Privacy Policy

Account & Identity Information

Examples include: name, business name, email address, phone number, physical business address, website, operating hours, and service categories.

Payment & Billing Information

Examples include: billing address, subscription tier, usage metrics, and payment method tokens processed by our payment processor (e.g., Stripe).

We do not store full credit card numbers.

Lead & Customer Data

Examples include: customer names, phone numbers, email addresses, project details, scheduling preferences, and conversation context provided through connected third-party platforms or direct communications initiated by customers.

Communication Records

Examples include: SMS or MMS content, call metadata, call recordings (where enabled), AI-generated responses, delivery status, timestamps, and associated media files.

Verification & Security Data

Examples include: phone number ownership and verification logs, IP addresses, device identifiers, login events, authentication logs, and third-party messaging identifiers (e.g., Twilio SIDs).

Usage & Behavioral Data

Examples include: pages viewed, feature usage, response timing, workflow activation, and aggregated performance or experimentation metrics.

Technical Data

Examples include: IP address (IPv4/IPv6), browser type, operating system, device type, screen resolution, time zone, and referral source.

Media Files (MMS)

We may temporarily download and store media files (such as images, videos, audio, or documents) transmitted through customer messages to support communication delivery, quality assurance, security, and compliance.

Media files are generally retained for a limited period (typically up to 7 days, unless longer retention is required for legal, security, or dispute-resolution purposes). We may analyze content using automated systems to detect spam, abuse, fraud, or policy violations.

We reserve the right to delete media files at any time in accordance with our data retention practices.

3.1 Lead Marketplaces & Advertising Platforms

Depending on the services you connect, we may receive the following categories of data:

3.2 Communications Infrastructure

Crewy does not independently initiate outbound marketing communications. Communications handled through the Platform are performed according to your configuration and in response to consumer-initiated interactions, subject to applicable laws and third-party platform rules.

3.3 AI & Processing Providers

AI service providers (e.g., OpenAI, Google Gemini, or similar)

• Prompt context and configuration data
• Generated responses and system outputs
• Model usage and performance logs

AI providers process data only to generate responses or improve system reliability, subject to contractual safeguards and applicable privacy obligations.

3.4 Payments & Billing

Stripe (or other payment processors)

• Subscription status and billing metadata
• Transaction identifiers and usage events

Crewy does not store full payment card numbers.

3.5 Data Storage & Retention

Data received through connected integrations — including lead details and conversation history — is stored within your account to provide automation, analytics, compliance support, and historical reference. Retention periods vary based on legal, operational, and contractual requirements.

You may disconnect integrations at any time. However, previously received data may be retained where required for compliance, dispute resolution, or legitimate business purposes.

5.1 Service Providers and Integrations

We may share data with the following categories of recipients:

5.2 Aggregated and De-Identified Data

We may use or share aggregated or de-identified data for analytics, research, product improvement, and business insights. Such data does not identify individual users or consumers.

5.3 Business Transfers

If Crewy is involved in a merger, acquisition, financing, reorganization, or sale of assets, your information may be transferred as part of that transaction, subject to this Privacy Policy or a successor policy offering comparable protections.

6.1 Platform Capabilities

Depending on your configuration, the Platform may:

• Notify you or your team when a new lead or request is received
• Assist with drafting or sending messages in response to inbound customer requests
• Forward calls to your verified business number
• Enable two-way messaging using your connected phone number
• Send AI-assisted or automated SMS replies where explicitly enabled by you

All communication features are controlled by your account settings and may be enabled or disabled at any time.

6.2 Consent and Lawful Use

You are solely responsible for ensuring that all communications sent using the Platform comply with:

• The Telephone Consumer Protection Act (TCPA)
• The Telemarketing Sales Rule (TSR)
• State do-not-call laws
• Carrier and marketplace rules (e.g., Twilio, Yelp, Thumbtack)

You represent and warrant that you have obtained all required consumer consent before sending any automated or AI-assisted messages or calls.

