Privacy Policy

1. Information We Collect

Account Information:

• Name and email address
• Phone number (optional, if you provide it)
• Account credentials (securely hashed)
• Contact preferences
• Organization affiliation (for organization users)

Support Ticket Information:

• Technical issues and descriptions
• Device type and problem details
• Screenshots you upload (optional)
• Communication history with our support team
• Ticket status and resolution notes

AI Assistant Interactions:

• Chat messages and conversations
• Voice recordings (if you use voice features)
• Images and screenshots you share
• Session duration and interaction history

Scam Check Information:

When you use the Scam Check feature, we collect and store only the following metadata about each check:

• Your user ID (to associate the check with your account)
• Organization ID (for organization users, to associate with your organization)
• Input type used (text, screenshot, or phone call questionnaire)
• Result tier (red, yellow, or green risk level)
• Result category (e.g., phishing, tech support scam, government impersonation)
• Confidence score (high, medium, or low)
• AI model used for the analysis
• Disclaimer acknowledgment record

🔒 What we do NOT collect or store from Scam Check: The actual text you type, the screenshots or images you upload, the phone call descriptions you provide, and the AI's full written analysis. This content is sent to our AI provider for real-time analysis and is discarded immediately after results are returned. It is never saved to our servers.

Payment Information:

• Processed securely through Stripe
• We do NOT store credit card numbers
• We only store: last 4 digits, card type, expiration date
• Billing history and subscription status

Automatically Collected Information:

• IP address and general location (city/state level)
• Browser type and device information
• Pages visited and features used
• Date and time of access

Organization Account Information (for B2B):

• Organization name and contact information
• Organization Administrator details
• User management and activity logs
• Billing and contract information

AI Agent Activity Information:

Our proactive AI agent generates and stores the following derived data based on your platform activity:

• A risk score derived from your Scam Check history (not raw scam content — only the pattern of risk levels over time)
• Recurring issue categories detected from your support tickets and AI chat sessions
• Device types and technical environment information derived from your support interactions
• Communication preferences (whether you engage with email or in-app notifications, and how frequently)
• Agent decision logs recording what the agent evaluated, what action it took or chose not to take, and why
• Alert records tracking proactive messages sent to you, including delivery method, status, and whether you acknowledged or dismissed them

🔒 Important: All AI agent data is derived from your existing platform activity — we do not collect information from external sources to build your agent profile. The agent reads your existing Scam Check results, support tickets, and AI chat sessions but does not modify or delete any of that data. Agent data is stored separately from your core account data in isolated database tables.

2. How We Use Your Information

We use your information to:

• Provide our Service: Process support requests, respond to tickets, provide AI assistance, and analyze submitted content for potential scams via the Scam Check feature
• Improve our Service: Analyze usage patterns, identify common issues, enhance features
• Communicate with you: Send service updates, respond to inquiries, notify about tickets
• Process payments: Handle subscriptions and billing
• Ensure security: Prevent fraud, abuse, and unauthorized access
• Legal compliance: Meet legal obligations and enforce our Terms of Service
• Organization management: Enable Organization Administrators to manage their users and view relevant support activity
• Proactive protection: Our AI agent monitors your Scam Check results, support tickets, and AI chat sessions to send you protective follow-ups, relevant help articles, and personalized mini-guides — without requiring you to initiate contact
• Automated decision-making: The AI agent makes automated decisions about when to follow up, what guidance to send, and which communication channel to use, based on your platform activity patterns and communication preferences. These decisions are made by automated systems, not by Silver Support Hub staff. You may contact us at support@silversupporthub.com if you have questions about automated decisions affecting your account

⚠️ Important: We do NOT use your conversations to train AI models. We do NOT sell your data to third parties. We do NOT share your information for marketing purposes.

3. Information Sharing

We only share your information with:

Service Providers (Required to Operate):

• Clerk: Authentication and user management (Privacy Policy)
• Supabase: Database and data storage (Privacy Policy)
• OpenAI: AI assistance, voice features, and Scam Check analysis (Privacy Policy)
• Stripe: Payment processing (Privacy Policy)
• Email Service Provider: Sending notifications and support emails

Your Organization (for Organization Users):

If you access Silver Support Hub through an organization, your Organization Administrators may have access to your support tickets, activity logs, usage information, and aggregate Scam Check activity (risk levels and scam categories only — not the actual content you submitted) within the platform. Your organization may have its own privacy policies that apply in addition to this Privacy Policy.

Legal Requirements:

• To comply with law enforcement requests
• To respond to subpoenas or court orders
• To protect our rights, safety, or property
• To enforce our Terms of Service

We do NOT:

• Sell your personal information
• Share your data with advertisers
• Use your conversations for marketing
• Share your information with unrelated third parties

4. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: Data is encrypted in transit (HTTPS/SSL) and at rest
• Secure servers: Hosted on secure, monitored infrastructure
• Access controls: Only authorized personnel can access user data
• Authentication: Industry-standard authentication (OAuth, 2FA available)
• Data isolation: Organization data is isolated and separated from other organizations
• Audit logging: Actions are logged for security and compliance purposes

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

Active Accounts: We retain your data as long as your account is active.

