Privacy Policy
Last updated: June 2, 2026
NeuroSphere (“we”, “us”) operates a multi-tenant AI voice calling platform that helps businesses follow up with leads and book appointments. This Privacy Policy explains what data we collect, how we use it, and the rights you have over it.
1. Data We Collect
- Business account data: email, business name, market, dialect, and plan information you provide during sign-up.
- Lead data: names, phone numbers, and form responses submitted by end-users via connected Meta/Facebook Lead Ads or uploaded CSV files.
- Call data: call metadata, transcripts, outcomes, and recordings generated during AI voice calls placed on your behalf.
- Integration tokens: encrypted access tokens for connected services such as Google Calendar and Meta Pages.
2. How We Use Data
- To place outbound AI calls and deliver instant lead callbacks.
- To display call history, transcripts, and analytics in your dashboard.
- To sync booked appointments to your calendar.
- To improve service reliability, detect abuse, and comply with legal obligations.
3. Google User Data & Limited Use
When you connect Google Calendar, you grant NeuroSphere access to your primary calendar’s free/busy information and the ability to create, update, and delete the appointment events our AI books on your behalf. We request only the calendar.events and calendar.freebusy scopes, plus your account email (openid and userinfo.email) so we can show which Google account is linked. We do not read events we did not create, and we never touch any calendar other than your primary one.
NeuroSphere’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, Google user data is used only to provide and improve the appointment-booking features you have requested; it is never used for advertising, never sold, never transferred to third parties except the subprocessors named in Section 5 as required to operate the service, and never used to train generalized AI/ML models. No human at NeuroSphere reads your Google user data except where you give affirmative consent for specific support, where required for security or to comply with applicable law, or in aggregate and anonymized form.
You can revoke NeuroSphere’s access to your Google data at any time from Settings → Disconnect Calendar, or from your Google Account permissions page.
4. Meta Platform Data
When you connect a Facebook Page, we receive leads submitted to that page’s Lead Ad forms via Meta’s webhook system. We only retrieve the specific lead you authorize us to access, store it against your organization, and use it solely to initiate the callback you requested. You can disconnect the page at any time from Settings, which revokes our access and stops further lead ingestion.
5. Data Sharing
We do not sell your data. We share data only with subprocessors required to deliver the service: Supabase (database), Twilio (telephony), ElevenLabs (voice AI), Anthropic (LLM), and Railway (hosting). All subprocessors are bound by data protection agreements.
6. Data Retention
We retain lead and call data for as long as your account is active. On account deletion, we remove all personal data within 30 days, except where retention is required by law.
7. Your Rights
You may access, correct, export, or delete your data at any time by emailing ziad.elalfy@yahoo.com. Egyptian users are protected under Law 151/2020. EU users have rights under the GDPR.
8. Security
All access tokens are encrypted at rest. Webhooks are verified via HMAC-SHA256 signatures. Database access is scoped per organization via row-level security policies.
9. Contact
Questions about this policy? Email ziad.elalfy@yahoo.com.