SiteMason ("we," "us," or "our") provides a missed call recovery and business communication platform for local businesses. This Privacy Policy explains how we collect, use, and protect information in connection with our services.
We collect the following categories of information:
Caller phone numbers - when a call to a client business goes unanswered, the caller's phone number is captured via Twilio's inbound call infrastructure and used solely to send a one-time automated text message.
Business owner information - collected during onboarding: name, email address, business phone number, business name, EIN (for A2P registration), and service preferences.
Usage data - call logs, message delivery status, and booking interactions associated with each client account.
Information we collect is used only for the following purposes:
We do not use caller phone numbers for marketing, advertising, or any purpose beyond the missed call recovery service described above.
We do not sell, rent, or share personal information with third parties for marketing purposes. We share information only as necessary to operate our service:
Twilio, Inc. - our SMS and telephony provider. Twilio processes phone numbers and message content to deliver text messages. Twilio is subject to its own privacy policy and, where applicable, a HIPAA Business Associate Agreement.
Legal compliance - we may disclose information if required by law, court order, or governmental authority.
Clients that are HIPAA-covered entities (including medical spas, dental offices, and other healthcare providers) may submit Protected Health Information (PHI) through our platform in the course of using the missed call recovery service. For these clients, SiteMason operates as a Business Associate under HIPAA and enters into a Business Associate Agreement (BAA) prior to processing any PHI. We implement administrative, physical, and technical safeguards appropriate to protect PHI in accordance with HIPAA requirements.
Caller phone numbers and associated call records are retained for up to 90 days for reporting purposes, then deleted. Business client account data is retained for the duration of the subscription and for 30 days following cancellation, after which it is permanently removed from our systems.
Recipients of SiteMason text messages may opt out at any time by replying STOP to any message. Once an opt-out is received, that phone number will not receive further messages from the associated client's SiteMason service. Reply HELP for assistance.
We use industry-standard security measures including encrypted data transmission (TLS) and access controls to protect information stored on our platform. No method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.
Our service is not directed to individuals under the age of 13, and we do not knowingly collect personal information from children.
We may update this Privacy Policy from time to time. We will notify active clients of material changes by email. Continued use of our service after changes take effect constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy or wish to exercise any rights regarding your information, please contact us at: