§ 1 Who We Are and Who This Policy Covers

1.1 About Phonewire. Phonewire, Inc. (“Phonewire,” “we,” “us,” or “our”) is a Missouri S-Corporation that provides business telephone systems, VoIP services, SIP trunking, voicemail transcription, elevator phone services, paging and intercom systems, and related telecommunications services and equipment. Our principal contact address is 120 S Central Ave Ste 400, Saint Louis, Missouri 63105-1705. Our websites include www.phonewire.com, phonewire.net, and www.phonewire.cloud (collectively, the “Sites”).

1.2 B2B Context. Phonewire sells exclusively to businesses. The information we collect is primarily business contact information, service configuration data, and information related to our commercial relationships with business customers. We do not target consumers purchasing goods or services for personal, family, or household use. References to “you” in this Policy refer to business entities, their authorized representatives, employees, and other individuals who interact with us in a commercial or professional capacity.

1.3 Scope. This Policy applies to information collected through our Sites, through our services, through direct communications (phone, email, in-person), through AI-powered tools and automated systems we use to facilitate communications and service delivery, and through third-party sources in connection with our business operations. It does not govern information collected under a separate data processing agreement or business associate agreement that we may execute with specific customers.

§ 2 Information We Collect

We collect the following categories of information in the course of our business operations:

2.1 Business Contact Information. Names, job titles, business email addresses, business phone numbers, and business mailing addresses of individuals associated with customer accounts, prospective customers, vendors, and partners.

2.2 Account and Transaction Information. Order history, service agreements, payment records (but not full payment card numbers — see § 2.7), service configurations, support tickets, and other records generated in the course of providing services or equipment.

2.3 Technical and Service Data. Data generated by or related to the services we provide, including:

• Call detail records (CDRs) — including originating and terminating numbers, call duration, date and time, and call disposition
• Voicemail audio and voicemail transcription content, including transcriptions generated by automated AI transcription systems
• System logs, configuration data, and diagnostic information related to equipment and services we install or manage
• IP addresses and network identifiers associated with customer equipment or service accounts

2.4 Website Usage Data. Information collected automatically when you visit our Sites, including IP address, browser type and version, operating system, pages visited, time on page, referring URL, and similar technical information. We use this data for website analytics, security, and improving user experience.

2.5 Communications Data. Records of communications between you and Phonewire, including emails, phone calls (which may be recorded for quality assurance with appropriate notice), support tickets, chat transcripts — including transcripts from AI-powered chatbot and automated assistant interactions — SMS messages, and other correspondence. Communications may be processed, summarized, classified, or transcribed by AI Tools as described in § 2.10.

2.6 Marketing and Inquiry Data. Information you provide when requesting a quote, scheduling a consultation, submitting a contact form, or engaging with marketing communications, including business name, contact information, and the nature of your inquiry.

2.7 Payment Information. We collect billing address, invoice data, and payment method type (e.g., check, ACH, credit card). Full credit card and bank account numbers are processed by PCI-compliant third-party payment processors and are not stored on our systems.

2.8 Customer Work Documentation, Testimonials, and Marketing Content. In the course of providing our services, we may document our work through installation photography, job site imagery, before-and-after photos, video footage, system configuration demonstrations, and written or recorded descriptions of projects completed at customer locations. We may also receive or solicit testimonials, case study content, quotes, and referrals from customers.

We may use such content — including your company name, your company’s logo or trade name, general descriptions of products and services we provided, installation and job site photographs, tutorial and demonstration videos, project summaries, and statements or quotes you provide — for commercial and promotional purposes including without limitation: commercial and YouTube videos; display of your company logo or name in marketing materials, on our Sites, and in advertising; radio and podcast advertising; tutorial and demonstration videos; customer reference and portfolio lists; website photographs and imagery; press releases; written or video interviews; social media marketing posts and campaigns; case studies; and other promotional, advertising, or public relations purposes (collectively, “Marketing Content Uses”).

By engaging Phonewire’s services, you consent to Marketing Content Uses of your business identity and work documentation on behalf of your organization. Written authorization is not required for each individual use. Phonewire’s right to use your company’s logo and trade name in marketing materials constitutes a limited, non-exclusive license granted under and subject to Phonewire’s Terms and Conditions (phonewire.com/terms). If you wish to opt out of future Marketing Content Uses, notify us in writing at [email protected]. Opt-out requests will be honored on a prospective basis and do not require removal of content that has already been published, distributed, broadcast, or posted. For identifiable photographs or videos of specific named individuals, those individuals may submit a separate opt-out request to [email protected]. By voluntarily participating in a recorded interview, video shoot, podcast, or similar production arranged by Phonewire, an individual consents to Phonewire’s use of that recording for Marketing Content Uses.

