PorchBell
Book demo

Privacy Policy

Last updated May 23, 2026

1. Who this policy is about

This policy describes how PorchBell handles personal information in two different roles:

  • When you sign up for PorchBell as a business owner or staff member, we are the data controller for your account information.
  • When your customers call your PorchBell number, we are the data processor for the call data we collect on your behalf. You, the business, are the controller for that data.

2. Information we collect from businesses

  • Account data: your name, business name, email, hashed password, business address, business timezone, and the phone number you give us so the receptionist can transfer callers to you.
  • Configuration: the services, hours, FAQs, rules, and persona instructions you set up for the receptionist.
  • Billing data: name, billing address, and the last four digits of the payment card. Full card numbers are stored only by our payment processor (Stripe), not by us.
  • Usage data: dashboard logins, API requests, feature usage, and error logs so we can keep the service running.

3. Information your customers' calls generate

  • Phone number of the caller (caller ID).
  • Call audio of every call answered by the receptionist, recorded after the disclosure in your greeting.
  • Transcript of the call generated automatically by the speech-to-text service.
  • Appointment details the caller provides — name, requested service, requested time, optional email, optional notes.
  • Optional SMS messages exchanged between the caller and your PorchBell number.

4. How we use this information

  • To run the voice receptionist: answer calls, retrieve appointments, send confirmations, transfer to a human.
  • To populate the dashboard so you can see what happened: call logs, transcripts, recordings, appointment list, message threads.
  • To send you transactional notifications (a new booking, a transferred call, a missed call).
  • To bill you and prevent abuse of the service.
  • To improve PorchBell. We may review anonymized or aggregated usage patterns to find product issues. We do not use the content of your customers' calls to train external language models for third parties.

5. Who we share information with

We share data only with subprocessors we need to run the service. Each subprocessor has agreed to handle the data confidentially and only for the purpose we engaged them for.

  • Supabase — database hosting, authentication.
  • Twilio — phone number provisioning, voice carrier, SMS delivery.
  • Vapi — real-time voice orchestration (handles the call audio so the receptionist can speak and listen).
  • OpenAI and/or Anthropic — language model used by the receptionist to answer questions and generate post-call summaries.
  • Deepgram or another speech-to-text provider — transcription.
  • ElevenLabs — text-to-speech voice synthesis.
  • Resend — transactional email delivery for owner notifications.
  • Stripe — payment processing for subscriptions.
  • Sentry or a similar error monitoring service — captures stack traces and request metadata when something breaks.

We will also disclose information when we are legally required to (subpoena, court order, lawful regulatory request), and in connection with a corporate transaction such as a merger or acquisition, with notice to you.

6. How long we keep data

  • Call recordings and transcripts:13 months by default. You can request earlier deletion or a longer retention window per your business's policy.
  • Appointments and customer rows: for the life of your account, plus 90 days after cancellation.
  • Billing records: at least 7 years, as required for tax and accounting purposes.
  • Account email and login: until you delete the account.

7. Your rights as a caller

If you are a caller whose call was answered by a PorchBell receptionist, you can ask the business you called to delete your recording, transcript, and appointment. We will help that business carry out the deletion. You can also email us at privacy@porchbell.com and we will route the request to the right business.

8. Your rights as a business owner

You can see, export, and delete the data attached to your account at any time. From the dashboard you can delete individual calls, appointments, customers, and messages. To request a full export or full deletion of your account, email privacy@porchbell.com. Depending on where you and your customers live, you may also have rights under laws such as CCPA, CPRA, or GDPR.

9. Security

We use industry-standard practices to protect your data: encryption in transit (TLS), encryption at rest for the database, scoped access tokens for our subprocessors, and row-level isolation in the database so one business cannot see another's data. No system is perfectly secure. If we discover a breach affecting your data we will notify you without undue delay.

10. Children

PorchBell is intended for use by businesses serving adult customers. We do not knowingly collect personal information from children under 13. If you believe a child has called a PorchBell number and their recording has been retained, let us know and we will delete it.

11. Changes to this policy

If we make a material change to this policy we will update the "last updated" date and notify each business owner by email. Continuing to use PorchBell after a change means you accept the updated policy.

PorchBell is operated by the team at PorchBell, with a registered office in Melbourne, Florida. Questions about this document can go to hello@porchbell.com.

This document is not legal advice. PorchBell provides this text as a working starting point. Each business that uses PorchBell is responsible for its own compliance with applicable laws, including call-recording, telemarketing, consumer protection, and data protection laws in the jurisdictions where its customers live.