Privacy Policy

Effective Date: 4/18/2026  |  Last Updated: 4/18/2026

NeverMissCall (“we,” “us,” or “our”) provides AI-powered communication and appointment booking services for service professionals. This Privacy Policy explains how we collect, use, and protect your information when you visit nevermisscall.com (the “Site”) and use our services.

We do not sell your personal information.

1. Information We Collect

We collect information that identifies, relates to, or could reasonably be linked to you (“Personal Information”).

  • Customer Information: Name, email, phone number, and billing address provided during account registration.
  • Transaction Data: Payment information processed securely via Stripe.
  • Communication Data: The content of SMS messages and call logs generated through our service between you and your customers (“Leads”).
  • Calendar Data: Limited scheduling information from your connected Google Calendar or Microsoft Outlook account, used solely to book and manage appointments on your behalf. See Section 13 for specifics.

2. How We Use Your Data

We use the information collected to:

  • Provide and maintain our AI SMS response and appointment booking service.
  • Book and cancel appointments in your connected calendar (Google Calendar or Microsoft Outlook).
  • Process payments and manage subscriptions.
  • Improve and train our Artificial Intelligence models — excluding calendar data (see Section 3).

3. AI Training and Anonymization

To improve the accuracy and helpfulness of our AI SMS response service, we use SMS conversation data to train our AI. AI training is performed only on SMS conversation data generated through our service, and never on data obtained from Google APIs, Microsoft Graph APIs, or any other third-party integration. We take the following privacy-first steps:

  • Obfuscation: Before data is used for training, we anonymize Personal Information. Specific street addresses, dates, and times are obfuscated or removed.
  • Anonymization: We strip identifiers (such as Lead phone numbers) to ensure the data cannot be traced back to a specific individual.
  • Unlawful Content: We do not knowingly retain or use data that contains unlawful content. If such content is identified during the anonymization process, it will be deleted immediately.
  • Calendar Data Excluded: Calendar data obtained through Google Calendar or Microsoft Outlook integrations is never used for AI training, analytics, advertising, or any purpose other than scheduling your own appointments. This carve-out aligns with Google's Limited Use policy for sensitive OAuth scopes.

4. Data Sharing & Selling

We follow these strict data sharing guidelines:

  • We do not sell your personal information.
  • We do not share calendar data, Google user data, or Microsoft user data with any third party for any purpose.
  • We only share data with third-party service providers (Stripe for billing, Twilio for SMS) strictly necessary to provide the service. These providers are contractually obligated to protect your data.
  • Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

5. California Privacy Rights (CCPA/CPRA)

We comply with the California Consumer Privacy Act. California residents have the following rights:

  • Right to Know: You can request a list of the personal information we have collected about you.
  • Right to Delete: You can request that we delete your personal information (subject to certain legal exceptions).
  • Right to Correct: You can request that we correct inaccurate personal information.
  • Right to Opt-Out of Automated Decision Making: You may request information regarding our AI's logic and the right to opt-out of certain automated processing.

To exercise these rights, please contact us at admin@nevermisscall.com.

6. Children's Privacy

Our Service is not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information from our files as soon as possible. If you believe that we may have collected information from a child under 13, please contact us at admin@nevermisscall.com.

7. International Users and GDPR Rights

NeverMissCall is operated from the United States. If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with data protection laws comparable to the EU General Data Protection Regulation (GDPR), the following applies to you:

  • Legal basis for processing: We process your personal information on the basis of (a) contractual necessity (to provide the Service you subscribed to), and (b) our legitimate interests in operating, securing, and improving the Service. Where we rely on your consent (for example, for analytics cookies), you may withdraw that consent at any time.
  • Data subject rights: You have the right to access, correct, delete, port, restrict, or object to our processing of your personal information. To exercise any of these rights, contact us at admin@nevermisscall.com.
  • Right to lodge a complaint: You have the right to lodge a complaint with a competent data protection supervisory authority in your jurisdiction if you believe our processing of your personal information infringes applicable data protection law.
  • International data transfers: Personal information you provide is transferred to and processed in the United States. We rely on standard contractual clauses and other legally recognized transfer mechanisms where required.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (including browser localStorage) to keep you logged in to your account and to analyze site traffic via PostHog, our product analytics provider. We do not use cookies for personalized advertising or retargeting.

On your first visit to the Site, a cookie consent banner lets you choose whether to allow analytics tracking. You may update your choice later from the “Cookie Settings” link in our footer. You can also configure your browser to refuse all cookies; however, some portions of the Service (such as staying logged in) may not function properly if you do.

9. Data Security

We implement industry-standard security measures, including SSL encryption and secure database protocols, to protect your data. OAuth refresh tokens for Google Calendar and Microsoft Outlook integrations are encrypted at rest using AES-256-GCM with a unique per-record initialization vector. Encryption keys are stored only in secured production environment variables and are never logged or exposed. Access tokens are held in memory only for the duration of a single request. However, no method of transmission over the internet is 100% secure.

