Privacy Policy

This Privacy Policy ("Policy") describes how Help.Fast, Inc. ("Help.Fast," "Company," "we," "us," "our") collects, uses, discloses, retains, and protects personal information and other data when you access or use the Help.Fast platform, website, applications, APIs, voice services, messaging services, AI-assisted features, payment processing services, invoicing tools, and all related services (collectively, the "Platform" or "Services"). This Policy applies to all users of the Platform, including service providers ("Providers"), callers ("Callers"), sponsor account representatives ("Client Account Users"), operations personnel, and website visitors.

By accessing or using the Services, you acknowledge that you have read and understood this Policy and consent to the collection, use, and disclosure of your information as described herein. If you do not agree to this Policy, you must not access or use the Services.

1. Scope and Applicability

This Policy applies to all personal information collected through or in connection with the Platform, whether collected online, offline, through voice interactions, SMS, email, APIs, or any other means. It applies to information collected from Providers, Callers, Client Account representatives, operations personnel, website visitors, and any other individual whose personal information is processed by Help.Fast. This Policy does not apply to the practices of third parties that Help.Fast does not own or control, including Providers, even where they access or interact with the Platform.

2. Information We Collect

2.1 Information You Provide Directly

• Account registration information, including name, email address, phone number, organization name, business address, and role.
• Payment and billing information, including credit card numbers, bank account details, billing addresses, and tax identification numbers, collected and processed through Stripe.
• Service configuration data, including trade types, service areas, dispatch rules, call tree settings, rate cards, schedule preferences, and policy configurations.
• Client account and contact information, including sponsor organization names, contact details, service locations, property addresses, and billing profiles.
• Communications you send to us, including support requests, feedback, and correspondence.
• Identity verification documents submitted during onboarding or compliance review.

2.2 Information Collected During Service Interactions

• Voice call recordings, including complete audio recordings of all inbound and outbound voice interactions processed through the Platform.
• Call transcriptions generated from voice recordings using AI-assisted speech-to-text processing.
• Caller phone numbers, callback numbers, and caller identification data.
• Service request details, including problem descriptions, property information, urgency assessments, and location data provided during intake.
• AI-generated triage classifications, issue types, symptom tags, risk flags, confidence scores, routing recommendations, and follow-up questions.
• SMS and text message content, including messages sent and received through the Platform.
• Photos, files, and other media submitted through intake links, callback workflows, or job documentation.
• Dispatch events, provider responses, job status updates, completion reports, and technician notes.

2.3 Information Collected Automatically

• Device information, including device type, operating system, browser type and version, screen resolution, and unique device identifiers.
• Log data, including IP addresses, access times, pages viewed, referring URLs, and actions taken on the Platform.
• Cookies, pixels, and similar tracking technologies as described in Section 8.
• Usage analytics, including feature usage patterns, session duration, click paths, and interaction metrics.
• Performance and error data collected through our monitoring and observability systems, including Sentry.
• Telephony metadata, including call duration, call routing paths, connection quality metrics, and carrier information.
• Geolocation data derived from IP addresses or, when explicitly permitted, from device location services.

2.4 Information from Third Parties

• Authentication and identity data from Clerk, including profile information, organization memberships, and session data.
• Payment processing data from Stripe, including transaction status, payment method details, chargeback information, and fraud risk assessments.
• Telephony data from Twilio, including call detail records, SMS delivery status, and phone number metadata.
• Publicly available business information used for account verification or fraud prevention.

2.5 Sensitive Personal Information

In the course of providing the Services, we may collect or process categories of information that certain laws classify as "sensitive," including:

• Precise geolocation data (when provided for service dispatch purposes).
• Financial account information and payment credentials (processed through Stripe).
• Voice recordings and voiceprints, which may constitute biometric information under certain state laws (see Section 13).
• Contents of communications, including voice call content, SMS messages, and callback notes.

We process sensitive personal information only as necessary to provide the Services and for the purposes described in this Policy. We do not use or disclose sensitive personal information for purposes other than those permitted by applicable law.

