Privacy Policy

Last updated: April 15, 2025

1. Introduction

CallScript Pro ("we," "us," or "our") operates CallScript Pro (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Service. By using the Service, you consent to the practices described in this policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

2a. Information You Provide

  • Account information: When you authenticate via Manus OAuth, we receive your name, email address, and a unique user identifier from the OAuth provider.
  • License information: Your Gumroad license key and associated email address, used to verify your subscription status.
  • User-generated content: Scripts, channel configurations, calendar entries, and other content you create within the Service.
  • API keys: Third-party API keys you optionally provide (e.g., YouTube Data API, ElevenLabs, Ringba). These are stored encrypted and used solely to perform the integrations you configure.

2b. Information Collected Automatically

  • Authentication cookies: We use HTTP-only session cookies signed with a JWT secret to maintain your authenticated session. These cookies are essential to the operation of the Service and cannot be disabled.
  • Usage analytics: We collect anonymized usage data (page views, feature interactions, session duration) via our analytics infrastructure to understand how users engage with the Service and to improve it. This data does not include personally identifiable information.
  • Log data: Server logs may capture your IP address, browser type, operating system, referring URLs, and timestamps of requests for security and debugging purposes.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Authenticate your identity and enforce license validity.
  • Process your requests and deliver AI-generated content.
  • Send transactional notifications (e.g., license status changes, system alerts).
  • Monitor and analyze usage patterns to improve the Service.
  • Detect, investigate, and prevent fraudulent or unauthorized activity.
  • Comply with legal obligations.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

4. Third-Party API Usage and Data Sharing

To deliver the Service's features, we transmit certain data to third-party providers. By using the Service, you acknowledge and consent to the following data flows:

  • OpenAI: Script content, channel names, niche descriptions, and related inputs are sent to OpenAI's API for language model processing. OpenAI's data usage policy applies. We do not send personally identifiable information to OpenAI beyond what is necessary for the generation request.
  • ElevenLabs: If you use voice synthesis features, text content is transmitted to ElevenLabs for audio generation.
  • Google / YouTube: If you connect your YouTube account, we access YouTube Analytics data and channel metadata via the YouTube Data API. This access is governed by Google's Privacy Policy and YouTube's Terms of Service.
  • Gumroad: Your license key is verified against Gumroad's API. Gumroad may retain records of this verification.
  • Manus Platform: Authentication is handled via Manus OAuth. The Manus platform privacy policy governs data processed during authentication.
  • Ringba: If you connect a Ringba account for call tracking, call data is synced from Ringba's API. Ringba's privacy policy applies to data held on their platform.

5. Data Retention

We retain your account data and user-generated content for as long as your account is active or as needed to provide the Service. If you request deletion of your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., fraud prevention, legal disputes).

6. Data Security

We implement industry-standard technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These include encrypted data transmission (TLS), encrypted storage of sensitive credentials, and access controls. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Cookies

The Service uses the following types of cookies:

  • Session cookies: HTTP-only, signed JWT cookies that authenticate your session. These are strictly necessary and cannot be disabled without breaking the Service.
  • Analytics cookies: Used to collect anonymized usage data. These may be set by our analytics infrastructure.

Most browsers allow you to control cookies through their settings. Disabling session cookies will prevent you from logging in.

8. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us at [email protected] and we will take steps to delete such information.

9. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict the processing of your personal data. To exercise these rights, contact us at [email protected]. We will respond to verified requests within 30 days.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page. Your continued use of the Service after any changes constitutes your acceptance of the revised policy.

11. Governing Law

This Privacy Policy is governed by the laws of the State of Texas, United States of America.

12. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at [email protected].