Privacy Policy
Effective date: January 1, 2026 · Last updated: 2026
Dendrites Technologies Co. ("Dendrites AI", "we") respects your privacy. This Policy explains what personal information we collect, how we use it, who we share it with, and your choices. It applies to all our products: ServiceOrbit, CallWise AI, and Axiom AI Chat.
1. Information We Collect
1.1 Account information
Name, business email, company name, phone number (optional), country, billing address, payment method (tokenized via Stripe — we do not store full card numbers).
1.2 Customer content (what you provide to the services)
- ServiceOrbit: staff credentials, service catalog, student/user records, email cases, chat transcripts, voice call recordings/transcripts, knowledge documents.
- CallWise AI: phone numbers you configure, call recordings, call transcripts, appointment bookings, SMS message logs.
- Axiom AI Chat: sitemap URL and crawled page text, chatbot configuration, visitor conversations, lead capture data.
1.3 End-user data (visitors, callers, students)
When your customers/visitors interact with a service you operate, we process their messages, voice, name, email, and any details they provide, strictly to provide the service on your behalf. You are the data controller for end-user data; we are the processor.
1.4 Automated technical data
IP address, browser type, device identifiers, pages visited, timestamps. Collected via server logs, cookies, and similar technology. Retained for up to 90 days for security and abuse prevention.
2. How We Use Information
- To provide, maintain, and improve the services you purchased.
- To process payments, invoices, and tax compliance.
- To communicate with you about your account, service updates, and security events.
- To detect, prevent, and respond to abuse, fraud, and security threats.
- To comply with law, legal process, and legitimate government requests.
We do not sell your personal information. We do not use your customer content to train general-purpose AI models.
3. AI Processing
To deliver AI features (chat, voice, classification, summarization), we send relevant portions of your content to third-party AI providers:
| Provider | Used for | Data retention |
|---|---|---|
| OpenAI | GPT-4o/4.1 chat & voice, text-embedding-3-small embeddings | API zero-retention (30 days for abuse monitoring only) |
| Anthropic | Claude Haiku 4.5 & Sonnet 4.5 chat responses | API zero-retention |
| Gemini 3.1 Flash Live voice (optional, per-tenant) | API zero-retention | |
| Twilio | CallWise AI phone numbers, call routing, SMS | Per Twilio policy |
4. Subprocessors
We use vetted third parties to operate the services:
- Stripe — payment processing
- AWS — EC2, S3, SES (ServiceOrbit production hosting)
- Cloudflare — DNS, CDN, Pages (marketing site)
- Microsoft — Azure AD, Microsoft Graph (optional integrations)
- HubSpot — CRM (marketing & sales pipeline)
A current subprocessor list with legal and geographic details is available on request from [email protected].
5. Sharing
We share information only with:
- Subprocessors as described above, under written data processing agreements.
- Professional advisors (accountants, lawyers) under duties of confidentiality.
- Law enforcement, regulators, or parties to a legal process, when legally required.
- An acquirer or successor in a merger, acquisition, or sale of assets, with notice to you.
6. Data Retention
- Account data: for the life of your account + 7 years for tax/audit.
- Customer content: deleted on request or within 30 days after account closure, except records required by law.
- Server logs: 90 days.
- Backups: rolling 30 days.
7. Your Rights
Depending on your location (GDPR, UK GDPR, CCPA/CPRA, PIPEDA, UAE PDPL, etc.) you may have rights to access, correct, delete, port, or restrict processing of your personal data. Submit requests to [email protected]. We respond within 30 days.
If you are an end user (visitor, caller, student) of a service operated by one of our customers, direct your requests to that customer. We will assist the customer in responding.
8. International Transfers
We are based in the United States. For customers in the EU/UK, we rely on Standard Contractual Clauses and other appropriate safeguards when data is transferred out of the EEA/UK.
9. Security
We protect your data with: encryption at rest and in transit, access controls and least privilege, PBKDF2 password hashing, audit logs, rate limiting, and regular security reviews. See the Security section on our home page for details.
10. Children
Our services are for business use. We do not knowingly collect personal data from children under 13. If a child uses a customer service we power (e.g., a university helpdesk where students are minors), we process data as directed by the customer under applicable law (e.g., FERPA).
11. Changes
We may update this Policy. Material changes will be announced by email or via the portal at least 14 days in advance.
12. Contact
Privacy Officer
Dendrites Technologies Co.
Dallas, Texas, USA
[email protected]