2.9 Information We Do Not Intentionally Collect. We do not intentionally collect sensitive categories of personal information such as government identification numbers, health or medical information, financial account credentials, biometric data, or the personal information of individuals under the age of 13. If you believe you have provided such information in error, please contact us promptly at [email protected] so we can delete it.

2.10 AI-Processed Communications Data. When you interact with our AI-powered chatbot, automated voice systems, AI-assisted support channels, or other AI-mediated communication tools (collectively, “AI Tools” as defined in our Terms and Conditions § 22.1), we collect and process:

• Chat session transcripts and conversation logs from AI chatbot and automated assistant interactions on our Sites or support portal
• Voicemail transcriptions and call summaries generated by automated AI transcription and summarization systems
• AI-generated classifications, routing decisions, and summaries of support tickets and customer communications
• Metadata associated with AI-mediated interactions, including session timestamps, IP addresses, session identifiers, and device information

AI-processed communications data is treated as Communications Data under § 2.5 and is handled by AI platform service providers acting as data processors on our behalf, as described in § 5.2. Such data may be used to improve AI system performance and service quality, subject to data minimization practices and, where technically feasible, anonymization or de-identification prior to use in model improvement. Output generated by AI Tools — including quotes, estimates, availability statements, and other AI-generated responses — is governed by § 22 of our Terms and Conditions and does not constitute binding commitments by Phonewire except as expressly provided in those Terms.

§ 3 How We Collect Information

3.1 Directly from You. When you contact us, request a quote, place an order, create an account, use our services, or communicate with us in any other way. Providing information to us is voluntary, but some information is necessary to provide services — if you choose not to provide it, we may not be able to fulfill your request.

3.2 Automatically through Technology. Through cookies, web beacons, pixel tags, server logs, and similar technologies when you visit our Sites. See § 7 for detailed information about cookies and how to control them. We also collect data automatically through AI-powered chatbots and automated assistant tools on our Sites when you initiate or engage in a chat session.

3.3 From Third-Party Sources. We may receive business contact information from:

• Business data providers and marketing data vendors (for lead generation and prospecting)
• Payment processors, in connection with transaction processing
• Our technology and service partners, in connection with joint offerings or integrations
• Publicly available business directories and professional networks
• Government agencies or credit bureaus for business credit verification purposes

3.4 Through Service Delivery. Call detail records, voicemail content and transcriptions, support ticket data, and technical service data are generated automatically as part of providing our telecommunications services and support operations. AI Tools may further process this data as described in § 2.10.

3.5 Through Marketing and Commercial Documentation. We may collect photographs, video footage, and documentation of completed installations and job sites in the course of performing services at customer locations, for use in Marketing Content Uses as described in § 2.8.

§ 4 How We Use Information

We use the information we collect for the following purposes:

4.1 Providing and Managing Services. To fulfill orders, provision and configure services, manage customer accounts, process payments, provide technical support, and carry out all activities necessary to deliver the services and equipment you have contracted for.

4.2 Business Communications. To communicate with you about your account, service updates, maintenance notifications, invoices, renewal reminders, and other matters related to our business relationship.

4.3 Marketing and Sales. To send information about our products, services, promotions, and industry updates to existing and prospective business customers. You may opt out of marketing communications at any time — see § 11.2. We do not sell your information to third parties for their marketing purposes.

4.4 Website Improvement and Analytics. To understand how our Sites are used, identify areas for improvement, troubleshoot technical issues, and improve user experience.

4.5 Security and Fraud Prevention. To detect, investigate, and prevent unauthorized access, fraudulent activity, abuse of our services, and violations of our Terms and Conditions.

4.6 Legal Compliance and Law Enforcement. To comply with applicable laws and regulations — including FCC regulations governing telecommunications carriers, IRS and state tax requirements, and applicable data protection laws — and to respond to lawful subpoenas, court orders, or government requests.

4.7 Business Operations. For general business administration purposes including accounting, auditing, maintaining business records, and managing vendor and partner relationships.

4.8 Legal Defense and Enforcement. To establish, exercise, or defend legal claims, enforce our Terms and Conditions, and protect the rights, property, and safety of Phonewire and others.

