Privacy Policy
This Privacy Policy describes how Auth3ntic AI, doing business as Praetonis (“we,” “us,” or “our”), collects, uses, and protects information when you use our AI front office platform. By using Praetonis, you agree to the practices described in this policy. This policy is incorporated into and subject to our Terms of Service. If you have questions, contact us at hello@praetonis.com.
1. Information We Collect
We collect information necessary to deliver the Praetonis service to operators and to improve the platform over time. The categories of information we collect include:
Call Recordings and Transcripts
Praetonis answers inbound calls on behalf of operators. All calls handled by the Praetonis voice agent are recorded and transcribed. Call recordings and transcripts are used for service delivery, quality monitoring, and voice agent training. Callers are notified at the beginning of each call that the call may be recorded.
Contact Information
When callers interact with the Praetonis voice agent or submit web forms, we collect name, phone number, email address, and service request details provided during the interaction. This information is shared with the operator whose number the caller contacted.
Calendar Data
To enable scheduling functionality, Praetonis connects to your calendar or field service management tool. We access availability data, existing appointments, and scheduling information strictly for the purpose of booking jobs on your behalf. We do not store calendar data beyond what is required for active scheduling.
Business Information
Operators provide business information during onboarding including business name, service types, coverage area, on-call staff contact information, and escalation preferences. This information configures how the Praetonis agent operates on your behalf.
Usage Data
We collect standard platform usage data including login activity, feature usage, API call logs, and system events. This data is used for platform reliability, billing accuracy, and product improvement.
Payment Information
Billing information is processed through Stripe. Praetonis does not store full payment card numbers. We retain billing records including amounts, dates, and plan details for accounting and compliance purposes.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Service Delivery — Answering calls, responding to web leads, booking jobs, sending invoice reminders, and delivering daily briefings on your behalf.
- Quality Improvement — Reviewing call recordings and transcripts to identify script improvements, edge cases, and opportunities to improve voice agent performance.
- Billing and Payments — Processing subscription payments, generating invoices, and maintaining accurate billing records.
- Communication — Sending platform notifications, product updates, and operational alerts relevant to your account.
- Support — Diagnosing issues, responding to support requests, and assisting with onboarding and configuration.
- Compliance — Meeting legal obligations including call recording disclosure requirements and data protection regulations applicable to our operations.
- Product Development — Using aggregated, anonymized usage data to improve Praetonis features and inform product decisions. Individual operator data is never used for model training without explicit consent.
We do not sell your data. We do not sell, rent, or trade operator or customer data to third parties for marketing or advertising purposes. Full stop.
3. Data Security
We take the security of your data seriously. The following controls are in place across the Praetonis platform:
Encryption
All data transmitted between your systems and Praetonis is encrypted in transit using TLS 1.2 or higher. Call recordings, transcripts, and stored data are encrypted at rest using AES-256 encryption.
Access Controls
Access to operator data is restricted to Praetonis personnel who require it to perform their job functions. All internal access is logged. Administrative access requires multi-factor authentication.
Audit Logs
We maintain audit logs of all access to sensitive data, including call recordings and account configuration. Logs are retained for a minimum of 12 months and are reviewed periodically for anomalies.
Incident Response
In the event of a data security incident that affects your data, we will notify you within 72 hours of becoming aware of the incident, describe the nature of the incident, the data affected, and the steps we are taking to address it.
No system is perfectly secure. While we take significant precautions, we cannot guarantee absolute security. We encourage operators to use strong passwords and enable two-factor authentication on their Praetonis account.
4. Data Retention
We retain your data for as long as your account is active and for a reasonable period afterward to fulfill legal and contractual obligations.
- Active account data — Retained for the duration of your subscription. Call recordings and transcripts are retained for 12 months by default. Operators may request extended or reduced retention periods.
- Billing records — Retained for 7 years in accordance with standard accounting requirements.
- Account closure — Following account closure, your operational data (call recordings, transcripts, contact logs) is deleted within 30 days. Anonymized, aggregated data derived from your account may be retained indefinitely for product improvement purposes.
- Deletion requests — You may request early deletion of specific data categories at any time by contacting hello@praetonis.com. We will fulfill deletion requests within 14 business days, subject to retention requirements mandated by law.
5. Third-Party Services
Praetonis uses the following third-party services to deliver the platform. Each sub-processor is bound by data processing agreements and their own privacy and security standards.
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Twilio | Telephony — call routing, SMS, voice agent infrastructure | Phone numbers, call recordings, SMS content | twilio.com/legal/privacy |
| Stripe | Payment processing and subscription billing | Payment card data, billing address, transaction history | stripe.com/privacy |
| Reviews API, calendar integration, maps data | Business listing data, calendar availability (read-only) | policies.google.com/privacy | |
| Calendar Integrations | Scheduling — Google Calendar, ServiceTitan, Jobber, Housecall Pro | Availability data, appointment details (read/write) | Per integration provider |
We do not share your data with third parties beyond those listed above, except where required by law or where you have explicitly authorized an integration.
6. Your Rights
You have the following rights with respect to the personal data Praetonis holds about you and about your customers’ interactions with the platform.
Access
Request a copy of the personal data we hold about you or your account.
Correction
Request correction of inaccurate or incomplete data we hold about you.
