Privacy Policy

Introduction

Spark ("Spark," "we," "us," or "our") operates the Spark platform at runspark.ai and app.runspark.ai. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website, use our platform, or receive communications sent through our platform on behalf of businesses that use Spark.

By using our services or receiving messages sent through Spark, you agree to the practices described in this policy.

Information We Collect

Information You Provide Directly:

• Account registration information (name, email address, password)
• Business and workspace information (company name, industry, team members)
• Payment and billing information (processed securely through Stripe; we do not store full credit card numbers)
• API keys you provide for third-party integrations (encrypted at rest using AES-256-GCM)
• Content you upload to the platform (documents, knowledge base files, agent configurations)

Information Collected Through Businesses Using Spark:

• Contact information submitted by leads and customers through business websites (name, email, phone number)
• SMS message content sent and received through the platform
• Call recordings and transcriptions made through the platform's dialer feature
• Conversation history between contacts and AI agents or human team members

Information Collected Automatically:

• Device and browser information (IP address, browser type, operating system)
• Usage data (pages visited, features used, timestamps)
• Cookies and similar tracking technologies for authentication and analytics

How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Spark platform
• Send and receive SMS messages on behalf of businesses using our platform
• Facilitate AI-powered conversations between businesses and their leads or customers
• Process transactions and manage billing
• Provide customer support
• Improve and develop new features
• Comply with legal obligations
• Protect against fraud, abuse, and unauthorized access

SMS Messaging

Spark sends SMS messages on behalf of businesses that use our platform. If you receive an SMS sent through Spark:

• Opt-In: You opted in to receive messages by providing your phone number through the business's website, contact form, or other intake method with a disclosure that you consent to receive text messages.
• Message Frequency: Message frequency varies based on your interactions with the business.
• Message and Data Rates: Standard message and data rates from your wireless carrier may apply.
• Opt-Out: You can opt out of receiving messages at any time by replying STOP to any message. You will receive a confirmation and no further messages will be sent.
• Help: Reply HELP to any message for support information.
• No messages will be sent to you for marketing purposes without your prior consent.

We do not sell, rent, or share phone numbers or SMS message content with third parties for their marketing purposes.

How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

• With Businesses Using Spark: Contact information and conversation data are accessible to the business workspace that manages your relationship. Spark acts as a service provider on behalf of these businesses.
• Service Providers: We use third-party services to operate the platform, including:
  • Supabase (database and authentication)
  • Stripe (payment processing)
  • Twilio (SMS messaging and voice calls)
  • Deepgram (call transcription)
  • AI model providers (Anthropic, OpenAI, Google) for AI-powered features
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or government request.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Data Security

We implement industry-standard security measures to protect your information:

• All data transmitted to and from our platform is encrypted in transit (TLS/HTTPS)
• Sensitive credentials and API keys are encrypted at rest using AES-256-GCM
• Agent containers run with restricted permissions and resource limits
• Access to platform infrastructure is restricted to authorized personnel
• We conduct regular security reviews of our systems

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Data Retention

• Account and workspace data is retained for as long as your account is active.
• SMS messages and conversation history are retained for as long as the business workspace exists on our platform.
• Call recordings are retained according to the business's workspace settings.
• If you request deletion of your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law.
• Contacts can request data deletion by contacting the business that manages their information or by emailing us at admin@runspark.ai.

Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal information we hold about you
• Correct inaccurate personal information
• Request deletion of your personal information
• Opt out of SMS communications (reply STOP)
• Withdraw consent for data processing

To exercise these rights, contact us at admin@runspark.ai.

Children's Privacy

Spark is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by posting the updated policy on this page with a revised "Last Updated" date. Your continued use of the platform after changes constitutes acceptance of the updated policy.