Privacy Policy

Effective Date: March 14, 2026 | Last Updated: March 14, 2026

1. Who We Are

EJW LLC ("EJW," "we," "us," or "our") operates the EJW Voice AI Receptionist platform ("Service"), an AI-powered phone answering system for businesses. Our Service uses artificial intelligence to answer inbound phone calls, take messages, provide business information, and route calls on behalf of our business customers ("Subscribers").

Contact Information:
EJW LLC
Email: privacy@ejwllc.com

2. Information We Collect

From Subscribers (Business Customers)

  • Account information: name, email address, password
  • Business information: business name, industry, phone number, address
  • Payment information: processed securely through Stripe (we do not store full card numbers)
  • Training data: business knowledge base, custom greetings, and AI configuration
  • Usage data: call volumes, feature usage, login activity

From Callers (People Who Call Our Subscribers)

  • Phone number (caller ID)
  • Voice call audio (if recording is enabled; disclosed at the start of each call)
  • Information voluntarily provided during the call: name, callback number, reason for calling, messages
  • Call metadata: date, time, duration

Automatically Collected

  • IP addresses (hashed for analytics)
  • Browser type and device information
  • Cookies for session management and affiliate tracking

3. How We Use Your Information

  • Provide, maintain, and improve the Service
  • Process and route phone calls using AI voice technology
  • Deliver messages and voicemails to the appropriate Subscriber
  • Process payments and manage subscriptions
  • Send service-related communications (account alerts, billing notifications)
  • Monitor and improve AI accuracy and call quality
  • Comply with legal obligations

We do not sell your personal information to third parties.

4. Healthcare and Medical Practices

Some of our Subscribers are healthcare providers. When our Service is used by a medical practice:

  • The AI receptionist is an administrative tool only. It does not provide medical advice, diagnose conditions, or recommend treatments.
  • Caller information collected during calls to medical practices may include Protected Health Information ("PHI") as defined under HIPAA.
  • We implement reasonable administrative, technical, and physical safeguards to protect this information, including encryption in transit (TLS 1.2+), access controls, and automated data retention policies.
  • Call recordings and transcripts for medical practices are automatically purged after 90 days unless the Subscriber configures a different retention period.
  • We will enter into a Business Associate Agreement ("BAA") with healthcare Subscribers upon request.

Important: EJW Voice is designed to take messages and route calls. It is not a substitute for clinical judgment. All messages are delivered to practice staff for review and action.

5. AI Disclosure

Our Service uses artificial intelligence to conduct phone conversations. Callers are informed at the beginning of each call that they are speaking with an AI assistant. The AI processes voice input in real time to generate responses. Voice data is transmitted to our AI service providers (see Section 6) for processing and is not retained by those providers beyond the duration of the call unless recording is explicitly enabled and disclosed.

6. Third-Party Service Providers

We use the following third-party services to operate the platform. Your data may be processed by these providers in accordance with their respective privacy policies:

  • Twilio — Telephony, phone number provisioning, call routing, and SMS. Privacy Policy
  • ElevenLabs — AI voice synthesis and conversational AI processing. Privacy Policy
  • Supabase — Database hosting, authentication, and data storage. Privacy Policy
  • Stripe — Payment processing and subscription management. Privacy Policy
  • Vercel — Web application hosting. Privacy Policy

7. Call Recording and Monitoring

When recording is enabled by a Subscriber, a disclosure is played at the beginning of each call informing the caller that the call may be recorded. By continuing the call after this disclosure, the caller consents to recording.

  • Call recordings are stored securely and encrypted at rest
  • Recordings are accessible only to the Subscriber and authorized EJW administrators
  • Recordings are automatically deleted after the retention period (default: 90 days)
  • Subscribers are responsible for complying with their state and local recording consent laws

8. Data Retention

  • Account information: retained for the duration of the account plus 30 days after deletion
  • Call recordings: automatically purged after 90 days (configurable by Subscriber)
  • Call transcripts: text content purged after 90 days; metadata (date, duration, caller number) retained for analytics
  • Voicemail recordings and transcripts: purged after 90 days
  • Payment records: retained as required by law (typically 7 years for tax purposes)

9. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (TLS 1.2+) for all data transmissions
  • Encryption at rest for stored data
  • Row-level security on all database tables
  • Webhook signature validation for all external service integrations
  • API rate limiting and request size caps
  • Role-based access controls for administrative functions

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate personal information
  • Deletion: Request deletion of your personal information, subject to legal retention requirements
  • Portability: Request your data in a portable, machine-readable format
  • Opt-out: Opt out of marketing communications at any time

For healthcare-related inquiries, patients who called a medical practice using our Service may contact the practice directly to exercise their rights under HIPAA, including the right to access, amend, and receive an accounting of disclosures of their health information.

To exercise any of these rights, contact us at privacy@ejwllc.com. We will respond within 30 days.

11. Breach Notification

In the event of a data breach affecting your personal information, we will:

  • Notify affected Subscribers within 30 days of discovering the breach
  • Provide details of the nature of the breach and the information affected
  • Describe the steps we are taking to address the breach and prevent future occurrences
  • For healthcare Subscribers: comply with HIPAA breach notification requirements, including notification to the U.S. Department of Health and Human Services where required

12. Cookies

We use cookies for session management, authentication, and affiliate tracking. You can control cookie settings in your browser. Disabling cookies may affect the functionality of the platform. We do not use cookies to track callers — cookie usage is limited to the web platform.

13. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete that information.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify Subscribers of material changes by email or through the platform at least 30 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:

EJW LLC
Email: privacy@ejwllc.com
For HIPAA-related inquiries: privacy@ejwllc.com

If you believe your privacy rights have been violated, you may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at www.hhs.gov/ocr/complaints.