Crewy does not independently collect consumer opt-in outside of marketplace-initiated service requests, does not generate recipient lists, and does not independently verify the existence of such consent. Crewy relies on the service professional to ensure lawful use of messaging features.

6.3 Opt-Out Handling

The Platform supports opt-out mechanisms, including:

• Replying STOP to SMS messages
• Disabling features within your dashboard
• Contacting privacy@crewy.ai for platform-level restrictions

Consumers may also reply HELP where supported by the messaging configuration.

You are responsible for honoring consumer opt-out requests promptly and across all communication channels.

6.4 Call Recording and Message Logging

Where enabled:

• Calls and messages may be logged for delivery, quality assurance, security, and compliance purposes
• Recording features are configurable and subject to applicable consent and notice laws

You are responsible for complying with all state and federal recording and disclosure requirements.

6.5 SMS Communications, Consumer Opt-In & A2P 10DLC Compliance

Consumer-Initiated Contact

SMS communications sent through the Platform occur only after a consumer has submitted a service request and provided contact information for the purpose of receiving responses related to that request.

Crewy does not purchase, generate, scrape, compile, or otherwise obtain consumer phone numbers independently.

Nature of Messages

Messages sent through the Platform are transactional or conversational in nature and may include:

• Responses to service inquiries
• Scheduling coordination
• Quote delivery
• Follow-up questions related to the requested service
• Appointment confirmations or reminders

The Platform is not designed for bulk marketing campaigns, purchased lists, or cold outreach.

Telecommunications Provider Disclosure

SMS and voice communication services are provided through third-party telecommunications providers such as Twilio Inc. Message and call data (including phone numbers, message content, timestamps, and routing information) are transmitted through such providers solely for delivery and infrastructure purposes and are processed in accordance with their applicable privacy policies.

Mobile Information Protection

Mobile phone numbers, SMS content, and related opt-in data are not sold, rented, or shared with third parties or affiliates for marketing or promotional purposes. No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; such information will not be shared with any third parties except as required for message delivery, infrastructure operation, compliance, or legal obligations.

A2P 10DLC Registration

For SMS services in the United States, each service professional using SMS functionality is registered under an individual A2P 10DLC campaign through Twilio or another authorized telecommunications provider. Messaging is transmitted only through registered Messaging Services in compliance with applicable carrier rules and industry standards.

Recordkeeping

Message delivery logs, opt-out records, and associated metadata (including timestamps and message identifiers) are retained as required for carrier compliance, dispute resolution, fraud prevention, and legal defense.

Consumer Consent Disclosure

When a consumer submits a service request through a supported marketplace or directly to a service professional, they provide their contact information for the purpose of receiving responses related to their inquiry. Messaging frequency varies based on the consumer's request and ongoing service communication. Message and data rates may apply according to the consumer's mobile carrier plan.

6.6 Your Responsibility

You acknowledge and agree that:

• You control when and how communications are sent
• You are the sender of record for customer communications
• You are solely responsible for obtaining required consent
• You are responsible for compliance with TCPA, TSR, state telemarketing laws, carrier rules, and marketplace policies

Crewy acts solely as a technical service provider and is not liable for violations arising from your configuration or use of communication features.

Verification Process

• We initiate a verification call via Twilio to the phone number you provide.
• You answer the call and enter the spoken verification code.

This process confirms that you control the phone number and are authorized to use it for Platform communications.

Logged Records

For compliance, security, fraud prevention, and legal defense purposes, we log and retain the following records:

Purpose of Logging

These records are maintained for:

• Fraud prevention
• Phone number ownership verification
• TCPA and regulatory compliance
• Defense against carrier, consumer, or regulatory disputes

Restrictions

Verified caller ID numbers may only be used in accordance with:

• Applicable laws and regulations (including TCPA and TSR)
• Carrier requirements
• Third-party platform policies (e.g., Twilio, Yelp, Thumbtack)

Any attempt to use unverified, spoofed, or unauthorized phone numbers is strictly prohibited and may result in immediate suspension or termination.

AI Messaging Capabilities

How Auto-Send Works (Your Full Control)

• All auto-send features are opt-in only
• Default state is OFF for all new accounts
• Each channel (SMS, calls, quotes) is enabled independently via Settings → Automation
• You may pause, edit, disable, or cancel any AI action before or during execution
• AI-generated content may be reviewed, modified, or replaced manually at any time
• Crewy does not require or enforce auto-sending to use the Platform

Accuracy and Compliance Disclaimer

AI-generated messages may be inaccurate, incomplete, non-compliant, or inconsistent with your brand, carrier rules, marketplace policies, or applicable laws.

Crewy:

• Does not pre-screen AI messages for TCPA, TSR, carrier, or marketplace compliance
• Does not guarantee legal, regulatory, or platform compliance
• Does not determine whether consent exists for any recipient

Your Responsibility

You acknowledge and agree that:

• You are solely responsible for all messages and calls sent through the Platform, whether AI-generated or manual
• You are solely responsible for obtaining all required consents before enabling AI messaging or calling
• You are responsible for compliance with TCPA, TSR, carrier rules, and third-party platform policies (e.g., Twilio, Yelp, Thumbtack)
• Crewy is not liable for violations arising from your use of AI-powered messaging features

No Agency or Decision Authority

Crewy acts solely as a technical service provider. AI features execute instructions only as configured by you and do not represent independent decision-making, intent, or discretion by Crewy.

Types of Technologies Used

Your Controls

You may control or limit the use of non-essential cookies through:

• Our cookie consent banner (where available)
• Your browser settings
• Third-party opt-out mechanisms (e.g., Google Analytics Opt-Out)

Disabling certain cookies may impact functionality or performance of the Platform.

Your Rights May Include

How to Submit a Request

To exercise any applicable privacy right:

• Email privacy@crewy.ai with the subject line "Privacy Rights Request"
• Include your account email address, the specific request you are making, and sufficient information to verify your identity
• We may require additional verification to protect your data
• We will respond within 45 days, as required by law (extensions may apply where permitted)

Additional Information

• Requests may be denied or limited where retention is required for legal compliance, security, fraud prevention, billing, dispute resolution, or enforcement of our agreements
• Reasonable fees may apply for excessive, repetitive, or manifestly unfounded requests, where permitted by law
• Authorized agents may submit requests on your behalf with proper documentation

Retention Periods

Deletion Practices

• Deletion requests are honored only when legally permissible
• Certain data cannot be deleted where retention is required for: legal or regulatory compliance; TCPA, TSR, or consent recordkeeping; fraud prevention and security; billing, accounting, or dispute resolution
• Backup systems may retain deleted data for up to 90 additional days
• Anonymized or aggregated data may be retained indefinitely

Important Security Disclaimers

Despite these measures:

• No system is completely secure
• Security incidents or data breaches may occur
• You acknowledge and assume the risk inherent in using internet-based services
• Our liability, if any, is limited as described in our Terms of Service

Security measures may change over time as technologies and threats evolve.

Security Reporting

Suspected vulnerabilities, incidents, or security concerns must be reported promptly to: privacy@crewy.ai

Additional Notes

• Transactional communications are necessary to operate, secure, and administer your account.
• Marketing emails may be sent only where legally permitted and can be withdrawn at any time.
• Message delivery is not guaranteed; users are responsible for monitoring spam or junk folders.
• You are responsible for keeping your contact information accurate and up to date.

15.1 Currently Integrated Lead Sources

The Platform currently supports integration with the following lead and communication sources:

• Yelp – Customer inquiries and business messaging
• Thumbtack – Project requests, quotes, and structured lead data
• Google Calendar – Availability checking and scheduling coordination
• Google Sheets – Dynamic business data used for AI-assisted responses
• Twilio – SMS and voice communication infrastructure

15.2 Future Platform Support

We may add support for additional third-party platforms and marketplaces, including but not limited to:

• Angi (formerly Angie's List)
• HomeAdvisor
• Other local service or lead-generation marketplaces

Any future integrations will be subject to the applicable platform's terms, permissions, and technical constraints.