4.9 Automated Decision-Making. We do not use personal information for automated profiling or automated decision-making that produces legal or similarly significant effects on individuals — such as decisions affecting credit, employment, legal rights, or access to financial services. The use of AI Tools for communications facilitation, support routing, transcription, and service operations described in § 4.10 constitutes operational tool use and does not constitute automated decision-making in the legal or regulatory sense.

4.10 AI Tools and Automated Communications Processing. We use AI Tools — including website chatbots, conversational assistants, voice agents, automated transcription services, ticket-classification engines, and AI-assisted support and billing systems — to facilitate customer interactions, communications routing, support delivery, and service operations before, during, and after our commercial relationship. AI Tools may generate, summarize, transcribe, route, or classify communications as described in § 2.10. The use of AI Tools in communications is further governed by § 22 of our Terms and Conditions (phonewire.com/terms). Communications processed by AI Tools may be used to improve AI system performance subject to data minimization and, where feasible, anonymization. AI Tool interactions are processed by third-party AI platform providers acting as service providers under § 5.2. AI Tool output does not constitute binding commitments by Phonewire except as expressly provided in our Terms and Conditions.

4.11 Commercial and Promotional Use of Customer Relationship Content. We use customer work documentation, business identity, and testimonials for the Marketing Content Uses described in § 2.8. This includes use of your company name, logo (subject to our Terms and Conditions), installation photography, project documentation, and testimonials in commercial videos, social media, radio, podcast, press releases, case studies, and other promotional channels without requiring written authorization for each use, subject to opt-out rights as described in § 2.8 and § 11.

§ 5 How We Share Information

5.1 We Do Not Sell Personal Information. Phonewire does not sell, rent, or lease personal information to third parties for their own marketing or commercial purposes. We do not engage in the “sale” of personal information as defined under the California Consumer Privacy Act or similar state laws.

5.2 Service Providers and Processors. We share information with third-party vendors, contractors, and service providers who perform functions on our behalf, including:

• Payment processors — to process invoices and payments
• SIP carriers and network providers — to route and complete voice calls as part of our telecommunications services
• Cloud infrastructure providers — to host our cloud-based services and systems
• CRM and business software providers — to manage customer accounts and communications
• Email marketing platforms — to deliver marketing and service communications
• Analytics providers — including Google Analytics, to analyze website usage
• AI platform providers — to power website chatbots, conversational assistants, voice transcription, automated ticket classification, AI-assisted billing and support systems, and other AI-mediated communication tools
• Professional advisors — attorneys, accountants, and other professional advisors

These service providers are permitted to use information only for the specific purpose for which it was shared and are contractually required to protect it appropriately.

5.3 FCC-Required Disclosures. As a telecommunications carrier, we may be required to disclose call records, account information, and other data in response to lawful subpoenas, court orders, or requests from law enforcement agencies in accordance with 47 U.S.C. § 222 and applicable FCC rules. See also § 6 (CPNI) for FCC-specific requirements.

5.4 Legal Requirements and Protection. We may disclose information when we believe disclosure is necessary or appropriate to: (a) comply with applicable law, regulation, or legal process; (b) respond to requests from law enforcement or government authorities; (c) enforce our Terms and Conditions; or (d) protect the rights, property, or safety of Phonewire, our customers, or others.

5.5 Business Transfers. If Phonewire is involved in a merger, acquisition, asset sale, financing, or other business transaction, customer information may be transferred as part of that transaction. We will provide notice of any such transfer to the extent required by applicable law.

5.6 With Your Consent. We may share information for any other purpose with your prior written consent.

5.7 Aggregated and De-Identified Data. We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify an individual or business for any lawful purpose, including industry research, marketing analytics, and business development.

§ 6 CPNI — Customer Proprietary Network Information

6.1 What Is CPNI. As a telecommunications carrier, Phonewire is subject to federal law governing Customer Proprietary Network Information (“CPNI”) under 47 U.S.C. § 222 and applicable FCC regulations. CPNI includes information we obtain in connection with providing telecommunications services, such as:

• The quantity, technical configuration, type, destination, location, and amount of use of your telecommunications services
• Call detail records — including numbers dialed, numbers from which calls were received, call duration, and call frequency
• Information contained in your bills for telecommunications services

6.2 How We Protect CPNI. We protect CPNI in accordance with FCC requirements, including maintaining reasonable security measures to protect CPNI from unauthorized access or disclosure. We do not disclose CPNI to third parties except as permitted or required by law, including disclosure to emergency services (E911) and lawful government requests.

