Privacy Policy

Latimer + Woods Tech LLC ("Company," "we," "us," or "our") operates the Word Is Bond platform ("Service"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our AI-powered voice intelligence platform. Please read this policy carefully. By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

1.1 Account Information

When you register for an account, we collect:

• Name, email address, and contact information
• Organization name and business details
• Job title and role within your organization
• Authentication credentials (passwords are hashed and never stored in plaintext)
• Billing information (processed and stored securely by Stripe)

1.2 Call Recordings and Voice Data

The core functionality of our Service involves processing voice communications:

• Audio recordings of calls made through the platform
• AI-generated transcriptions of call recordings
• Sentiment analysis, compliance scoring, and quality metrics derived from calls
• Call metadata (duration, timestamps, phone numbers, disposition codes)

1.3 AI Analysis Data

Our AI systems generate the following data from your calls:

• Natural language processing outputs (key phrases, topics, entities)
• Compliance violation detection and flagging
• Agent performance scores and improvement recommendations
• Call outcome predictions and trend analyses

1.4 Usage and Technical Data

We automatically collect:

• Browser type, operating system, and device information
• IP addresses and approximate geographic location
• Pages visited, features used, and interaction patterns
• Session identifiers and authentication tokens
• Error logs and performance diagnostics

2. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To operate, maintain, and provide the core features of the platform, including call management, recording, and playback
• AI Transcription and Analysis: To transcribe calls, perform sentiment analysis, generate compliance scores, and produce quality assurance reports
• Compliance Assistance: To help identify potential FDCPA, TCPA, and other regulatory compliance issues in real-time and in post-call review
• Analytics and Reporting: To provide dashboards, performance metrics, campaign analytics, and business intelligence insights
• Account Management: To manage your subscription, process payments, and communicate about your account
• Security: To detect and prevent fraud, unauthorized access, and other malicious activity
• Product Improvement: To improve our algorithms, fix bugs, and develop new features (using only anonymized, aggregated data)

3. Data Sharing and Third-Party Processors

We do not sell your personal information or call data to third parties. Period.

We share data only with the following categories of service providers, solely to operate the Service:

• Telnyx: Voice-over-IP telephony provider for call routing, recording, and SIP connectivity
• Stripe: Payment processing for subscription billing and invoicing
• Cloudflare: Content delivery, DDoS protection, web application firewall, and edge computing infrastructure (Workers and Pages)
• Neon: PostgreSQL database hosting with branch isolation and row-level security

Each processor is bound by contractual obligations to protect your data and use it only for the purposes we specify. We may also disclose information when required by law, subpoena, court order, or regulatory request.

4. Data Retention

We retain your data according to the following guidelines:

• Call Recordings: Retained for the period configured by your organization administrator, with a default of 90 days. Many regulatory frameworks require retention of at least 3 years; consult your compliance team.
• Transcripts and AI Analysis: Retained for as long as the associated call recording is stored, unless separately configured.
• Account Data: Retained for the duration of your active subscription and up to 30 days after termination to allow data export.
• Audit Logs: Retained for a minimum of 7 years to comply with financial and regulatory record-keeping requirements.
• Anonymized Analytics: Retained indefinitely in aggregated, de-identified form for product improvement.

Organization administrators can configure retention periods for their team via the Settings panel. Upon request, we can permanently delete all organization data, subject to legal hold requirements.

5. Security Measures

We implement industry-leading security measures to protect your data:

• Encryption at Rest: All sensitive data is encrypted using AES-256 encryption
• Encryption in Transit: All communications use TLS 1.3 with strong cipher suites
• Web Application Firewall: Cloudflare WAF provides real-time threat detection and DDoS mitigation
• Database Security: Neon PostgreSQL with row-level security (RLS) ensures strict multi-tenant data isolation — no organization can access another organization's data
• Access Control: Role-based access control (RBAC) with granular permissions for owners, managers, supervisors, and agents
• Audit Logging: Comprehensive audit trail of all data access and modifications
• Rate Limiting: API rate limiting and brute-force protection on all authentication endpoints
• Regular Reviews: Periodic security audits and penetration testing

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Deletion: Request deletion of your personal data, subject to legal retention requirements
• Right to Export: Request a machine-readable export of your data (call recordings, transcripts, reports) via the Settings panel or by contacting support
• Right to Opt-Out of AI Analysis: Request that your calls not be processed by AI analysis features; note that this will disable transcription, compliance scoring, and sentiment analysis for your account
• Right to Correction: Request correction of inaccurate personal data
• Right to Restriction: Request restriction of processing in certain circumstances

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days of receiving your verified request.

7. FDCPA and TCPA Compliance

Word Is Bond provides tools designed to assist organizations with compliance monitoring under the Fair Debt Collection Practices Act (FDCPA), the Telephone Consumer Protection Act (TCPA), and other applicable regulations. However:

• The platform is a compliance assistance tool — it does not guarantee regulatory compliance
• You are solely responsible for ensuring your collection practices comply with all applicable laws
• AI-generated compliance scores and flags are advisory in nature and should be reviewed by qualified compliance personnel
• We recommend consulting with legal counsel to establish compliant policies and procedures for your organization

8. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from anyone under 18 years of age. If we learn that we have collected personal information from a minor, we will take steps to delete that information promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify registered users via email or in-app notification
• Provide a summary of changes for significant updates to data handling practices

Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised policy.

10. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: