Privacy Policy

This Privacy Policy explains how TimeSurge Labs collects, uses, discloses, and protects information when you visit https://timesurgelabs.com, submit an inquiry, use our dashboard, route calls through our voice agent application, receive or send communications through our services, or otherwise interact with us.

TimeSurge provides lead response, missed-call recovery, voice agent, call routing, SMS and email notification, dashboard, call recording, transcription, summary, appointment, customer record, and workflow automation services for businesses. Because our services process communications between businesses and their customers or callers, this Policy applies to website visitors, prospective customers, customer account users, callers, message recipients, and other people whose information is processed through the services.

Where we process information on behalf of a business customer, that customer is responsible for its own privacy notices, consent practices, and legal obligations. TimeSurge acts as a service provider or processor for many of those activities, while also processing certain information for our own business operations, security, support, billing, and compliance purposes.

We collect information you provide directly, including name, business name, email address, phone number, service type, messages submitted through the website, account credentials, dashboard profile details, business settings, owner contact information, scripts, prompts, intake questions, routing rules, webhook URLs, calendar settings, and support communications.

When the voice agent services are used, we may collect call metadata, caller phone numbers, called numbers, account routing information, timestamps, call status, recording identifiers, recording URLs or media, recording duration, recording channel details, transcripts, summaries, AI-generated structured summaries, customer names, customer phone numbers, customer email addresses, business names, addresses, notes, urgency details, service interests, unanswered questions, action items, appointment requests, appointment times, calendar event identifiers, playback links, and dashboard activity history.

When SMS, email, webhook, calendar, or form follow-up features are enabled, we may collect message content, delivery status, message identifiers, recipient and sender information, email subjects and bodies, webhook payloads, calendar availability, event details, attendees, and related operational logs.

We also collect technical information automatically, such as IP address, device and browser information, pages visited, request headers, approximate location inferred from IP address, timestamps, referrer information, security challenge results, logs, diagnostic data, and information needed to prevent abuse and maintain the website and services.

We collect information from you, from businesses that configure or use the services, from callers and message recipients who interact with the voice agent or communication workflows, from connected integrations, from service providers, and from automatically generated logs and operational systems.

Connected integrations may include telephony providers, AI providers, database and storage providers, hosting providers, calendar providers, SMS providers, email providers, automation tools, security tools, analytics tools, and customer-provided webhook destinations. The information we receive depends on the features enabled and the permissions granted.

We use information to provide, operate, maintain, secure, troubleshoot, support, and improve the website and services. This includes routing calls, connecting calls to a voice agent, applying account-specific scripts, forwarding calls to owners or employees, recording calls where enabled, transcribing recordings, summarizing transcripts, creating customer records, creating appointment records, sending owner notifications, sending SMS or email messages, delivering webhook payloads, and displaying dashboard records.

We use inquiry and account information to respond to requests, perform missed-call audits, onboard customers, configure workflows, provide support, manage accounts, send administrative messages, process billing, enforce agreements, and communicate about service changes.

We use technical and usage information to monitor reliability, debug errors, prevent fraud or abuse, protect accounts, verify security challenges, comply with law, enforce our terms, and understand how the website and services are used.

We may use aggregated, de-identified, or anonymized information for analytics, research, product improvement, reporting, and business planning, provided it does not identify you or your customers.

The voice agent services use AI systems to generate real-time conversational responses, follow account-specific instructions, transcribe audio, summarize calls, structure lead details, identify action items, and assist with workflow automation. Information processed by AI systems may include caller audio, transcripts, account scripts, business information, customer details, appointment details, and operational context needed to complete the configured task.

AI-generated transcripts, summaries, structured lead details, and other outputs may be inaccurate or incomplete. Business customers should review AI output before relying on it for customer follow-up, scheduling, quoting, dispatch, legal compliance, or business decisions.

We do not intentionally use customer call recordings, transcripts, or business records to train third-party public AI models unless permitted by the applicable provider terms, customer agreement, or customer instruction. Provider-specific processing terms may apply depending on the configured services.

If call recording is enabled, calls may be recorded, downloaded from the telephony provider, uploaded to storage, transcribed, summarized, and displayed in the dashboard. Recording and monitoring laws vary by state, country, and context.

Business customers are responsible for determining when notice or consent is required and for providing all legally required notices and obtaining all legally required consents before using call recording, transcription, monitoring, or analytics features. Customers are also responsible for honoring opt-out, deletion, access, and other rights that apply to their callers and customers.

If you are a caller or message recipient and have questions about a business's use of TimeSurge, you may need to contact that business directly because it controls the relationship with you and the purpose for processing your information.

