Privacy Policy

Stellar ("Stellar," "we," "us," or "our") operates the Stellar platform, website (stellar.ai), and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service.

Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you voluntarily provide when you register for an account, subscribe to a plan, contact us, or otherwise interact with the Service:

• Account Information: Name, email address, company name, phone number, and password when you create an account.
• Billing Information: Payment method details processed through our third-party payment processors (Stripe and Polar.sh). We do not store full credit card numbers on our servers.
• Knowledge Base Content: Documents, files, text, and other materials you upload to train your AI voice agents.
• Contact Lists: Names, phone numbers, email addresses, and other contact details you provide for your leads, customers, or event attendees.
• Agent Configuration: Prompts, scripts, voice settings, workflow configurations, and other settings you create for your AI voice agents.
• Communications: Messages, feedback, and correspondence you send to us via email, contact forms, or support channels.

1.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information:

• Call Data: Call recordings, transcripts, call duration, call outcomes, timestamps, and metadata associated with voice calls made by your AI agents.
• Usage Data: Pages visited, features used, click patterns, session duration, API calls made, minutes consumed, and other interaction data.
• Device & Browser Information: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
• Cookies & Tracking Technologies: We use cookies, web beacons, and similar technologies to maintain sessions, remember preferences, and analyze usage patterns.

1.3 Information from Third-Party Integrations

When you connect third-party services to Stellar, we may receive information from those services:

• Google Calendar: Calendar event details to enable appointment booking and event confirmation features.
• CRM Integrations: Contact records, deal information, and other CRM data you authorize us to access.
• Communication Tools: Notification and workflow data required to deliver real-time alerts and automate actions you configure.
• OAuth Authentication: Basic profile information (name, email) when you sign in using Google OAuth.

2. How We Use Your Information

• Provide and Maintain the Service: To operate your AI voice agents, process calls, deliver transcripts, manage your knowledge base, and provide the core functionality of the platform.
• Account Management: To create and manage your account, process subscriptions, handle billing, and provide customer support.
• AI and Voice Processing: To power AI conversations using speech-to-text, text-to-speech, and large language model technologies.
• Improvements and Analytics: To understand usage patterns, diagnose technical issues, improve Service performance, and develop new features.
• Communications: To send transactional emails, onboarding sequences, and, with your consent, product updates and marketing communications.
• Security and Fraud Prevention: To detect, prevent, and respond to security incidents, fraud, and abuse.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

• Service Providers: We share data with third-party service providers who assist us in operating the Service, including Vapi (voice infrastructure), OpenAI (language models and embeddings), Supabase (database and auth), Stripe/Polar.sh (payments), Resend (email), Vercel (hosting), and Railway (API hosting).
• Legal Requirements: We may disclose your information if required to do so by law or in response to valid legal processes.
• Protection of Rights: We may disclose information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our Terms of Service or suspected fraud.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
• With Your Consent: We may share your information with third parties when you have given us explicit consent.

4. Data Retention

• Account Data: Retained for the duration of your account. Upon deletion, personal data is removed within 30 days.
• Call Recordings & Transcripts: Retained according to your account settings. Default retention is 90 days.
• Contact Data: Retained for as long as you maintain your account.
• Billing Records: Retained for up to 7 years as required by tax regulations.

5. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS 1.2+), encryption at rest (AES-256-GCM for sensitive data), Row-Level Security for account isolation, and API rate limiting. While we use commercially reasonable efforts to protect your information, no method of electronic transmission or storage is 100% secure.

6. Your Rights and Choices

Depending on your location, you may have rights to access, correct, delete, or port your personal information, and to opt out of marketing communications. For GDPR (EEA/UK) and CCPA/CPRA (California) residents, additional rights apply as described by those regulations. To exercise any rights, contact us at privacy@stellar.ai.

7. TCPA Compliance

Stellar takes TCPA compliance seriously. You are responsible for obtaining proper consent from individuals before initiating automated calls through our platform. Stellar enforces business hour restrictions and provides tools to help you manage consent status and honor opt-out requests.

8. Cookies

We use essential cookies (authentication, security), functional cookies (preferences), and analytics cookies (usage patterns). You can control cookies through your browser settings, though disabling them may affect functionality.

9. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children under 18. If you believe we may have collected information from a child, contact us at privacy@stellar.ai.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy, contact us at privacy@stellar.ai or hello@stellar.ai.