Privacy Policy

This policy applies to Ottocal websites, product interfaces, booking pages, hosted invoices, scheduling and messaging workflows, AI features, in-app calls, and support interactions.

In many workflows, Ottocal acts as a service provider or processor for the host that configured the booking page or invoice. In other situations, such as account administration, billing, security, abuse prevention, and product operations, Ottocal acts as a controller of its own business data.

• Account data such as name, email address, password metadata, and billing or payout status.
• Booking and invoice data such as meeting type, selected time, intake answers, notes, invoice line items, due dates, client contact details, and payment status.
• CRM and workspace data such as contact stages, workspace titles, tasks, activity timelines, next-step reminders, and AI-generated contact summaries.
• Communication data such as confirmation, reminder, follow-up, and support interactions.
• Call data such as room identifiers and, if enabled, recordings, transcripts, recaps, and AI-generated summaries.
• Integration data such as calendar connection status, payment account status, and provider tokens or references where applicable.
• Technical data such as IP address, browser, device information, session cookies, logs, and error telemetry.

• Directly from hosts, clients, and support contacts.
• Automatically from browsers, devices, cookies, logs, and product usage.
• From service providers and integrations such as payment processors, email vendors, calendar platforms, and call infrastructure providers.
• From fraud, abuse, sanctions, and security review processes.

• To create accounts, host booking links, and authenticate users.
• To process payments, payouts, invoices, refunds, fraud checks, and booking confirmation flows.
• To create and maintain contact records, deal workspaces, task lists, and activity timelines for hosts using Ottocal CRM features.
• To send reminders, follow-ups, pre-call briefs, recaps, support messages, and service notices.
• To power AI suggestions, summaries, extractions, drafts, and workflow automation requested by the host.
• To secure the platform, investigate abuse, improve reliability, and comply with legal obligations.

Depending on where you are located and the nature of the request, Ottocal may process information to perform a contract, provide requested services, pursue legitimate interests such as security and product reliability, comply with legal obligations, or rely on consent where consent is required.

Ottocal shares data with service providers only as needed to operate the platform. Depending on the feature used, those providers may include Supabase, Stripe, Resend, LiveKit, Google, OpenAI, Anthropic, Deepgram, Sentry, and hosting or infrastructure vendors.

We may also disclose information when required by law, to enforce our terms, to protect users, or in connection with a merger, financing, reorganization, or sale of assets.

Payment details are processed by payment providers and are not stored in full by Ottocal. Call recordings, transcripts, recaps, and AI-generated drafts are only created if the relevant product features are enabled.

CRM contact records and deal workspaces may be populated from bookings, invoices, partner sessions, recordings, transcripts, and AI-generated recaps so the host can keep one operating record per contact or transaction.

Hosts are responsible for giving clients any notice required before recording or transcribing calls.

Ottocal and its providers may process or store information in the United States or other countries where they operate. Data protection laws in those places may differ from the laws where you live. Where required, Ottocal will use appropriate transfer mechanisms for cross-border data movement.

Ottocal uses cookies and similar technologies for sign-in state, security, fraud prevention, preferences, and performance monitoring. More detail appears in the Cookie Notice.

We keep information for as long as needed to provide the service, maintain business records, resolve disputes, enforce agreements, comply with legal obligations, or operate backups and security logs.

Retention periods may vary by data type, account status, feature settings, provider requirements, and whether the data is needed for fraud prevention, taxation, audit, security, or dispute resolution.

Depending on where you live, you may have rights to access, correct, export, delete, or limit the use of your personal information, and to appeal certain decisions.

Requests can be sent to hello@ottocal.com. We may need to verify identity before acting on a request.

Depending on applicable law, users may have rights related to access, deletion, correction, portability, objection, restriction, or non-discrimination. Where a host controls the underlying booking, CRM, or client data, Ottocal may direct the requester to that host for certain requests.

Ottocal does not use this policy to waive rights that may apply under consumer privacy law.

Browsers and extensions may offer privacy signals, such as cookie controls or so-called "Do Not Track" settings. Because there is no single universally adopted standard for every signal and workflow, Ottocal may not respond to every browser signal in the same way across every service context.

Users can still manage cookies through browser settings, and can contact hello@ottocal.com with privacy requests or questions about applicable rights.

Ottocal uses administrative, technical, and organizational safeguards intended to protect data, but no service can guarantee absolute security.

You should also use strong passwords, protect your devices, and notify Ottocal promptly if you suspect compromise or unauthorized access.

Ottocal is not intended for children under 13, and users should not upload sensitive personal data unless it is necessary and lawful to do so.

Hosts are responsible for determining whether they collect regulated health, financial, biometric, or children's data and whether additional notices, contracts, or safeguards are required.

We may update this policy as Ottocal evolves. Material updates will be posted here with a revised date.

Questions, rights requests, or privacy concerns can be sent to hello@ottocal.com. This policy is informational and does not replace advice from counsel about your own compliance obligations.