10. Data Retention

We retain personal information only as long as necessary to provide the Service and fulfill legal obligations. Data associated with your account is deleted within 30 days of account termination or upon verified request, except where retention is required by law (for example, tax records or fraud investigations). OAuth credentials for Google Calendar and Microsoft Outlook are deleted immediately upon disconnection or subscription cancellation.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of any significant changes by posting the new policy on this page and updating the “Effective Date.”

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: admin@nevermisscall.com
Phone: 1-818-274-9980
Principal Place of Business:
NeverMissCall, LLC
1309 Coffeen Avenue STE 1200
Sheridan, Wyoming 82801
United States

13. Third-Party Calendar Integrations

NeverMissCall integrates with Google Calendar and Microsoft Outlook so that appointments booked through our AI SMS system appear directly in your calendar. This section describes exactly what data we access, how we use it, and your rights.

Your rights at a glance

  • Disconnect anytime. You can remove the calendar connection from your account settings at any time.
  • We stop immediately. Disconnecting revokes our access tokens and deletes your stored credentials.
  • Limited access. We only access the single calendar you explicitly connect — never your mailbox, files, contacts, or any other calendar.
  • No human reading. No NeverMissCall employee reads your calendar data except with your explicit consent during a support case, or as necessary for security or legal compliance.
  • No ads, no training, no resale. Your calendar data is never used for advertising, never used to train AI models, and never sold or shared with any third party.
  • Data deletion on cancellation. When you cancel your subscription, we delete your stored credentials and revoke all access tokens.

Google Calendar (via Google Calendar API)

Scope requested: https://www.googleapis.com/auth/calendar.events

  • What we can see: While the calendar.events scope technically permits access to full event details, our system is configured to query only busy/free availability (via the Google FreeBusy API pattern) and does not read, store, or process event titles, meeting notes, attendees, locations, or descriptions from your existing calendar entries.
  • What we write: Only appointment events we book for you, containing the customer's name, phone number, service address, and scheduled time.
  • What we can change: Only events we ourselves created. We never modify, cancel, or touch any event already on your calendar.

Microsoft Outlook (via Microsoft Graph API)

Scopes requested: Calendars.ReadWrite, offline_access, User.Read

  • What we can see: While the Calendars.ReadWrite scope technically permits access to full event details, our system is configured to read only the fields required to classify slot availability: start time, end time, and whether the event is marked busy, free, cancelled, or all-day. We do not read, store, or process event subjects, descriptions, attendees, or locations. Via User.Read we also read your email address and display name so you can confirm which account is connected.
  • What we write: Only appointment events we book for you.
  • What we can change: Only events we ourselves created.

Sub-processors

When you book an appointment through our Service, the customer's name and the scheduled appointment time may be sent via Twilio SMS to the Lead and to you (the Subscriber) as part of the booking confirmation flow. Event content from your existing calendar entries is never shared with Twilio, Stripe, or any other third party. Our sub-processors (Stripe for billing, Twilio for SMS, PostHog for analytics, Sentry for error tracking) are contractually obligated to protect your data and do not receive Google or Microsoft calendar data beyond what is strictly necessary to deliver the service.

How we secure your credentials

OAuth refresh tokens are encrypted at rest using AES-256-GCM with a unique per-record initialization vector. Access tokens are kept in memory only for the duration of a single request. Encryption keys are stored only in secured production environment variables and are never logged or exposed. Tokens are automatically refreshed when expired and immediately revoked when you disconnect the integration or cancel your subscription.

Google API Services User Data Policy — Limited Use Affirmation

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • Limited to user-facing features. We use Google user data solely to provide the appointment-booking feature that the subscriber explicitly authorized.
  • No transfer. We do not transfer Google user data to third parties except as necessary to provide the service (and only under binding confidentiality agreements), to comply with applicable law, or as part of a merger, acquisition, or sale of assets with user consent.
  • No advertising. We do not use Google user data for personalized advertising, retargeting, or marketing of any kind.
  • No credit or lending decisions. We do not use Google user data to determine credit-worthiness or for lending purposes.
  • No human reading. Human access to Google user data is prohibited and is reduced to the minimum necessary to provide, maintain, or secure the Service. Exceptions are limited to: (a) cases where we have obtained the subscriber's affirmative agreement for a specific support issue, (b) actions necessary for security purposes (such as investigating abuse), (c) actions required to comply with applicable law, or (d) data that has been aggregated or anonymized such that individual subscribers cannot be identified.
  • No AI training. Google user data (including calendar events and busy-time data) is never used to train generalized artificial intelligence or machine learning models.

Disconnecting

You may disconnect Google Calendar or Microsoft Outlook at any time from your account settings. Disconnecting immediately revokes the access tokens, deletes stored credentials, and stops all calendar access by NeverMissCall.