6.3 Permitted Uses of CPNI. We may use CPNI to:

• Provide and maintain the telecommunications services you have subscribed to
• Protect the rights and property of Phonewire or our customers, or protect users from fraudulent, abusive, or unlawful use of our services
• Market additional telecommunications services to you that we are authorized to provide, as described in § 6.4
• Comply with applicable law, regulation, court order, or lawful government request

6.4 CPNI Marketing Authorization. Under FCC rules, we may use your CPNI to market to you the same categories of services you already receive from us (for example, using your existing voice service CPNI to offer additional voice features or SIP trunks). By accepting our Terms and Conditions or using our services, you authorize Phonewire to use CPNI for this purpose. You have the right to restrict our use of your CPNI for marketing purposes. To opt out of CPNI-based marketing, notify us in writing at [email protected]. Opting out of CPNI-based marketing does not affect our ability to use CPNI to provide and maintain your services.

6.5 CPNI Verification. Before disclosing CPNI to a customer or account representative, we will verify the identity of the requesting party in accordance with applicable FCC authentication requirements. We will not disclose CPNI over the phone without appropriate verification.

6.6 CPNI Breach Notification. In the event of an unauthorized disclosure of CPNI, we will notify the FCC and affected customers in accordance with applicable FCC regulations and timelines.

§ 7 Cookies and Tracking Technologies

7.1 What Cookies Are. Cookies are small text files placed on your device by websites you visit. We use cookies and similar technologies (including pixel tags and web beacons) to operate and improve our Sites, authenticate users, and analyze how our Sites are used.

7.2 Types of Cookies We Use.

7.3 Managing Cookies. You can manage cookie preferences through our cookie consent tool (the Preferences button in the cookie banner at the bottom of our site). You can also configure your web browser to refuse cookies, delete existing cookies, or warn you before accepting cookies. Note that disabling certain cookies may affect the functionality of our Sites, including chatbot and AI-assisted features. Your cookie preferences are stored locally and will reset if you clear your browser data.

7.4 Google Analytics Opt-Out. To opt out of Google Analytics data collection across all websites, you may install the Google Analytics Opt-out Browser Add-on available at tools.google.com/dlpage/gaoptout.

7.5 Do Not Track. Our Sites do not currently respond to browser “Do Not Track” signals. We will update this Policy if our practices change.

§ 8 Data Retention

We retain information for as long as necessary to fulfill the purposes for which it was collected, maintain our business records, comply with legal obligations, and resolve disputes. The following retention periods apply as general guidance:

When information is no longer needed, we delete it or anonymize it. Some information may be retained longer if required by applicable law, regulation, or ongoing legal proceedings.

§ 9 Data Security

9.1 Security Measures. We implement commercially reasonable technical, physical, and organizational security measures designed to protect the information we collect from unauthorized access, disclosure, alteration, or destruction. These measures include access controls, encryption of data in transit and at rest where appropriate, regular security assessments, and employee training on data handling practices. AI platform providers we use are contractually required to maintain security standards consistent with industry practice.

9.2 Limitations. No security system is completely impenetrable, and we cannot guarantee that information will never be accessed, disclosed, altered, or destroyed by a breach of any of our safeguards. Transmission of information over the internet carries inherent risks that are outside our control. You are responsible for maintaining the security of your account credentials and for promptly notifying us if you suspect unauthorized access to your account.

9.3 Payment Security. We do not store full credit card numbers or bank account credentials. Payment card transactions are handled by PCI DSS-compliant third-party processors. If you believe your payment information has been compromised, contact your financial institution immediately and notify us at [email protected].

§ 10 Data Breach Notification

10.1 Breach Response. In the event of a confirmed security breach involving personal information that creates a reasonable risk of harm to affected individuals or businesses, we will:

• Investigate and contain the breach promptly
• Notify affected customers within a reasonable time — generally within seventy-two (72) hours of confirming a reportable breach, subject to the requirements of applicable state law (including Missouri § 407.1500 RSMo and the Illinois Personal Information Protection Act)
• Report the breach to applicable regulatory authorities as required by law, including the FCC for CPNI breaches in accordance with FCC regulations
• Take reasonable steps to mitigate harm and prevent recurrence

10.2 Notification Content. Breach notifications will describe, to the extent known at the time of notice: the nature of the breach, the categories and approximate number of records affected, the likely consequences of the breach, and the measures we have taken or are taking in response.

