At Leady Inc. ("we," "our," or "us"), we are committed to protecting your privacy and the security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI voice agent services.
We are a HIPAA-covered entity and maintain compliance with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable state privacy laws.
Information Collection
Personal Information
We collect information you provide directly, including name, email address, phone number, practice information, and payment details when you register for our services.
Practice Data
To provide our AI voice agent services, we access practice management system (PMS) data including appointment schedules, patient demographics (minimal required fields), and treatment information. This data is processed in real-time and never stored on our servers longer than necessary.
Call Data
We record and transcribe phone calls handled by our AI agents for quality assurance, training, and service improvement purposes. Call recordings are encrypted and stored securely.
Usage Data
We automatically collect information about your use of our services, including login times, features used, API calls, and performance metrics.
Use of Data
Service Provision
Your data is used to provide, maintain, and improve our AI voice agent services, including answering calls, scheduling appointments, and managing patient communications.
AI Training
Anonymized and aggregated data may be used to train and improve our AI models. We never use identifiable patient information (PHI) for model training without explicit authorization.
Communications
We use your contact information to send service notifications, updates, and marketing communications. You may opt out of marketing communications at any time.
Analytics
We analyze usage data to improve our services, detect fraud, and ensure system security.
Data Security
Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Call recordings and transcripts are encrypted with unique keys per organization.
HIPAA Compliance
We maintain HIPAA compliance through administrative, physical, and technical safeguards. We sign Business Associate Agreements (BAAs) with all covered entities.
Access Controls
Access to PHI is strictly limited to authorized personnel who require it for their job functions. All access is logged and audited regularly.
Data Retention
Call recordings and transcripts are retained for 90 days by default, unless extended retention is configured. Data is securely deleted after the retention period.
Third-Party Services
Service Providers
We use third-party services to power our platform, including cloud infrastructure (AWS, Vercel), AI services (Vapi, ElevenLabs), authentication (Clerk), and payment processing (Stripe). These services have their own privacy policies.
Data Sharing
We never sell your data. We share data with service providers only as necessary to provide our services, under strict contractual obligations to protect your information.
Your Rights
Access and Portability
You may request a copy of your personal data at any time through your account settings or by contacting us.
Correction
You can update or correct your personal information through your account dashboard.
Deletion
You may request deletion of your account and associated data. We will retain certain information as required by law or for legitimate business purposes.
Opt-Out
You may opt out of marketing communications and non-essential data processing by contacting us or updating your preferences.
Contact & Updates
Questions
For questions about this privacy policy or our data practices, contact our Data Protection Officer at privacy@leady.ai
Policy Updates
We may update this privacy policy from time to time. We will notify customers of significant changes via email and in-product notifications. The effective date will be updated at the top of this policy.