cookies and Tracking Technologies
Oprantis.com uses a small number of cookies, all first-party and necessary for site functionality or analytics:
- Session cookies from Cloudflare (DDoS protection, performance routing)
- Google Analytics 4 first-party cookies (`_ga`, `_ga_*`) for aggregate page analytics; IP anonymization is enabled
- Site preferences in localStorage (e.g., demo widget state)
We do not use third-party advertising trackers (Facebook Pixel, Google Ads, retargeting pixels). The Meta CAPI integration mentioned in Section 5 fires server-side from our Worker for ad-attribution measurement; no client-side Pixel script runs on oprantis.com.
You can disable cookies in your browser; the site will still function but some analytics will be incomplete.
13. Email Marketing — CAN-SPAM Compliance
If you opt in to receive marketing emails from Oprantis (the optional checkbox on our contact form), you may unsubscribe at any time:
- Click the unsubscribe link in any marketing email's footer
- Email unsubscribe@oprantis.com with "unsubscribe" in the subject
We process unsubscribe requests within 10 business days as required by CAN-SPAM. Service-related transactional emails (billing receipts, booking confirmations, security alerts) are not affected by unsubscribing, since CAN-SPAM permits transactional emails to active subscribers regardless of marketing-email opt-out status.
14. Outbound Calls and TCPA
Oprantis does not place outbound marketing calls or send marketing SMS to consumers. Aria places outbound calls only when (a) a prospect has explicitly requested a callback by submitting our live-demo form, or (b) on behalf of a subscribing business calling its own existing customers/leads. In either case, the call is initiated by clear consent or by the subscribing business's own established business relationship.
Subscribers are responsible for compliance with TCPA when using Aria to contact their own customer lists; we do not provide call lists or initiate prospecting calls on subscribers' behalf to consumers without prior express consent.
15. Security
- Encryption in transit: all traffic between your browser and oprantis.com uses TLS 1.2 or higher, enforced via Cloudflare
- Encryption at rest: call recordings, transcripts, and account data stored in subprocessor systems (HubSpot, Retell, Cloudflare KV) are encrypted at rest by those providers
- Access controls: Oprantis personnel access subscriber data on a need-to-know basis; admin access is gated behind multi-factor authentication
- Secrets management: API keys and webhook secrets are stored exclusively in Cloudflare Worker secret storage, never in source code or client-side JavaScript
- Vulnerability response: security issues may be reported to security@oprantis.com; we acknowledge within 1 business day and provide a remediation timeline within 5 business days
No system is perfectly secure. If a breach affects your information, we will notify you in accordance with applicable California breach-notification requirements (Cal. Civ. Code §§ 1798.29 and 1798.82) within 60 days of discovery.
16. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be posted at oprantis.com/privacy with an updated Effective Date at the top. Material changes will be communicated by email to active subscribers at least thirty (30) days before the change takes effect. Continued use of the Service after the change takes effect constitutes acceptance of the updated Privacy Policy.
17. Contact
Privacy questions, rights requests, or concerns:
- Email: privacy@oprantis.com
- Phone: (949) 791-4332
- Mail: Oprantis, PO Box 2549, Mission Viejo, CA 92690