Privacy Policy
Last updated: May 2026 · Effective immediately
Summary: NexorLink collects only the information needed to provide AI voice services. We do not sell your data. We do not share patient information with third parties except as required to operate the service or comply with law. Healthcare clients receive a HIPAA Business Associate Agreement at no extra charge.
1. Who We Are
NexorLink LLC ("NexorLink," "we," "us," or "our") is an AI voice infrastructure company headquartered in Miami, Florida. We provide AI-powered receptionist services to businesses including medical clinics, law firms, hotels, and other appointment-driven organizations. Contact: hello@nexorlink.com · +1 (786) 550-3307.
2. Information We Collect
From our clients (businesses):
- Business name, address, contact information, and billing details
- Configuration information: business hours, provider names, FAQ content, transfer numbers
- Usage data: call volume, call durations, appointment bookings
- Payment information (processed by Stripe — we do not store raw card data)
From end users (callers / patients):
- Name and contact information provided during calls (for appointment booking)
- Voice recordings and transcripts of calls handled by our AI
- Appointment details and scheduling preferences
- Language preference (auto-detected, not stored as a profile field)
From website visitors:
- Information submitted through our contact and onboarding forms
- Standard web analytics (page views, referral source, device type)
- No tracking cookies beyond standard analytics
3. How We Use Information
- To operate and improve the AI voice service for each client
- To process payments and manage subscriptions
- To send appointment confirmations and reminders to end users
- To provide client dashboard access and call reporting
- To respond to support requests
- To improve AI accuracy and language detection
- We do not use call recordings or patient data for advertising
- We do not sell data to any third party, ever
4. HIPAA Compliance
NexorLink is designed with healthcare clients in mind. For clients subject to the Health Insurance Portability and Accountability Act (HIPAA):
- A Business Associate Agreement (BAA) is included in Enterprise and HMO Premium plans
- A BAA is included for healthcare clients on all plans
- All call recordings and transcripts containing Protected Health Information (PHI) are encrypted in transit (TLS 1.2+) and at rest (AES-256)
- PHI is never used for advertising, marketing, or any purpose beyond providing the contracted service
- PHI is retained for 12 months and available for export within 30 days of contract termination
- NexorLink does not disclose PHI to third parties except as required for service delivery (e.g., scheduling system integrations authorized by the client) or as required by law
5. Data Sharing
We share data only in the following limited circumstances:
- Service providers: Retell AI (voice processing), Twilio (telephony), Stripe (payments). All under data processing agreements.
- Client-authorized integrations: EHR/scheduling systems connected at client request
- Legal compliance: When required by law, court order, or government authority
- Business transfer: In connection with a merger or acquisition, with notice to affected clients
6. Data Retention
- Call recordings and transcripts: retained 12 months from date of call
- Client account data: retained for the duration of the subscription plus 90 days
- Billing records: retained 7 years as required by law
- Upon cancellation: client may request export of all data within 30 days. After 30 days, data is deleted.
7. Security
We implement industry-standard security measures including:
- TLS 1.2+ encryption for all data in transit
- AES-256 encryption for data at rest
- Access controls limiting data access to authorized personnel only
- Regular security reviews of our infrastructure and third-party providers
8. California Privacy Rights (CCPA)
California residents have the right to: (1) know what personal information we collect and how it is used; (2) delete personal information we hold about them; (3) opt out of the sale of personal information (NexorLink does not sell personal information); (4) non-discrimination for exercising these rights. To exercise these rights, contact hello@nexorlink.com.
9. Children's Privacy
NexorLink services are not directed at children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete it promptly.
10. Changes to This Policy
We may update this policy periodically. We will notify active clients of material changes by email at least 30 days before they take effect. Continued use of the service after the effective date constitutes acceptance.
11. Contact Us
Privacy questions, data requests, or HIPAA inquiries: hello@nexorlink.com
NexorLink LLC · Miami, FL · +1 (786) 550-3307