CallRevu Enterprise AI & Data Stewardship Policy

We are committed to strong data stewardship in everything we build, especially where artificial intelligence is involved.

Customer data always remains the property of our customers and is used solely to deliver the services they rely on. We do not train AI models using customer data, nor do we repurpose customer data beyond its intended operational use.

Our AI-enabled capabilities operate within clearly defined purpose limitations, minimal data retention, and robust security controls. We carefully govern access, storage, and processing, so innovation is delivered responsibly, transparently, and with customer trust at the center of every decision.

  • Customer data ownership is preserved.
    All customer data remains the exclusive property of our customers.     
  • No AI training with customer data.
    Customer data is never used to train, fine-tune, or improve our AI models.     
  • Secure Third-Party AI Subprocessors.
    Where we utilize third-party foundational models to power our capabilities, we access them exclusively via secure, enterprise-grade APIs under strict Zero-Data Retention (ZDR) agreements. These providers are contractually prohibited from using customer data to train their models, and data is discarded immediately after processing.     
  • Data Minimization & PII Safeguards.
    Before conversational data is processed by our AI systems, we employ rigorous sanitization protocols designed to identify and redact sensitive Personal Identifiable Information (PII) such as credit card numbers and Social Security Numbers—ensuring only necessary context is analyzed.     
  • Strict purpose limitation.
    Data is processed only as necessary to operate and support the platform and approved integrations.     
  • Configurable, minimal retention.
    By default, data is retained only for the minimum period required to deliver our services, reducing exposure and risk. Because data governance requirements vary widely, we provide our business customers with the administrative controls to define, manage, and enforce custom data retention and deletion schedules that align with their specific internal policies and regulatory obligations.     
  • Security-first data management.
    Data is classified by sensitivity and protected through layered controls, including encryption in transit and at rest, governed access, and approved enterprise cloud infrastructure.     
  • Business-to-business automotive scope.
    CallRevu operates as a business-to-business service provider within the automotive industry. While our AI-enabled tools, such as digital voice assistants (DVAs), may interact directly with a dealership’s customers, they do so strictly as authorized agents of the dealership. Our platform is not designed for consumer-to-consumer contexts, and all data processing activities reflect our obligations to our enterprise clients.     
  • Conversational AI Transparency & Bot Disclosure.
    Where our AI systems, including Digital Voice Assistants (DVAs), interact directly with consumers, they are designed to comply with applicable bot disclosure and transparency laws. We provide dealerships with the capabilities to clearly disclose to callers that they are interacting with an automated system, ensuring consumers are never intentionally misled regarding the artificial nature of the interaction.     
  • Controller and Processor Alignment.
    As a data processor, we provide our enterprise customers with the platform capabilities and documentation necessary to help them fulfill their obligations as data controllers, including honoring consumer privacy rights and capturing required consents.     
  • No automated decision-making on consumers.
    AI capabilities assist dealerships in routing calls, gathering information, analyzing communications, and improving operational workflows. They do not independently make binding decisions affecting consumers, particularly in areas intersecting with credit, lending, or sales terms.     
  • Transparent AI use in recruitment (RecruitTrack).
    Where AI-enabled capabilities are used within RecruitTrack or any hiring-related workflow, we require and enable our customers to provide meaningful notice and obtain appropriate consent from candidates prior to engaging with AI-driven screening or assessment processes. We support compliance with applicable federal, state, and local regulations governing the use of automated tools in employment, including bias auditing and adverse-impact disclosures where mandated.     
  • Human oversight in employment-related use.
    AI capabilities used in candidate-related workflows are designed strictly to assist human decision-makers rather than replace them. Final hiring decisions always remain under the complete control of the employing organization.     
  • Adult-focused service context.
    Our platform and services are intended for use by adult consumers engaging with automotive dealerships. We do not knowingly collect, process, or store personal data from minors, and we maintain safeguards to prevent the inclusion of minor data in our processing workflows.     
  • Responsible AI use.
    AI capabilities are deployed in a controlled, policy-driven manner that consistently aligns with our privacy, security, and data governance commitments.     

© 2025 CallRevu