Deletion
Request deletion of your personal data, subject to legal retention requirements.
Data Portability
Request a machine-readable export of data you’ve provided to Praetonis.
Restriction
Request that we restrict processing of your data while a request or dispute is pending.
Objection
Object to processing of your data for purposes beyond direct service delivery.
To exercise any of these rights, contact us at hello@praetonis.com. We will respond within 14 business days. We may need to verify your identity before fulfilling a request.
If you are located in the European Economic Area (EEA), you may have additional rights under GDPR. If you are a California resident, please see Section 7: California Consumer Privacy Rights below for your specific rights under the CCPA/CPRA. For information about how these rights relate to your service agreement, see our Terms of Service.
7. California Consumer Privacy Rights (CCPA/CPRA)
This section applies to California residents and supplements the information in this Privacy Policy. It describes your rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”). These rights are also described in our Terms of Service.
Our Role Under the CCPA
Auth3ntic AI (dba Praetonis) acts as a “business” with respect to operator personal information we collect directly, and as a “service provider” with respect to end customer personal information we process on behalf of operators. We process end customer data solely at the operator’s direction and for the business purposes described in this policy.
Categories of Personal Information We Collect
In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:
| Category | Examples | Business Purpose |
|---|---|---|
| Identifiers | Names, phone numbers, email addresses, mailing addresses | Service delivery, communication, scheduling |
| Commercial information | Service requests, job history, payment records, invoice data | Billing, revenue recovery, daily briefings |
| Audio information | Call recordings, voicemail recordings | Service delivery, quality improvement |
| Internet / electronic activity | Web form submissions, dashboard usage logs, SMS interactions | Platform reliability, product improvement |
| Professional information | Business name, trade type, service area, staff contacts | Onboarding, voice agent configuration |
Sale and Sharing of Personal Information
Praetonis does not sell personal information. We do not sell, rent, or trade any personal information to third parties for monetary or other valuable consideration. We also do not “share” personal information for cross-context behavioral advertising as defined by the CPRA.
Your CCPA/CPRA Rights
As a California resident, you have the right to:
Right to Know
Request disclosure of the categories and specific pieces of personal information we have collected, the sources, the business purposes, and the categories of third parties with whom we share it.
Right to Delete
Request deletion of personal information we have collected, subject to certain legal exceptions (e.g., legal obligations, ongoing service delivery, security).
Right to Correct
Request correction of inaccurate personal information we maintain about you, taking into account the nature and purposes of the processing.
Right to Opt-Out of Sale/Sharing
Direct us not to sell or share your personal information. As noted above, Praetonis does not sell or share personal information.
Right to Limit Use of Sensitive PI
Limit our use of sensitive personal information to purposes necessary to perform the services you have requested.
Right to Non-Discrimination
We will not deny services, charge different prices, or provide a different quality of service because you exercised a CCPA right.
How to Submit a Request
You may submit a verifiable consumer request by:
- Email — Send your request to hello@praetonis.com with subject line “CCPA Request — [Your Name]”
- Web Dashboard — Use the privacy request form in Account Settings (when available)
We will verify your identity before processing any request. For requests made on behalf of a household, we may require verification from all members. We will respond within 45 days of receiving a verifiable request. If we need additional time, we will notify you of the extension (up to an additional 45 days) and explain the reason.
You may make a request to know or delete up to twice in a 12-month period. You may also designate an authorized agent to submit requests on your behalf. We may require proof of authorization.
Retention of Personal Information
We retain each category of personal information for only as long as reasonably necessary to fulfill the purposes described in this policy. See Section 4: Data Retention for specific retention periods.
Financial Incentive Programs
Praetonis does not offer financial incentive programs that require the collection of personal information.
8. Cookies
Praetonis uses a minimal set of cookies to operate the platform and improve your experience. We do not use third-party advertising cookies or behavioral tracking cookies.
Cookies We Use
- Session cookies — Required for authentication. These expire when you close your browser or after 30 days of inactivity.
- Preference cookies — Store interface preferences (e.g., briefing delivery settings) to persist between sessions.
- Analytics cookies — First-party analytics to understand how the platform is being used in aggregate. No personal data is included in analytics events.
What We Do Not Use
- Third-party advertising or retargeting cookies
- Social media tracking pixels
- Cross-site behavioral tracking of any kind
You can control cookie behavior through your browser settings. Disabling session cookies will prevent you from logging in to the Praetonis dashboard.
9. Contact
For privacy-related questions, data requests, or to report a concern, contact us at:
Praetonis Privacy
Email: hello@praetonis.com
Subject line: “Privacy Request — [your name or account]”
We aim to respond to all privacy inquiries within 5 business days and to fulfill data requests within 14 business days.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or platform capabilities.
- Material changes — For changes that materially affect your rights or how we use your data, we will provide at least 30 days’ notice via email to the address on your account before the changes take effect.
- Minor changes — For minor updates (corrections, clarifications, formatting), we will update the “Last updated” date at the top of this page. No advance notice is required.
- Continued use — Your continued use of Praetonis after the effective date of a policy change constitutes acceptance of the updated policy.
If you disagree with a material change to this policy, you may terminate your account before the effective date of the change and request deletion of your data.
We will never make changes that reduce your data rights without explicit notice and a 30-day window to respond. If you have questions about any change to this policy, email us before the effective date.