Legal

CallX Privacy Policy

Last updated: May 26, 2026 · Effective for all accounts and Callers interacting with CallX on or after this date

Contents

  1. Introduction
  2. Information We Collect
  3. How We Use Information
  4. Recording, Transcription & AI Processing
  5. Sharing With Third Parties
  6. Carrier & Compliance Submissions
  7. Cookies & Tracking
  8. Your Privacy Rights
  9. Data Retention
  10. Security
  11. Children's Privacy
  12. International Data Transfers
  13. Changes to This Policy
  14. Contact

1. Introduction

CallX, Inc. ("CallX", "we", "us", "our") operates a pay-per-call insurance marketplace and supervisory platform. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and the rights you have over your information. It applies to Agents, Agencies, Coaches, Publishers, Advertisers, SuperAdmins, Callers whose calls are routed through CallX, and visitors to our websites.

This Policy operates alongside the CallX Terms of Service. Defined terms have the meanings given in the Terms.

2. Information We Collect

CategoryWhat's in itSource
Account identifiersName, email, phone number, password (hashed), profile photo, agency affiliation, license numbers (NPN), social handlesYou, at signup and in Settings
Business & compliance dataLegal entity name, EIN, business address, sample SMS messages, opt-in collection method, certificate of insurance, W-9 / tax documentsYou, at onboarding and as required by carriers
Call contentAudio recordings, written transcripts, screen-share captures, in-call chat, agent and coach notesGenerated by the Service during calls
Call metadataCaller phone number, time and duration, routing path, disposition, IVR selections, dial source, advertiser/publisher attributionGenerated by the Service
Performance dataConversion rates, applications submitted/written, AP figures, call scores, response time, attendance, customer ratingsGenerated by the Service from your activity
Payment informationTokenized card details (held by Stripe, not CallX), billing address, transaction history, refund recordsYou, via Stripe
Device & usageIP address, browser, OS, device type, pages viewed, click events, error logs, audio device IDsAutomatically when you use the Service
Communications metadataWhether you opened our emails, which links you clicked, SMS delivery and opt-out statusOur email/SMS service providers

We do not collect biometric identifiers (such as voiceprints or facial geometry) except where you separately and explicitly opt in to a feature that requires them, and where state-specific consent procedures (e.g., Illinois BIPA, Texas CUBI) have been satisfied.

3. How We Use Information

We use information to:

4. Recording, Transcription & AI Processing

Every voice conversation routed through CallX is recorded, transcribed, and may be analyzed by automated systems for the purposes described in Terms § 7 and Terms § 8. Callers are notified in the inbound call greeting that the call may be recorded and monitored, in compliance with applicable two-party-consent state laws.

You may request a copy of any recording or transcript associated with your account by contacting privacy@callx.com. CallX may redact information necessary to protect third-party privacy or to comply with law before producing records.

5. Sharing With Third Parties

We share information with the following categories of recipients, in the contexts described in Terms § 9:

Within your Agency

Your Agency Owner, Managers, and designated Trainers see your account profile, performance metrics, call recordings, transcripts, and customer records as part of normal supervision.

Advertisers and Publishers

Advertisers who purchased a call receive the call recording, basic metadata, and agent-side QA data for that call. Publishers receive metadata about calls they delivered. Advertiser and Publisher identities are not disclosed to each other — they only see the call data relevant to their side of the marketplace.

Coaches

A Marketplace Coach you book receives live audio and limited contextual information during the active shift only. No persistent access after the shift ends, except as required for dispute resolution.

Service providers

We engage subprocessors for hosting (e.g., AWS), telephony (e.g., Twilio, Bandwidth), payment (Stripe), email (e.g., Postmark, SendGrid), transcription, fraud detection, analytics, and similar functions. All subprocessors are bound by written confidentiality and data-processing agreements.

Regulators and law enforcement

We disclose information when required by valid subpoena, court order, regulatory examination, or lawful written cooperative-disclosure request. We will challenge overbroad demands and notify affected users where permitted by law.

Business transfers

If CallX is involved in a merger, acquisition, financing, or sale of assets, information may be transferred. We will notify you of any change in ownership of your personal information.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising as defined by CCPA/CPRA.

6. Carrier & Compliance Submissions

To deliver SMS and voice traffic on your behalf, we submit business-identity information to telecommunications carriers, the Campaign Registry (TCR) for 10DLC, Toll-Free Verification (TFV) services, STIR/SHAKEN registries, and Do Not Call list operators. See Terms § 10 for the full list of submission types and your authorization.

7. Cookies & Tracking

We use first-party cookies and similar technologies for authentication, session management, security, and product analytics. We do not use cookies for cross-site advertising. You can control cookies via your browser settings; disabling cookies may impair functionality (e.g., you may be logged out frequently).

8. Your Privacy Rights

Depending on where you live, you may have rights to:

To exercise any of these rights, contact privacy@callx.com. We will verify your identity before fulfilling requests. We will not discriminate against you for exercising your rights.

If you are in the EU/EEA, UK, or another jurisdiction with a supervisory authority, you have the right to lodge a complaint with that authority. CallX's EU representative is [TO BE COMPLETED BY COUNSEL].

9. Data Retention

Data typeDefault retentionNotes
Account profileLife of account + 7 yearsTax and licensing recordkeeping
Call recordings13 months active, 7 years archiveLonger if regulatory/dispute hold applies
Call transcripts13 months active, 7 years archiveMirrors recordings
Call metadata7 yearsRequired for marketplace accounting and 1099s
Payment records7 yearsTax recordkeeping
Marketing comms metadata2 years after last interactionFor unsubscribe accuracy
Security/audit logs2 yearsFraud and abuse investigation

When you close your account, account-profile data and historical recordings are placed in archive after 13 months and deleted at the end of the retention period unless a legal hold applies.

10. Security

We use encryption in transit (TLS) and at rest (AES-256) for personal information and recordings. Card data is tokenized and stored by Stripe (PCI DSS Level 1) — CallX never stores raw card numbers. Internal access is role-restricted, logged, and reviewed. We perform regular vulnerability scanning, third-party penetration testing, and respond to security incidents under a documented incident-response plan. Notification of a personal-information breach affecting you will be provided as required by applicable law.

11. Children's Privacy

The Service is intended for licensed insurance professionals and business users. We do not knowingly collect personal information from children under 13 (or 16 in the EU/EEA). If we learn that we have collected such information without parental consent, we will delete it promptly.

12. International Data Transfers

CallX is based in the United States. If you access the Service from outside the U.S., your information will be transferred to, stored, and processed in the U.S. and other jurisdictions where our service providers operate. Where required, transfers from the EU/EEA, UK, or Switzerland are protected by Standard Contractual Clauses or equivalent safeguards.

13. Changes to This Policy

We may update this Policy from time to time. If a change is material (including a change in the categories of data collected or shared, or in the lawful basis for processing), we will provide at least thirty (30) days' advance notice and re-prompt consent where required.

14. Contact

For privacy questions, requests, or complaints, contact:

© 2026 CallX, Inc. · Terms of Service · privacy@callx.com