15.3 Platform-Agnostic Features

Across supported platforms, the Platform provides the following unified functionality:

• A single dashboard for managing leads from multiple sources
• AI-assisted reply generation and optional automation, subject to platform rules
• Centralized notifications (email, SMS, in-app)
• Unified analytics and reporting
• Consolidated billing and usage tracking

15.4 Platform-Specific Constraints and Automation Behavior

Different lead sources impose unique constraints on data availability, communication methods, response timing, and permitted automation behavior. The Platform enforces these constraints by design.

15.5 Multi-Platform Data Handling and Separation

• Customer and lead data from different platforms is not merged or auto-matched
• Each lead retains its original source attribution
• Automation and communication settings may be configured per-platform or globally
• The Platform does not automatically identify or link repeat customers across platforms
• You are responsible for managing duplicate leads or customer recognition across sources

16.1 AI Systems Used

The Platform uses third-party artificial intelligence providers to assist with content generation and automation, including:

• OpenAI (GPT models)
• Google Gemini
• Grok (xAI)

These systems operate only in connection with features you explicitly enable.

AI functionality may include:

• Generating draft or automated responses to customer inquiries
• Creating telephone call scripts
• Drafting follow-up messages
• Suggesting responses based on your business inputs, rules, and prompts

16.2 How AI Uses Your Data

Input Data Provided to AI Systems

Depending on your configuration and connected integrations, AI systems may process:

• Customer inquiries and lead details
• Your business profile information
• Your custom prompts, instructions, and preferences
• Full conversation history related to a lead
• Calendar availability (if connected)
• Google Sheets data (if connected)
• AI configuration settings (tone, length, delay, instructions)

Data is processed solely to generate responses or perform enabled automation.

AI Training and Model Improvement

• Third-party AI providers may process submitted data in accordance with their contractual terms and privacy policies. Where supported by the provider, Crewy may request opt-out from data use for model training.
• We may share anonymized or aggregated data with AI providers for system improvement and analytics
• You may request opt-out of AI training use where supported by the provider by emailing privacy@crewy.ai
• Provider data handling, retention, and training practices are governed by their respective privacy policies and terms

We do not control how third-party AI providers store, retain, or further process data once transmitted to them.

16.3 AI Content Accuracy and Limitations

Important Disclaimers

You acknowledge and agree that:

• AI-generated content may be inaccurate, incomplete, misleading, or inappropriate
• AI may misunderstand context, intent, or platform-specific rules
• AI may generate responses that violate marketplace policies or legal requirements
• AI does not exercise human judgment

Your Responsibilities

You are solely responsible for:

• Reviewing and configuring prompts, rules, and automation settings
• Monitoring AI output and behavior
• Ensuring compliance with applicable laws, platform rules, and your internal policies
• Disabling automation when necessary

16.4 Your Control Over AI

Customization and Controls

You may:

• Create and edit custom prompts and instructions
• Define tone, length, timing, and response logic
• Control what business data is shared with AI
• Enable or disable AI features per account, per platform, or globally

Disabling AI

• AI auto-reply and automation features may be disabled at any time
• Manual mode allows you to review and send all responses yourself
• Previously generated AI content may be retained for records, compliance, analytics, or audit purposes

Email

All requests should be sent to: privacy@crewy.ai

Please use one of the following subject lines to help us route your request:

• "TCPA OPT-OUT"
• "Privacy Rights Request"
• "Verification Dispute"
• "Security Incident"

Mailing Address

Response Times

• TCPA-related requests: within 2 business days
• Privacy rights requests: within 45 days, as required by law (extensions may apply where permitted)
• Requests submitted through unauthorized channels or without sufficient information for verification may not receive a response.