Plain-English summary of what we collect, what we do with it, and what we don't do. The detailed legal version follows.
Violet Desk is a service of I Am Violet, Inc., a Delaware corporation. References to "we," "us," and "our" mean I Am Violet, Inc. References to "you" and "your" mean the business that signs up for Violet Desk and its authorized users.
When you sign up, we collect your business name, owner name, email address, business phone number, business type, services offered, and billing information.
When you authorize Violet to access your calendar (Google, Calendly, Apple, or Outlook), we receive permission to read your existing events and write new events for the purpose of booking, rescheduling, and cancelling appointments. We never access calendars belonging to other users you have not explicitly shared with Violet.
For every call Violet handles on your behalf, we collect: caller phone number, call timestamp, call duration, audio recording (encrypted at rest), and a text transcript. This data is used to book your appointments, send SMS confirmations, surface relevant information for future calls (caller memory), and provide you a searchable dashboard of your call activity.
To send appointment confirmations and reminders, we collect your customers' mobile phone numbers and the content of SMS messages we send them on your behalf.
Card payment information is collected and processed by Stripe, our PCI-compliant payment processor. We do not store full credit card numbers on our servers; we receive only the last four digits and a tokenized reference for billing.
We collect standard server logs (IP address, user agent, timestamps) for security and operational purposes. We do not run third-party analytics, advertising trackers, or behavioral profiling on this site.
We share your data only with service providers required to operate Violet Desk:
We do not sell, rent, or otherwise share your data or your customers' data with advertisers, data brokers, or any third party not required to operate the service.
For dental, medical, and mental-health practices, we offer a HIPAA-compliant tier under a signed Business Associate Agreement (BAA). On this tier, all call recordings and transcripts are encrypted at rest in HIPAA-compliant infrastructure, access is restricted and audit-logged, and we comply with HIPAA breach notification requirements. The BAA is provided at signup for medical-vertical customers and must be executed before the first patient call.
We do not train AI models on the content of your customer calls. Aggregate, fully de-identified usage statistics (e.g., "average call duration," "most common booking type") may be used to improve service quality and reliability. Individual call audio, individual transcripts, individual customer information — these are never used to train any AI model, ours or a third party's.
We retain your data for as long as your subscription is active and as required by law. After cancellation, we retain your account and call data for 90 days to allow for reactivation, then permanently delete it. You may request earlier deletion by contacting us. Billing records are retained as required by US federal and state law (typically 7 years).
Regardless of your jurisdiction, you have the following rights with respect to your data:
To exercise any of these rights, email us at [email protected]. We respond within 30 days.
Some US states (California, Florida, Illinois, Massachusetts, and others) require all parties to a phone call to consent to recording. Violet automatically plays a recording disclosure at the start of every call ("This call may be recorded for quality and scheduling purposes"). You are responsible for ensuring this disclosure is appropriate for your jurisdiction and business. We provide tools to customize the disclosure language; we do not provide legal advice on whether your specific use complies with your local law.
We use industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, restricted access to production systems, and regular security audits. No security system is perfect; we cannot guarantee absolute security but we work hard to protect your data and will notify you promptly of any breach affecting your account.
Violet Desk is operated from the United States. If you access the service from outside the US, your data is transferred to and processed in the US. By using the service you consent to this transfer.
We may update this privacy policy from time to time. We will notify you of material changes by email at least 30 days before the change takes effect. Your continued use of the service after the change indicates acceptance.
Questions about this privacy policy or your data: [email protected]
I Am Violet, Inc. — Delaware, USA