Quallaa
Quallaa

Privacy Policy

Last updated: February 6, 2026

Quallaa ("we," "our," or "us") provides AI-powered SMS communication services for businesses. This Privacy Policy explains how we collect, use, and protect information when you use our services.

1. Information We Collect

From Service Providers

When businesses sign up for our service, we collect:

  • Business name and contact information
  • Owner name, phone number, and email address
  • Business type and service preferences
  • Certification completion status, training progress, and assessment scores
  • AI guardrail configuration (services offered, pricing guidance, escalation rules, disclosure preferences)
  • Google Business review link
  • Billing and payment information

From End Customers (via SMS)

When businesses use our service to communicate with their customers, we collect:

  • Phone number
  • Name (as provided by the business)
  • SMS message content and timestamps
  • Opt-out preferences

From Bridge Apps (Pro Tier)

When businesses use our Quallaa Bridge apps (Mac or Android) to send AI responses from their own phone number:

  • Device identifier and registration information
  • SMS or iMessage content (forwarded for AI processing)
  • Contact list information (to filter personal contacts from AI responses)
  • Message delivery status and timestamps

Technical Information

We automatically collect:

  • IP address and browser information (website visitors)
  • Message delivery status and timestamps
  • Device and carrier information (for SMS delivery)
  • Phone number area code (used to determine geographic AI disclosure requirements under the Colorado AI Act)
  • AI disclosure compliance records (whether disclosure was required and included per message)

2. How We Use Your Information

We use the information we collect to:

  • Deliver SMS messages on behalf of businesses
  • Generate AI-powered responses to customer inquiries
  • Process review requests and follow-up sequences
  • Track message delivery and service usage
  • Process payments and manage subscriptions
  • Improve our AI and service quality
  • Comply with legal obligations

3. SMS Messaging Terms

Our SMS service operates as follows:

  • Message Types: Review requests, appointment reminders, estimate follow-ups, and customer service responses
  • Message Frequency: Varies based on business usage; typically 1-5 messages per service interaction
  • Opt-Out: Reply STOP to any message to unsubscribe from future messages
  • Help: Reply HELP for assistance
  • Carrier Charges: Message and data rates may apply
  • No Sharing: We will not share, sell, or rent your mobile phone number or SMS opt-in data with third parties for marketing or promotional purposes. Text messaging opt-in data and consent will not be shared with any third parties except aggregators and providers of text messaging services (such as Twilio) as necessary to deliver messages

4. Information Sharing

We do not sell your personal information. We share information only:

  • With Business Owners: Customer message history and opt-out status
  • With Service Providers: Third parties who help deliver our services (see Section 7)
  • For Legal Reasons: When required by law or to protect rights and safety

5. Data Security

We protect your information with:

  • Encrypted data transmission (HTTPS/TLS)
  • Secure database storage with access controls
  • Regular security monitoring
  • Limited employee access on a need-to-know basis

6. Data Retention

We retain data as follows:

  • SMS Messages: 2 years for service quality and dispute resolution
  • Business Accounts: Duration of service plus 3 years
  • Opt-Out Records: Indefinitely to honor unsubscribe requests
  • Certification Records: Duration of service plus regulatory compliance period
  • Bridge App Data: Deleted when device is revoked or account is closed

7. Third-Party Services

We use the following trusted services:

  • Twilio: SMS delivery and phone number management
  • Anthropic (Claude): AI-powered message generation
  • Supabase: Secure database hosting
  • Vercel: Website and API hosting
  • Stripe: Payment processing
  • Resend: Email communications
  • Apple Messages: iMessage delivery (Pro tier with Mac Bridge)
  • Android SmsManager: SMS delivery (Pro tier with Android Bridge)

8. Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate information
  • Request deletion of your data (subject to legal retention requirements)
  • Opt-out of SMS messages at any time by texting STOP
  • Opt-out of marketing emails

9. Children's Privacy

Our services are not directed to children under 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify users of material changes via email. Continued use of our services constitutes acceptance of updated terms.

Contact Us

For privacy questions or to exercise your rights:

Email: privacy@quallaa.com

Address: Quallaa LLC, Denver, Colorado