3. Lawful Basis for Processing

We process personal information on the following lawful bases:

• Performance of a contract: processing necessary to fulfill our obligations under the Terms of Service, subscription agreements, or other contracts with you.
• Consent: where you have given express consent to specific processing activities, such as call recording and AI analysis.
• Legitimate interests: processing necessary for our legitimate business interests, including fraud prevention, platform security, product improvement, and analytics, where those interests are not overridden by your rights.
• Legal obligations: processing necessary to comply with applicable laws, regulations, court orders, or legal proceedings.
• Vital interests: in rare cases, processing necessary to protect the life or safety of an individual.

4. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, operate, and improve the Platform and Services.
• To process and route service calls, dispatch requests, and callback workflows.
• To process payments, authorizations, captures, refunds, chargebacks, remittances, and invoices.
• To perform AI-assisted call transcription, triage classification, urgency assessment, risk flagging, report generation, and follow-up question generation.
• To facilitate caller recognition, account matching, location correlation, and reduced-friction intake for known callers and sponsor accounts.
• To communicate with you about your account, services, billing, support requests, and Platform updates.
• To enforce our Terms of Service, prevent fraud, detect abuse, and protect the security and integrity of the Platform.
• To comply with legal obligations, respond to lawful requests from public authorities, and protect our legal rights.
• To generate aggregated, de-identified, or anonymized analytics and benchmarks.
• To train, improve, and evaluate AI and machine learning models used in the Platform, using de-identified or aggregated data.
• To conduct internal research, product development, and quality assurance.
• To send transactional communications, including call confirmations, dispatch notifications, payment receipts, invoice notifications, and account alerts.
• To administer promotions, surveys, or other Platform features.

5. How We Share Your Information

5.1 Service Providers and Subprocessors

We share personal information with third-party service providers that perform services on our behalf. These providers are contractually required to use personal information only as necessary to provide services to us and in accordance with this Policy. Our key subprocessors include:

• Stripe, Inc. — payment processing, billing, funds orchestration, and connected account management.
• Twilio, Inc. — voice call handling, SMS messaging, phone number provisioning, and telephony infrastructure.
• Clerk, Inc. — user authentication, session management, and organization management.
• OpenAI, LLC — AI-powered transcription, classification, extraction, summarization, and natural language processing.
• Neon, Inc. — managed database hosting and storage.
• Vercel, Inc. — web application hosting and content delivery.
• Functional Software, Inc. (Sentry) — application monitoring, error tracking, performance monitoring, and logging.
• Amazon Web Services, Inc. — cloud storage for recordings, transcripts, documents, and other files.
• Upstash — managed Redis for ephemeral operational state, rate limiting, and caching.

5.2 Providers and Dispatch Recipients

When a service call is routed or dispatched, relevant Caller information (including name, phone number, service location, problem description, triage classification, and urgency assessment) is shared with the Provider or dispatch recipient. This sharing is necessary to perform the core function of the Platform.

5.3 Client Accounts and Sponsors

When a Caller or service request is associated with a Client Account or Sponsor, relevant information about the call, job, and billing may be shared with authorized representatives of that account for invoicing, reporting, and account management purposes.

5.4 Legal and Compliance Disclosures

We may disclose personal information when we believe in good faith that disclosure is necessary to: (a) comply with applicable law, regulation, legal process, or governmental request; (b) enforce our Terms of Service or other agreements; (c) protect the rights, property, or safety of Help.Fast, our users, or the public; (d) detect, prevent, or address fraud, security, or technical issues; or (e) respond to an emergency involving danger of death or serious physical injury.

5.5 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, dissolution, sale of all or a portion of our assets, or similar transaction, personal information may be transferred to the acquiring entity or successor. We will notify you of any such transfer and any choices you may have regarding your information.

5.6 Aggregated and De-Identified Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify any individual for any lawful purpose, including analytics, research, benchmarking, industry reporting, and marketing.

5.7 With Your Consent

We may share your personal information with third parties when you have given us express consent to do so.

6. Data Retention

We retain personal information for as long as reasonably necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, enforce agreements, and support our legitimate business operations. Specific retention practices include:

• Call recordings and transcripts: retained for the duration required by applicable law and our operational needs, typically a minimum of three (3) years from the date of the interaction, unless a longer retention period is required by law or requested by the Provider for compliance purposes.
• Account data: retained for the duration of the account relationship and for a reasonable period thereafter, typically seven (7) years, for legal, tax, and audit purposes.
• Payment and financial records: retained for the period required by applicable tax and financial record-keeping laws, typically a minimum of seven (7) years.
• AI model training data: de-identified data used for model training may be retained indefinitely.
• Log and analytics data: typically retained for up to three (3) years.

When personal information is no longer needed, we will delete or de-identify it in a manner designed to prevent reconstruction or re-identification, subject to applicable legal requirements.

7. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, disclosure, alteration, destruction, or loss. These measures include encryption of data in transit and at rest, access controls, authentication requirements, monitoring and logging, vulnerability management, and incident response procedures.

HOWEVER, NO METHOD OF TRANSMISSION OVER THE INTERNET OR ELECTRONIC STORAGE IS COMPLETELY SECURE. WE CANNOT AND DO NOT GUARANTEE THE ABSOLUTE SECURITY OF YOUR INFORMATION. YOU ACKNOWLEDGE THAT YOU PROVIDE PERSONAL INFORMATION AT YOUR OWN RISK.

8. Data Breach Notification

In the event of a data breach involving personal information that triggers notification obligations under applicable law, Help.Fast will notify affected individuals and relevant regulatory authorities in accordance with applicable breach notification statutes. Help.Fast will use commercially reasonable efforts to provide such notification within the time frames required by applicable law. The notification will include, to the extent known: the nature of the breach, the categories of personal information affected, the measures taken to address the breach, and recommended steps for affected individuals to protect themselves.

9. Children's Privacy

The Platform is not directed to individuals under the age of eighteen (18) and we do not knowingly collect personal information from children under eighteen (18). If we become aware that we have collected personal information from a child under eighteen (18) without parental consent, we will take steps to delete that information promptly. If you believe that we may have collected information from a child under eighteen (18), please contact us at privacy@help.fast.

10. Your Rights and Choices

10.1 Access and Portability

Subject to applicable law, you may request access to the personal information we hold about you and request a copy of that information in a structured, commonly used, and machine-readable format.

10.2 Correction

You may request correction of inaccurate or incomplete personal information we hold about you.

10.3 Deletion

You may request deletion of your personal information. We will comply with such requests to the extent required by applicable law, subject to our right to retain information necessary to comply with legal obligations, resolve disputes, enforce agreements, and complete transactions.

10.4 Restriction and Objection

Where applicable law provides such rights, you may request that we restrict the processing of your personal information or object to certain types of processing.

10.5 Withdrawal of Consent

Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.

10.6 Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. However, if deletion of certain information makes it impossible to provide the Services, we may be unable to continue providing those Services to you.

10.7 Right to Appeal

If we decline a privacy rights request, you may appeal our decision by contacting us at privacy@help.fast with the subject line "Privacy Rights Appeal." We will review your appeal and respond within the time period required by applicable law, typically within sixty (60) days. If your appeal is denied, we will provide information about how to contact your state attorney general or applicable regulatory authority.

10.8 Authorized Agents

You may designate an authorized agent to submit privacy rights requests on your behalf. Authorized agents must provide written proof of authorization (such as a signed power of attorney or notarized letter) and we may require the agent to verify their own identity. We may also contact you directly to confirm that you authorized the agent to act on your behalf.

10.9 Verification Procedures

To protect your privacy and security, we will verify your identity before processing any privacy rights request. Verification may require you to provide information that matches information we already hold about you, such as your email address, phone number, account details, or recent transaction information. We may ask you to provide additional documentation if we cannot verify your identity through other means. If we cannot verify your identity to a sufficient degree of certainty, we may decline the request and notify you of the reason.