We disclose information to service providers and subprocessors that help us operate the website and services, including telephony, AI, hosting, database, storage, email, SMS, calendar, automation, analytics, security, logging, payment, and support providers. These providers process information according to their roles and contractual obligations.

We disclose information to the business customer that owns or administers the relevant account, including dashboard users, account administrators, owners, employees, contractors, and webhook destinations configured by that customer. For example, call summaries, transcripts, customer details, appointment records, and owner notifications may be made available to the customer's authorized users or systems.

We may disclose information to comply with law, legal process, governmental requests, enforce our agreements, protect rights and safety, prevent fraud or abuse, investigate security incidents, collect amounts owed, or complete a business transaction such as a merger, acquisition, financing, reorganization, or sale of assets.

We do not sell personal information for money. We also do not knowingly share personal information for cross-context behavioral advertising as those terms are used in California privacy law.

The website and services may use cookies, local storage, pixels, logs, and similar technologies to operate the site, remember sessions, protect forms, prevent abuse, measure usage, and improve performance.

The website contact form may use Cloudflare Turnstile or similar security tools to verify that submissions are legitimate and to protect against spam and abuse. These tools may process IP address, browser information, challenge results, and related technical data.

You can control cookies through your browser settings, but disabling cookies or similar technologies may affect website or dashboard functionality.

If you submit an inquiry, create an account, or use the services, we may send service-related messages, support responses, onboarding communications, administrative notices, billing notices, security alerts, and other operational communications.

If SMS or email workflows are configured by a business customer, TimeSurge may send messages to owners, employees, customers, or callers as directed by the account settings and workflow rules. The business customer is responsible for obtaining required consent, honoring opt-out requests, and complying with messaging laws and carrier rules.

You may opt out of marketing communications where applicable, but we may still send non-marketing administrative or transactional communications.

We retain information for as long as needed to provide the services, operate the dashboard, support customers, maintain records, comply with legal obligations, resolve disputes, enforce agreements, prevent abuse, and maintain backups. Retention periods may vary by data type, customer configuration, legal requirements, provider limitations, and operational needs.

Call recordings, transcripts, summaries, customer records, appointment records, activity events, webhook logs, and account settings may remain available in the dashboard until deleted, exported, replaced, or retained according to the applicable customer agreement and service configuration.

Backup copies and logs may persist for a limited period after deletion from active systems. We may retain de-identified, aggregated, or anonymized information where permitted by law.

We use reasonable administrative, technical, and organizational safeguards designed to protect information from unauthorized access, loss, misuse, alteration, and disclosure. Safeguards may include access controls, authentication, provider security controls, logging, encrypted connections, and operational review.

No method of transmission or storage is completely secure. You are responsible for protecting your account credentials, managing user access, using secure webhook destinations, maintaining integration credentials, and notifying us promptly of suspected unauthorized access.

TimeSurge is based in the United States, and information may be processed in the United States and other locations where we or our service providers operate. If you access or use the services from outside the United States, you understand that information may be transferred to and processed in countries that may have different privacy laws than your location.

Depending on your location and relationship to TimeSurge, you may have rights to request access, correction, deletion, portability, restriction, objection, or withdrawal of consent. You may also have the right to appeal certain decisions or lodge a complaint with a privacy authority.

If you are an account customer or dashboard user, you can contact us through the website to request assistance with account information or service records. If your information was processed because you contacted a business that uses TimeSurge, please contact that business first because it may control the relevant account and determine how your information is used.

We may need to verify your identity and authority before fulfilling a request. We may decline or limit requests where permitted by law, including when information must be retained for legal, security, operational, or contractual reasons.

For California residents, the categories of personal information we may collect include identifiers, customer records information, commercial information, internet or electronic network activity, audio information, professional or employment-related information, inferences from service usage, and sensitive personal information only where necessary for the services and provided or generated through customer workflows.

We collect these categories for the purposes described in this Privacy Policy, including providing services, communications, security, support, compliance, and business operations. We disclose these categories to service providers, business customers, authorized account users, configured integrations, and other parties described in this Policy.

We do not sell personal information for money and do not knowingly share personal information for cross-context behavioral advertising. California residents may request access, deletion, correction, and information about our practices, subject to legal limitations. We will not discriminate against you for exercising privacy rights.

The services are intended for businesses and are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us so we can review and delete it where appropriate.

We may update this Privacy Policy from time to time. The updated version will be posted at https://timesurgelabs.com/privacy with a revised effective date. Changes are effective when posted unless the updated Policy states otherwise.

Your continued use of the website or services after an updated Policy becomes effective means the updated Policy applies to information collected and processed after that date.

Questions, requests, or concerns about this Privacy Policy may be sent through the contact form at https://timesurgelabs.com. Please include your name, business name if applicable, contact information, and enough detail for us to understand and respond to your request.