◆ Kippera

Kippera — Privacy Policy

Effective date: 2026-06-16 Entity: Kippera LLC, a Georgia limited liability company ("Kippera," "we," "us," "our")


1. Who we are and what this policy covers

Kippera provides an AI-powered communications platform that answers calls, text messages, web chat, email, and social-media messages for small businesses, books appointments, sends follow-up communications, and manages customer relationships (the "Service").

We act in two different roles, and this policy distinguishes them:


2. Information we collect

2.1 From Customers (we are the controller)

2.2 From End Users, on behalf of Customers (we are the processor)

2.3 From website visitors

kippera.com currently uses only essential cookies required for the site to function. We do not currently use analytics or advertising cookies.


3. How we use information

We do not sell personal information, and we do not use End-User conversation content to train our own AI models.


4. AI processing disclosure

The Service uses artificial intelligence to understand and respond to communications. Specifically:

Our AI identifies itself as an AI assistant in conversations, as required by applicable law and our policies. AI-generated responses may not always be accurate; see our Terms of Service for the associated disclaimers.

Call recordings, where enabled by a Customer, are stored securely and accessible only to authorized users. Two-party recording consent disclosures are delivered as required by applicable law.


5. How we share information (sub-processors)

We share information with vendors who process it on our behalf, under contract, only to provide the Service:

Sub-processor Purpose
Anthropic AI language processing of conversation content
Twilio Voice and SMS transport; phone-number provisioning
ElevenLabs AI text-to-speech voice generation
Stripe Subscription billing, payment processing, and invoicing
Square Payment processing for customer deposits and invoices (where a Customer enables it)
PayPal Payment processing for customer deposits and invoices, including Venmo as a PayPal-owned funding option for U.S. customers (where a Customer enables it)
Amazon Web Services (AWS) Cloud hosting and storage
Mailgun Inbound email processing for lead ingestion
Google Calendar sync, Business Profile posting, sign-in authentication, and advertising/conversion measurement (where a Customer connects these)
Meta (Facebook / Instagram) Unified inbox message ingestion and social posting (where a Customer connects a Facebook Page or Instagram account)

Where a Customer connects an optional integration (such as a CRM, accounting, or calendar system), we transmit relevant data to that system at the Customer's direction. Those systems act under the Customer's control, not as our sub-processors.

Google user data (Limited Use disclosure)

What we access. When a Customer connects Google Calendar, Kippera requests the Google Calendar events scope (https://www.googleapis.com/auth/calendar.events) and accesses only event data on the calendar the Customer connects: event times, busy/free status, and event titles within a rolling sync window, plus the OAuth tokens Google issues for the connection. Kippera does not access any other Google data.

How we use it. This data is used solely to provide two-way calendar sync for that Customer: creating, updating, and cancelling appointment events the Customer's business books through Kippera, and reading events on the connected calendar so booked times are treated as unavailable and double-bookings are prevented. Google Calendar data is displayed only to the connected Customer's own account and is never used for advertising or profiling.

What we share. Google Calendar data is not sold and is not transferred to third parties — including data brokers and advertisers — except to our cloud hosting sub-processor (AWS) as necessary to store and serve it, or as required by law. Raw Google event details (such as event titles) are never sent to AI providers; only derived open/busy availability informs the appointment times the AI receptionist offers, and our AI provider (Anthropic) does not use data submitted through its API to train its models.

How it is protected. OAuth tokens are stored encrypted at rest using application-layer encryption; mirrored event details are likewise encrypted at rest. All communication with Google's APIs occurs over TLS, and access is limited to the connected Customer's own tenant.

Retention and deletion. Google Calendar data is retained only while the integration is connected, and mirrored events cover only a limited rolling window. When a Customer disconnects Google Calendar in Settings, the stored OAuth tokens and all mirrored Google event data are deleted immediately. Deleting a Kippera account (Settings → Data & Privacy) removes all remaining data under our standard deletion process. A Customer can also revoke Kippera's access at any time at myaccount.google.com/permissions.

Kippera's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Kippera does not use raw or derived Google user data — including data received from Google Workspace APIs such as Google Calendar — to develop, improve, or train generalized (non-personalized) artificial-intelligence or machine-learning models.

We may also disclose information: to comply with law or legal process; to protect rights, safety, and security; and in connection with a merger, acquisition, or sale of assets (with notice as required by law).


6. Messaging consent (SMS and voice)

Where Kippera sends text messages — both on behalf of our business Customers and from Kippera's own support and account lines — it does so subject to consent and opt-out requirements:

See also the Customer's own privacy notice and the messaging disclosures presented at the point of opt-in.


7. Data retention


8. Security

We use technical and organizational measures to protect personal information, including encryption of sensitive data at rest (including phone numbers, conversation content, and stored credentials) and access controls. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.


9. Your California privacy rights (CCPA / CPRA)

If you are a California resident, you have the right to:

To exercise these rights, contact us at [email protected]. We will verify your request as required by law. You may use an authorized agent. For data we process on behalf of a business Customer, we will route your request to that Customer.


10. Other U.S. state rights

Residents of other states with comprehensive privacy laws may have similar rights to access, correct, delete, and appeal. Contact us at [email protected] to exercise them.


11. International users

The Service is directed to businesses and users in the United States. We do not currently target the EU/UK market.


12. Children's privacy

The Service is intended for businesses and is not directed to children. We do not knowingly collect personal information from children under 18.


13. Fair Housing commitment

For real estate Customers, Kippera's AI is built with Fair Housing guardrails. It does not characterize neighborhoods, schools, or any area by demographic, racial, religious, or other protected-class terms, and it will not answer "steering" questions about who does or doesn't live in an area or whether a neighborhood is "safe" or "good." Instead, it redirects those questions to objective third-party sources (such as public school ratings sites or crime-data portals) that the Customer can point buyers and renters to directly. Every time the AI refuses or redirects a question like this, it logs the refusal internally as compliance evidence, so Customers have a record showing the guardrail worked as intended.


14. Changes to this policy

We may update this policy from time to time. We will post the updated version with a new effective date and, where required, provide additional notice.


15. Contact us

Kippera LLC 1485 Derby Ct. NE, Ranger, GA 30734 Email: [email protected]