Privacy Policy

This policy explains what data Ring-a-Ding collects, how it is used, and your rights regarding that data. It applies to all users of the Ring-a-Ding service, website, MCP server, and CLI.

• Email address — for account creation and authentication (login via OTP)
• API key hash — a one-way bcrypt hash for authentication (the original key is not reversible)
• Call records — to/from numbers, transcripts, summaries, duration, and status
• Stripe customer and subscription IDs — for payment processing and subscription management
• Support communications — any emails or messages you send to our support address

• Your OpenAI API key — it is used per-call and then discarded. Ring-a-Ding never persists your OpenAI key.
• We do not store long-term call recordings.
• We do not use tracking cookies or analytics.

Your data is used to:

• Provide the Ring-a-Ding service (placing calls, returning results)
• Process payments through Stripe
• Send account-related emails (login OTP codes)
• Improve the product

Ring-a-Ding relies on the following third-party services, each with their own privacy policy:

• Supabase — database and authentication
• Stripe — payment processing
• Twilio — telephony
• OpenAI — voice AI (via your own API key)

Call records are retained indefinitely so you can access your call history. Signup sessions are temporary and expire automatically (10-minute window, consumed once). Account data is deleted upon request.

Ring-a-Ding uses a single cookie: the Supabase auth session token, required for login. There are no tracking cookies, no analytics cookies, and no third-party cookies.

You can request access to, export of, or deletion of your data at any time by contacting support@ringading.ai.

We may update this privacy policy at any time. Continued use of Ring-a-Ding after changes are posted constitutes acceptance of the updated policy.

Questions about this policy? Reach us at support@ringading.ai.