10.3 Contact for Security Issues. To report a suspected security vulnerability or data breach, contact us immediately at [email protected] or call (800) 857-1517.

§ 11 Your Rights and Choices

11.1 Access and Correction. Business customers and their authorized representatives may request access to the account information and business contact data we hold about them. If any information is inaccurate or incomplete, you may request correction by contacting us at [email protected]. We will respond to reasonable access and correction requests within a reasonable time, subject to applicable legal limitations.

11.2 Marketing Opt-Out. You may opt out of receiving marketing communications from us at any time by:

• Clicking the “unsubscribe” link in any marketing email
• Emailing us at [email protected] with “Unsubscribe” in the subject line
• Calling us at (800) 857-1517

Opting out of marketing communications does not affect transactional, account, or service communications that we send in connection with active services.

11.3 Marketing Content Opt-Out. If you wish to opt out of future Marketing Content Uses of your business identity or work documentation as described in § 2.8 and § 4.11, submit a written request to [email protected] with “Marketing Content Opt-Out” in the subject line. Opt-out requests will be honored on a prospective basis. They do not require removal of content that has already been published, distributed, broadcast, aired, or posted prior to receipt of your request. For opt-out requests regarding identifiable images of specific individuals, those individuals should submit their requests separately to [email protected].

11.4 CPNI Restrictions. You may restrict our use of your CPNI for marketing purposes as described in § 6.4 by notifying us in writing at [email protected].

11.5 Cookie Preferences. You may manage cookie preferences through the cookie consent tool on our Sites or through your browser settings. See § 7.3 for details.

11.6 Data Deletion. Active customers may not request deletion of information that is necessary for us to provide contracted services, maintain legally required records, or comply with regulatory obligations. Following account termination, we will delete or anonymize personal information in accordance with our retention schedule in § 8, subject to legal hold requirements.

11.7 California Residents. If you are a California resident interacting with us in a personal (non-business) capacity, you may have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). Because Phonewire sells exclusively to businesses, most individuals who interact with us do so in a professional or commercial capacity, and the CCPA’s business-to-business exemptions may apply. California residents who believe they have CCPA rights with respect to personal information we hold about them in a non-business capacity may contact us at [email protected] to make a request. We will assess each request in good faith. See also our California Privacy Notice at phonewire.com/california-privacy-policy.

11.8 We Do Not Sell Personal Information. We do not sell personal information to third parties. You do not need to opt out of a sale because we do not engage in selling personal information.

§ 12 Children’s Privacy

Our Sites and services are directed exclusively to businesses and business professionals. We do not knowingly collect personal information from individuals under the age of 13. If we become aware that we have inadvertently collected information from a person under 13, we will promptly delete it. If you believe we may have collected information from a minor, please contact us at [email protected].

§ 13 Third-Party Websites

Our Sites may contain links to third-party websites, including manufacturer websites, carrier portals, integration partner platforms, and other external resources provided for convenience. These linked sites are not operated by Phonewire and are not subject to this Privacy Policy. We have no control over the content, privacy practices, or data handling of any third-party website. When you leave our Sites, we encourage you to review the privacy policy of any site you visit. We are not responsible for the privacy practices of any third-party site. Third-party AI platform providers accessed through our Sites operate under their own privacy policies and data processing agreements with Phonewire.

§ 14 Changes to This Privacy Policy

14.1 Updates. We may update this Privacy Policy from time to time to reflect changes in our practices, services, legal requirements, or regulatory guidance — including changes to our use of AI Tools and automated processing technologies. When we update this Policy, we will revise the “Last Updated” date at the top of the page.

14.2 Material Changes. If we make material changes to how we collect, use, or share personal information, we will provide more prominent notice — which may include a banner on our website, a notification to active customers via email, or other appropriate means — at least thirty (30) days before the changes take effect where reasonably practicable.

14.3 Continued Use. Your continued use of our Sites or services after any update to this Policy constitutes acceptance of the updated Policy. We encourage you to review this Policy periodically.

§ 15 Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:

To report a security incident, email [email protected] with “Security Incident” in the subject line. For CPNI-related requests, contact us in writing at the address below. For Marketing Content opt-out requests, email [email protected] with “Marketing Content Opt-Out” in the subject line.