Legal

Privacy Policy

Effective date: June 19, 2026  ·  Last updated: June 19, 2026

Contents

  1. Who we are & scope
  2. Information we collect
  3. Calls, recordings & voice data
  4. How we use information
  5. AI processing & model training
  6. How we share information
  7. Service providers & subprocessors
  8. Controller / processor roles
  9. Cookies & analytics
  10. Data retention
  11. Data security
  12. Your privacy rights
  13. International transfers
  14. Children's privacy
  15. Changes to this policy
  16. Contact us

1Who we are & scope

This Privacy Policy explains how The Collective Technologies LLC, a Missouri limited liability company ("The Collective," "we," "us," or "our") collects, uses, shares, and protects personal information in connection with our website at thecollective.icu and our AI agent services, including Maya (voice), Alex (website & sales), Tay (AI chief of staff), custom builds, and related products (collectively, the "Services").

This policy applies to: visitors to our website; customers who subscribe to or purchase our Services; and individuals whose information is processed when our customers use our agents (for example, a person who calls a phone number powered by Maya, or who chats with Alex on a customer's website). It does not apply to third-party websites or services we link to.

By using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.

2Information we collect

Information you provide to us

Information collected automatically

Information from your end-users (when you use our agents)

Information from third parties

We may receive information from our service providers (for example, telephony metadata from Twilio), analytics providers, and partners who refer you to us.

3Calls, recordings & voice data

Several of our agents handle telephone calls. Depending on configuration, a call may be transcribed in real time and, where enabled, recorded. Audio is processed to provide the Service — converting speech to text, generating a response, and converting text back to speech.

Consent is required. Laws in many jurisdictions (including U.S. "two-party consent" states and similar rules elsewhere) require that some or all parties consent before a call is recorded or monitored. Where we act on behalf of a customer, the customer is responsible for providing any required notices and obtaining any required consent from callers. We provide configuration options to support this, but compliance is the customer's responsibility.

4How we use information

We use personal information to:

Where required by law, we rely on a lawful basis to process your information, such as performance of a contract, your consent, our legitimate interests in operating the Services, or compliance with a legal obligation.

5AI processing & model training

Our Services use third-party artificial intelligence providers to understand speech, generate responses, and synthesize voice. Your inputs and the agents' outputs are sent to these providers solely to deliver the Service.

We do not sell your data, and we do not use your content or your end-users' content to train our own foundation models. Our AI subprocessors process data under their respective enterprise/API terms, which, for the providers we use, do not use API-submitted content to train their general models by default. If this changes for a given provider, we will update the list of subprocessors below.

6How we share information

We do not sell personal information. We share it only as follows:

7Service providers & subprocessors

We rely on the following categories of providers to operate the Services. This list may change as our stack evolves; we will keep it current.

ProviderPurpose
TwilioTelephony & call routing
OpenAIVoice / conversational AI processing
Anthropic (Claude)AI reasoning & text generation
DeepgramSpeech-to-text transcription
CartesiaText-to-speech voice synthesis
GoogleSpreadsheets, email delivery, analytics
NotionStructured data storage
Railway / cloud hostingApplication hosting & databases
n8nWorkflow automation
Payment processor [e.g. Stripe]Billing & payments

8Controller / processor roles

For data we collect about our own customers, website visitors, and applicants, The Collective acts as a data controller.

When a customer uses our agents to interact with that customer's own callers, visitors, or leads, the customer is the controller of that personal data and The Collective acts as a processor acting on the customer's instructions. Customers are responsible for having a lawful basis and any required notices/consents for the data their agents collect. A separate Data Processing Addendum is available on request.

9Cookies & analytics

We use cookies and similar technologies to operate the website, remember preferences, and understand usage. We use Google Analytics to measure traffic and improve the site; Google may set cookies and process usage data under its own terms. You can control cookies through your browser settings, and where required we will request consent before setting non-essential cookies.

10Data retention

We retain personal information for as long as needed to provide the Services, comply with our legal obligations, resolve disputes, and enforce our agreements. Call recordings, transcripts, and lead data are retained for the period configured for your account or as otherwise required; you may request deletion as described below, subject to legal retention requirements.

11Data security

We use administrative, technical, and organizational measures designed to protect personal information, including access controls, encryption in transit, scoped credentials, and authentication on our service endpoints. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of a breach affecting your personal information, we will notify you and the relevant authorities as required by law.

12Your privacy rights

Depending on where you live, you may have rights to: access the personal information we hold about you; correct inaccurate information; delete your information; restrict or object to certain processing; data portability; and withdraw consent. Residents of the EEA/UK (under the GDPR) and of California (under the CCPA/CPRA) and other regions may have specific statutory rights, including the right not to be discriminated against for exercising them, and the right to lodge a complaint with a supervisory authority.

We do not sell or "share" personal information as those terms are defined under California law.

To exercise your rights, contact us at admin@thecollective.icu. If your information was collected by an agent operated by one of our customers, please direct your request to that customer (the controller); we will assist them as their processor.

13International data transfers

We and our service providers may process and store information in countries other than where you live, including the United States. Where we transfer personal information internationally, we take steps to ensure appropriate safeguards are in place as required by applicable law.

14Children's privacy

The Services are intended for businesses and individuals aged 18 and over. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will delete it.

15Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, provide additional notice. Your continued use of the Services after changes take effect constitutes acceptance of the updated policy.

16Contact us

If you have questions or requests regarding this policy or your personal information, contact us at:

The Collective
Email: admin@thecollective.icu
Entity: The Collective Technologies LLC
Address: Saint Louis, MO 63116