Privacy Policy

Last updated: March 2026

1. Information We Collect

Account Information: When you sign up, we collect your name, email address, and business information you provide during onboarding.

Client Data: You may upload information about your clients including names, email addresses, phone numbers, and invoice details. This data is encrypted at rest.

Usage Data: We collect information about how you use our service, including reminder schedules, payment tracking, and feature usage.

Payment Information: Payment processing is handled by Stripe. We do not store credit card numbers.

2. How We Use Your Information

  • To provide and maintain our service
  • To send payment reminders on your behalf
  • To personalize reminder messages using AI
  • To analyze payment patterns and provide insights
  • To process payments and manage subscriptions
  • To send service-related communications
  • To improve our service and develop new features

3. Data Protection

Encryption: All client personal information (names, emails, phone numbers) is encrypted using AES-256-GCM encryption before storage.

Access Control: Row-level security ensures users can only access their own data.

No AI Training: Your data is never used to train AI models. We use AI only to generate personalized messages within your session.

4. Third-Party Recipients (Your Clients)

We store information about individuals who receive payment reminders through our platform. These recipients have the following rights:

  • Opt out of email reminders via unsubscribe link in every email
  • Opt out of SMS by replying STOP
  • Request access to or deletion of their data

Recipients can submit data requests at jolter.ai/privacy/request

5. Your Rights

You have the right to:

  • Access your data via the data export feature
  • Delete your account and all associated data
  • Correct inaccurate information
  • Opt out of marketing communications

Account deletion includes a 30-day grace period during which you can cancel the deletion.

6. Data Retention

We retain your data for as long as your account is active. After account deletion:

  • 30-day grace period where deletion can be cancelled
  • Data is permanently deleted after the grace period
  • Webhook event logs are purged after 90 days

7. SMS and Email Communications

SMS Consent: We only send SMS reminders to recipients whose consent has been confirmed by you, our customer. We maintain records of consent confirmations.

Timing: Reminders are never sent before 8 AM or after 9 PM in the recipient's local timezone.

CAN-SPAM Compliance: All emails include an unsubscribe mechanism and sender identification.

8. Third-Party Services

We use the following third-party services:

  • Supabase: Database hosting and authentication
  • Stripe: Payment processing
  • SendGrid: Email delivery
  • Telnyx: SMS delivery
  • OpenAI: Message generation (no data retained)

9. Contact Us

For privacy-related questions or to submit a data request, please visit our data request form or email privacy@jolter.ai.

Note: This privacy policy is a template. Please have it reviewed by a qualified attorney before using it in production.