10.10 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@help.fast. We will respond to verified requests within the time period required by applicable law, generally within forty-five (45) days, with one extension of up to forty-five (45) additional days where reasonably necessary.

11. Cookies and Tracking Technologies

We use cookies, pixels, web beacons, local storage, and similar technologies to operate the Platform, authenticate users, remember preferences, analyze usage, and improve performance. Categories of cookies and tracking technologies we use include:

• Strictly necessary cookies: required for Platform functionality, authentication, and security. These cannot be disabled.
• Performance and analytics cookies: used to collect information about how users interact with the Platform, including pages visited, features used, and errors encountered.
• Functional cookies: used to remember user preferences and settings.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect Platform functionality.

12. AI and Automated Decision-Making

The Platform uses AI and automated systems to process calls, classify issues, assess urgency, flag risks, generate follow-up questions, draft reports, and recommend routing decisions. These automated processes are designed to assist, not replace, human judgment. Key points about our AI processing:

• AI outputs are probabilistic and may contain errors. They are not guaranteed to be accurate, complete, or suitable for any specific purpose.
• Critical routing and financial decisions are subject to configurable confidence thresholds and policy rules, and may be escalated to human review.
• Voice recordings are processed through third-party AI models (including OpenAI) for transcription and analysis. By using the Platform, you consent to this processing.
• We use de-identified and aggregated data to train and improve our AI models. We do not use individually identifiable voice recordings to train third-party AI models without separate consent.
• Where required by applicable law, you may have the right to request human review of significant automated decisions that affect you.

13. Biometric Information

Voice recordings collected through the Platform may be considered biometric information or biometric identifiers under certain state laws, including the Illinois Biometric Information Privacy Act (BIPA). By using the Platform and continuing a call after the recording disclosure, you consent to the collection, use, storage, and processing of your voiceprint and voice recordings as described in this Policy. Voice recordings are retained for the periods described in Section 6. We do not sell, lease, trade, or otherwise profit from biometric information except as necessary to provide the Services. We will not disclose biometric information to third parties except as described in Section 5. Biometric information is protected by the same security measures described in Section 7. You may request deletion of your biometric information as described in Section 10. Providers operating in Illinois or other jurisdictions with biometric privacy laws are responsible for ensuring that they obtain any additional consents required by applicable law from individuals whose biometric information is collected through the Platform.

14. Call Recording Consent

Calls processed through the Platform are recorded and transcribed. An automated disclosure is played at the start of each call to inform participants of recording. By continuing a call after the recording disclosure, participants consent to being recorded and having their voice data processed as described in this Policy.

Providers are responsible for ensuring that their use of call recording complies with all applicable federal and state recording consent laws, including two-party (all-party) consent requirements in jurisdictions where they apply. Help.Fast provides configurable disclosure and consent tools but does not guarantee compliance with all jurisdictional requirements. Providers are solely responsible for configuring appropriate disclosure policies for their service lines and jurisdictions.

15. State-Specific Privacy Rights

15.1 California Residents (CCPA/CPRA)

If you are a California resident, you have the right to: (a) know what personal information we collect, use, disclose, and sell or share; (b) request deletion of your personal information; (c) request correction of inaccurate personal information; (d) opt out of the sale or sharing of your personal information; (e) limit the use and disclosure of sensitive personal information; and (f) not be discriminated against for exercising your rights.

Help.Fast does not "sell" personal information as defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA/CPRA"). Help.Fast does not "share" personal information for cross-context behavioral advertising. We do not offer financial incentives for the collection, sale, retention, or deletion of personal information.

In the preceding twelve months, we have collected the following categories of personal information as defined by the CCPA/CPRA: identifiers; personal information described in California Civil Code Section 1798.80(e); characteristics of protected classifications under California or federal law (to the extent voluntarily provided); commercial information; internet or other electronic network activity information; geolocation data; audio, electronic, visual, or similar information (including voice recordings); professional or employment-related information; inferences drawn from the above categories; and sensitive personal information (including precise geolocation, financial account information, contents of communications, and biometric information).

