What we do with your calls. And what we don’t.

This page is for the person who needs to know exactly how this works before they hand us their business line. Read it top to bottom in 90 seconds.

What we do

What we do with your calls.

We record every call you tell us to record. So you can find the one where the supplier said overnight delivery costs $42.
We transcribe calls quickly — usually within a minute of the call ending. So your search is on text, not audio.
We store transcripts encrypted on your account. AES-256 at rest, TLS 1.3 in transit.
We share transcripts with you and the people you add to your account. The only other systems that see your transcripts are the processors listed below.
We delete transcripts on request — fully, across our systems — within 30 days. Processor deletion follows their published SLAs.
We answer truthfully if a caller asks whether Rue is an AI. That floor isn't customizable.

What we don’t do

What we don’t do.

We don’t train our own models on your transcripts. No call you make on this platform is used to improve our AI.
We don’t sell your data. We have no data brokers in our supply chain.
We don’t share with third parties beyond the processors we strictly need (telephony, voice, LLM, auth, hosting, payments, database) — all listed below by name.
We don’t let your agent deny being an AI . The greeting is fully customizable — you can rewrite every word. The one thing the agent can't do: lie about being a person if a caller asks.
We don’t collect voiceprints , speaker-ID fingerprints, or any biometric voice data. If we add voice-cloning features later, that'll be a separate opt-in with explicit consent.
We don’t force you into one retention window . Defaults are 7 days (Solo), 30 days (Business), and indefinite on Pro. All configurable per-account or per-call.
We don’t pretend to be SOC 2 certified — we're not. We're targeting Type I in Q3 2026.
We don’t operate as a HIPAA-covered service . If you handle Protected Health Information, this isn't the right tool for that workflow today. We'll publish here if that ever changes.
We don’t route calls outside the US . Calls stay on US-based processors today. International expansion is on the roadmap; we'll update this page before it ships.

Security

Security.

Encryption

AES-256 at rest. TLS 1.3 in transit. Per-tenant encryption keys on the Pro roadmap (Q4).

Access controls

Role-based access inside your account (Pro). SSO/SAML on Pro Enterprise add-on.

Telephony

Telnyx, a US-based carrier. STIR/SHAKEN supported on outbound calls for caller-ID integrity. No outbound spam dialing — Acceptable Use policy enforced.

Processors

Who else touches your data.

Adding a processor requires updating this list before they touch your data.

Processor	Handles	Location
Telnyx	Telephony — call audio in flight	USA
ElevenLabs	TTS — agent voice generation only (never speaker-ID)	USA
OpenAI	Speech-to-text (Whisper) — transcripts only	USA
Anthropic	LLM for agent responses	USA
Clerk	Authentication — your login + session	USA
Supabase	Database — your account + transcripts at rest	USA
Render	Application hosting	USA (Oregon)
Stripe	Subscription billing (no call audio)	USA

AI disclosure

What your callers actually hear.

“Hi, you've reached the office — I'm an AI assistant. How can I help?”

The greeting is fully customizable in onboarding. You can rewrite every word. The one thing we don’t let you do: have your agent lie about being a person if a caller asks. That’s the floor; the rest of the greeting is yours.

For outbound calls in California (and other all-party-consent states like Illinois, Florida, Maryland, Massachusetts, Montana, New Hampshire, Pennsylvania, Washington), we recommend a greeting that opens with both the AI identification and the recording notice. The default greeting template we ship does this.

Your data, your call

Your data, your call.

Export

Download all your transcripts as JSON or CSV any time.

Delete

Purge a single call, a date range, or your entire account. Deletes propagate across our systems within 30 days; downstream processor deletion follows their published SLAs.

Retention

Set per-account or per-call retention windows. Defaults are 7/30/unlimited days by tier.

Disable recording per call

When you turn this on, the caller hears "this call won’t be recorded" before they speak.

Report a security issue

Found something? Tell us.

Send security reports to security@callmyagent.ai. We aim to acknowledge within 2 business days. We don’t run a paid bug bounty, but we won’t pursue legal action against researchers who follow responsible disclosure: give us 90 days before public disclosure, no DDoS, no social engineering, and no data exfiltration beyond proof-of-concept.

Try it on your line.

30 free trial minutes. No credit card required.