Back to Home

Privacy Policy

Last updated: January 19, 2026

Effective date: January 19, 2026

1. Introduction

Zduhac, Inc. ("Zduhac," "we," "our," or "us") is committed to protecting your privacy and the privacy of your customers. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered emergency dispatcher service (the "Service").

By using our Service, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, phone number, and password when you create an account
  • Billing Information: Payment card details, billing address (processed and stored securely by Stripe, our payment processor)
  • Business Information: Company details, on-call crew contact information, business hours, and service areas
  • AI Configuration: Custom prompts, voice preferences, and workflow settings you configure

2.2 Information Collected Through Our Service

  • Call Recordings: Audio recordings of calls handled by our AI dispatcher (with caller consent)
  • Call Transcripts: Text transcriptions of calls for quality assurance and service delivery
  • Caller Information: Phone numbers, names, addresses, and emergency details provided by callers
  • Insurance Data: Insurance carrier names, policy numbers, and claim information collected during calls
  • Incident Data: Emergency type, severity, property damage descriptions, and dispatch information

2.3 Automatically Collected Information

  • Usage Data: Login times, feature usage, pages visited, and actions taken within the dashboard
  • Device Information: Browser type, operating system, IP address, and device identifiers
  • Analytics Data: Aggregated statistics about call volumes, response times, and service performance

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To operate our AI dispatcher, process calls, dispatch crews, and provide emergency response services
  • Account Management: To create and manage your account, process payments, and communicate with you
  • Service Improvement: To analyze usage patterns, improve our AI models, and enhance service quality
  • Compliance: To comply with legal obligations, respond to legal requests, and protect our rights
  • Communication: To send service notifications, updates, and respond to your inquiries
  • Fraud Prevention: To detect, prevent, and address fraud, security issues, and technical problems

4. Call Recording Disclosure

Our AI dispatcher records calls to provide accurate documentation and enable quality assurance. Important disclosures:

  • All calls are recorded with advance notice to callers at the beginning of each call
  • Recordings are stored securely and encrypted at rest and in transit
  • You are responsible for ensuring compliance with all applicable federal, state, and local call recording laws in your jurisdiction
  • Some states require all-party consent for call recording; our AI provides disclosure but you must verify compliance with local laws
  • Recordings are retained for 90 days by default, or as configured in your account settings

5. Third-Party Service Providers

We share information with third-party service providers who help us operate our Service:

  • Stripe: Payment processing and subscription management
  • Supabase: Database hosting and authentication services
  • Vapi: Voice AI and telephony infrastructure
  • Twilio: SMS messaging and voice call routing
  • Vercel: Application hosting and content delivery
  • Resend: Transactional email delivery

These providers are contractually obligated to protect your information and may only use it to provide services to us.

6. Data Security

We implement comprehensive security measures to protect your data:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access controls and multi-factor authentication
  • Infrastructure: SOC 2 compliant hosting providers with regular security audits
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Incident Response: Documented procedures for security incident handling

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your information according to the following schedule:

  • Account Data: Retained while your account is active and for 30 days after deletion
  • Call Recordings: Retained for 90 days by default (configurable in settings)
  • Call Transcripts: Retained for 1 year for service improvement
  • Incident Records: Retained for 7 years for legal and compliance purposes
  • Billing Records: Retained for 7 years as required by tax law
  • Audit Logs: Retained for 2 years for security purposes

8. Your Privacy Rights

8.1 General Rights

All users have the right to:

  • Access your personal data and obtain a copy
  • Correct inaccurate or incomplete data
  • Request deletion of your data (subject to legal retention requirements)
  • Export your data in a portable format
  • Opt out of marketing communications
  • Withdraw consent for optional data processing

8.2 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know what personal information we collect, use, and share
  • Right to delete personal information (with exceptions)
  • Right to opt out of the sale or sharing of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising privacy rights
  • Right to correct inaccurate personal information
  • Right to limit use of sensitive personal information

To exercise these rights, contact us at privacy@zduhac.com. We will respond to verifiable consumer requests within 45 days of receipt.

8.3 European Economic Area (GDPR)

If you are in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making and profiling

Our legal basis for processing includes: performance of contract, legitimate interests, compliance with legal obligations, and consent.

9. Cookies and Tracking

We use cookies and similar tracking technologies for:

  • Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.
  • Functional Cookies: Remember your preferences and settings to enhance your experience

We do not use third-party analytics or advertising cookies. All cookies we use are strictly necessary for the operation of the Service. You can control cookies through your browser settings, but disabling essential cookies may prevent you from using certain features.

10. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we learn we have collected information from a child under 18, we will delete it promptly. If you believe we have collected information from a child, please contact us at privacy@zduhac.com.

11. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have different data protection laws than your country. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses where required.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email and/or by posting a notice on our Service prior to the change becoming effective. Your continued use of the Service after such notification constitutes acceptance of the updated policy. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Zduhac, Inc.

Email: privacy@zduhac.com

Website: zduhac.com

For GDPR-related inquiries, you may also contact your local data protection authority.

Terms of ServiceSecurityHome