AI EMPLOYEES
EmmaFront Desk AIMarkRevenue AIAlexSupport AISophieReminder AIJamesRecovery AIJordanNurture AI
SOLUTIONS
Outbound SalesInbound Lead CapturePipeline AccelerationCustomer Engagement
PLATFORM
Revenue IntelligenceSequences & CadencesGovernance & AutonomyIntegrations
RESOURCES
BlogCase StudiesDocumentationPricing
Log in
Legal

Privacy Policy

Last updated: March 2026

1. Introduction

This Privacy Policy describes how Sprintmore LLC ("ScendCore", "we", "us", "our") collects, uses, stores, and protects your personal information when you use the ScendCore platform ("the Platform"). ScendCore is an AI-powered workforce platform that enables automated voice calls, SMS, email, WhatsApp messaging, and web chat on behalf of our customers ("Customers") and their contacts ("End Users").

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Name, email address, phone number
  • Company name, job title, and business address
  • Billing and payment information (processed by Stripe — we do not store credit card numbers)
  • Authentication credentials (passwords are hashed, never stored in plaintext)

2.2 Contact Data

Customers upload or import contact data into the Platform. This may include:

  • Names, email addresses, phone numbers, company names, job titles
  • Custom fields and tags defined by the Customer
  • Communication history and conversation transcripts
  • Consent records and opt-out preferences

Customers are the data controllers for their contact data. We process this data on their behalf as a data processor.

2.3 Voice Call Data

When AI agents make or receive phone calls through the Platform, we collect:

  • Call metadata: phone numbers, call duration, timestamps, call direction (inbound/outbound)
  • Call transcripts: speech-to-text transcriptions of the conversation
  • Call summaries: AI-generated summaries of call outcomes
  • BANT qualification data extracted from conversations (Budget, Authority, Need, Timeline)

Call recordings: ScendCore does not record voice calls by default. If call recording is enabled by the Customer, recordings are stored securely and subject to applicable wiretapping and recording consent laws. Customers are responsible for complying with one-party or two-party consent requirements in their jurisdiction.

2.4 AI-Generated Data

Our AI agents generate data during their operation, including:

  • Draft messages (emails, SMS) created by AI for customer review or automated sending
  • Lead qualification scores and deal assessments
  • Meeting summaries and follow-up recommendations
  • Knowledge base search results and responses

2.5 Usage Data

We automatically collect information about how you use the Platform, including pages visited, features used, API calls made, and performance metrics. This data is used to improve the Platform and is not shared with third parties for advertising purposes.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Platform
  • Process transactions and manage your subscription
  • Send AI-generated communications on behalf of Customers (voice calls, SMS, email, WhatsApp)
  • Generate AI insights, qualification scores, and recommendations
  • Enforce compliance controls (consent verification, opt-out processing, calling hour restrictions)
  • Send technical notices, security alerts, and support messages
  • Detect and prevent fraud, abuse, and violations of our Terms of Service
  • Comply with legal obligations and respond to lawful requests

4. AI and Automated Processing

4.1 AI-Generated Voice Calls

ScendCore uses artificial intelligence to generate voice calls on behalf of Customers. In accordance with the FCC's February 2024 Declaratory Ruling, AI-generated voices are classified as "artificial or pre-recorded voice" under the Telephone Consumer Protection Act (TCPA). Our AI agents disclose their AI nature at the beginning of each outbound call.

4.2 AI Decision-Making

Our AI agents make automated decisions including:

  • Qualifying leads based on conversation analysis (BANT framework)
  • Scheduling meetings and managing calendar availability
  • Drafting email and SMS responses
  • Determining when to escalate to a human representative

Customers can configure approval workflows to review AI-generated content before it is sent. No significant decisions affecting End Users' legal rights are made solely by AI without human oversight.

4.3 AI Model Providers

We use third-party AI model providers (including Anthropic and OpenAI) to power our AI agents. Conversation data sent to these providers is used solely for generating responses and is not used to train their models. We have data processing agreements with our AI providers that restrict how your data is handled.

5. Consent and Opt-Out

5.1 Consent Tracking

ScendCore maintains consent records for all communications sent through the Platform. We track:

  • Consent type (express written, verbal, implied, opt-in)
  • Consent source (booking page, web form, import, inbound call, SMS opt-in)
  • Timestamp and evidence of consent
  • Revocation records with timestamp and method

5.2 Opt-Out Rights

End Users can opt out of communications at any time through:

  • SMS: Reply STOP to any message
  • Voice: Request during a call to stop receiving calls
  • Email: Click the unsubscribe link in any email
  • Direct request: Contact the Customer or ScendCore directly

Opt-out requests are processed immediately in our system. Per FCC rules effective April 11, 2025, all opt-out requests are honored within 10 business days regardless of the method used.

6. Data Sharing

We share personal information only in the following circumstances:

  • Service providers: We use third-party services to operate the Platform, including Twilio (voice and SMS), Resend (email), Supabase (database), Vercel (hosting), Stripe (payments), and AI model providers (Anthropic, OpenAI). These providers process data on our behalf under data processing agreements.
  • Telecommunications carriers: Voice calls and SMS messages are routed through telecommunications carriers (AT&T, T-Mobile, Verizon) who may process call metadata as required by law.
  • Legal compliance: We may disclose information when required by law, subpoena, or government request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction.

We do not sell personal information to third parties. We do not share personal information with third parties for their advertising purposes.

7. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: AES-256 encryption for third-party credentials at rest, TLS 1.3 for data in transit
  • Access control: Role-based access control (RBAC) with five tenant roles and two-level platform administration
  • Multi-tenant isolation: Row-level security (RLS) policies ensure complete data isolation between tenants
  • Webhook security: HMAC-SHA256 signature validation on all incoming webhooks
  • Audit trail: Platform-level and tenant-level activity logging for all administrative actions
  • Infrastructure: Hosted on SOC 2 compliant infrastructure (Vercel, Supabase, Railway)

8. Data Retention

We retain data as follows:

  • Account data: Retained for as long as your account is active, plus 30 days after deletion request
  • Contact data: Retained for the duration of the Customer's subscription, deleted within 90 days of account termination
  • Call transcripts and summaries: Retained for the duration of the Customer's subscription
  • Consent records: Retained for 5 years after the last communication, as required for TCPA compliance documentation
  • Audit logs: Retained for 2 years for platform-level actions, 1 year for tenant-level actions
  • Usage and analytics data: Retained in aggregated, anonymized form indefinitely

9. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal retention requirements)
  • Portability: Request your data in a machine-readable format
  • Opt-out: Opt out of automated communications at any time
  • Restriction: Request that we restrict processing of your data in certain circumstances

End Users who wish to exercise their rights should contact the Customer (data controller) who imported their data into ScendCore. Customers can exercise their rights by contacting us at privacy@scendcore.com.

10. Children's Privacy

ScendCore is designed for business use and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

11. International Data Transfers

Your data may be processed in countries other than your country of residence, including the United States. When we transfer data internationally, we implement appropriate safeguards to ensure your data receives the same level of protection as required by applicable data protection laws.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Platform. Your continued use of the Platform after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

Sprintmore LLC
Email: privacy@scendcore.com
For legal inquiries: legal@scendcore.com

Privacy Policy | ScendCore