To exercise your rights, contact us at privacy@help.fast or call us toll-free (number to be posted when available). We will verify your identity and respond within forty-five (45) days of receiving a verifiable request.

15.2 California Shine the Light

Under California Civil Code Section 1798.83, California residents may request information about the disclosure of personal information to third parties for their direct marketing purposes. Help.Fast does not disclose personal information to third parties for their direct marketing purposes.

15.3 Other State Privacy Laws

Residents of states with comprehensive privacy laws (including but not limited to Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Indiana, Tennessee, Delaware, New Hampshire, New Jersey, Nebraska, Minnesota, and Maryland) may have additional rights under their respective state laws, including rights to access, correct, delete, and obtain a copy of their personal information, and to opt out of targeted advertising, profiling, and the sale of personal information. Some state laws also provide the right to appeal a denial of a privacy request. To exercise these rights, contact us at privacy@help.fast. We will process your request in accordance with applicable law and respond within the time frames required by your state's privacy statute.

16. International Data Transfers

The Platform is operated from the United States. If you access the Platform from outside the United States, you understand and consent to the transfer, storage, and processing of your personal information in the United States and other countries where our service providers operate. These countries may have data protection laws that differ from the laws of your country of residence. By using the Services, you consent to such transfers. We will take reasonable measures to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it.

17. Do Not Track and Global Privacy Control

The Platform does not currently respond to "Do Not Track" signals transmitted by web browsers. There is no uniform standard for how "Do Not Track" signals should be interpreted, and we do not commit to honoring such signals at this time. Where required by applicable law (such as the CCPA/CPRA), we will honor Global Privacy Control ("GPC") signals as a valid opt-out of the sale or sharing of personal information. If you use a browser or browser extension that transmits a GPC signal, we will treat that signal as a request to opt out of the sale or sharing of personal information linked to that browser.

18. Third-Party Links and Services

The Platform may contain links to third-party websites, applications, or services that are not operated by Help.Fast. We are not responsible for the privacy practices or content of these third-party services. We encourage you to review the privacy policies of any third-party services you access through the Platform.

19. SMS Privacy

When you provide a phone number to Help.Fast or interact with the Platform via SMS, we collect and process your phone number, message content, message timestamps, and carrier information. SMS messages may include service call confirmations, dispatch notifications, callback links, payment links, follow-up question forms, and account alerts. We share your phone number and SMS content with Twilio for message delivery. We do not sell phone numbers or SMS opt-in data to third parties for marketing purposes. SMS-related data is retained according to the retention periods described in Section 6. You may opt out of non-essential SMS messages at any time by replying STOP to any message. Opting out of essential operational messages may require cessation of use of the Services.

20. Data Minimization

Help.Fast collects and processes personal information only to the extent reasonably necessary for the purposes described in this Policy. We do not collect personal information that is excessive or unrelated to the purposes for which it is processed. Where possible, we use de-identified or aggregated data instead of personally identifiable information for analytics, research, and product improvement purposes.

21. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated Policy on the Platform with a revised "Last updated" date. Material changes will be communicated by email or in-product notification where practicable. Your continued use of the Services after the effective date of any modification constitutes your acceptance of the modified Policy.

22. Data Processing Agreements

Where required by applicable law, Help.Fast will enter into data processing agreements with Providers, Client Accounts, or other parties that govern the processing of personal information on their behalf. These agreements supplement this Policy and set forth the obligations, restrictions, and safeguards applicable to such processing.

23. Disclaimer of Liability for Data Practices of Third Parties

Help.Fast is not responsible for the data collection, use, disclosure, or security practices of Providers, Client Accounts, or any other third parties that interact with the Platform. Providers may collect, use, and retain personal information about Callers independently of Help.Fast and subject to their own privacy policies. Help.Fast does not control and is not liable for any Provider's or third party's data practices.

24. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Help.Fast, Inc.
Email: privacy@help.fast
For legal inquiries: legal@help.fast