Cancelling Your Subscription:

• When you cancel your subscription, you retain full access until the end of your current billing period
• Your data remains intact during this period and you may resume your subscription at any time
• After your access period ends, your account is scheduled for deletion
• Once deleted, your personal data, support tickets, AI chat history, and session data are permanently removed

Immediate Account Deletion:

• When you delete your account immediately (via account settings), your access ends right away
• Your personal data, support tickets, AI chat history, and session data are permanently deleted immediately
• Your subscription is cancelled and you will not be charged again
• This action cannot be undone

Scam Check Data:

• The actual content you submit (text, screenshots, phone call descriptions) is never stored and cannot be retrieved after analysis
• Scam Check metadata (risk level, category, confidence score) is retained while your account is active
• Scam Check metadata is deleted when your account is deleted
• Your disclaimer acknowledgment record is deleted when your account is deleted

What We Retain After Account Deletion:

• Audit logs (containing action history) are retained for up to 7 years for legal and compliance purposes
• After 7 years, audit logs for deleted accounts are permanently removed
• Payment records are retained by Stripe according to their retention policy and legal requirements
• We do not store your full credit card information—only last 4 digits and card type for reference

Organization Account Termination:

• When an organization's contract is terminated, the account is deactivated and users lose access
• Organization data is retained in deactivated status for a minimum of one (1) year
• After the retention period, organizations may request complete data deletion
• Deletion requests will be processed within 30 days, subject to legal requirements

Organization User Deletion:

• Users within an organization may delete their own account at any time
• Upon deletion, personal data, tickets, and chat history are permanently deleted
• Organization audit logs related to that user are retained for compliance purposes

AI Agent Data Upon Account Deletion:

• Your AI agent profile (risk score, device types, communication preferences) is deleted when your account is deleted
• Agent alerts and issue patterns linked to your account are disassociated — your user ID is removed, making the records anonymous
• Agent decision logs are retained without personally identifiable information for service improvement purposes

Anonymized Data Retention:

When your account is deleted, certain anonymized and aggregated statistical data may be retained permanently for the purpose of improving the Service for all users. This includes patterns such as which types of scams trend in certain periods, which follow-up approaches are most effective, and which technical issues recur most frequently. This retained data contains no personally identifiable information — no name, no email address, no user ID, and no organization ID. It cannot be used to identify you, contact you, or reconstruct your account. Under applicable privacy regulations including GDPR and CCPA, truly anonymized data that cannot identify an individual is not considered personal data and is not subject to deletion requests.

6. Your Privacy Rights

You have the right to:

✓ Access Your Data

Request a copy of all personal information we have about you. Contact us at support@silversupporthub.com.

✓ Correct Your Data

Update or correct inaccurate information in your account settings.

✓ Delete Your Account

Delete your account through your account settings. Your personal data, tickets, and chat history will be permanently deleted. Audit logs are retained for compliance (see Data Retention above).

✓ Export Your Data

Request a downloadable copy of your data in a common format. Contact us at support@silversupporthub.com.

✓ Opt-Out of Communications

Unsubscribe from marketing emails (service-related emails will continue).

European Users (GDPR): If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation, including the right to data portability and the right to lodge a complaint with a supervisory authority.

California Residents (CCPA): If you are a California resident, you have rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to delete, and the right to opt-out of the sale of personal information (note: we do not sell personal information).

7. Cookies and Tracking

We use minimal cookies and tracking:

Essential Cookies (Required):

• Authentication cookies (keep you logged in)
• Session management
• Security tokens

We do NOT use:

• Advertising cookies
• Social media tracking pixels
• Cross-site tracking
• Analytics beyond basic usage statistics

8. Children's Privacy

Our Service is not intended for children under 18. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately at support@silversupporthub.com and we will delete it.

9. Health Information Disclaimer (HIPAA)

Silver Support Hub is a technology support service, not a healthcare provider. We are not a "covered entity" under the Health Insurance Portability and Accountability Act (HIPAA).

Please be aware:

• We do not provide medical advice, diagnosis, or treatment
• Any health information you voluntarily share during support sessions is not protected under HIPAA
• We recommend NOT sharing sensitive medical information during tech support interactions
• If you need assistance with medical devices or health-related apps, please limit sharing to only what is necessary for technical troubleshooting

While we implement strong security practices to protect all user data, we cannot guarantee HIPAA-compliant handling of health information as we are not subject to HIPAA regulations. For health-related concerns, please consult with qualified healthcare providers.

10. Organization Data

For Organization Administrators:

• You have access to support tickets and activity for users within your organization
• You have access to aggregate Scam Check activity for your organization (total checks, risk levels, scam categories) but not the actual content users submitted
• You have access to an AI agent activity feed showing proactive actions the agent has taken for your organization's users — including alert type (such as scam follow-up or recurring issue detection), recommended action, and the resident's first name and last initial only. You cannot see the raw content of conversations, Scam Check submissions, or the full text of AI-generated messages sent to users
• You are responsible for informing your users about your organization's data practices
• You may add and remove users from your organization
• User data within your organization is isolated from other organizations

For Organization Users:

• Your Organization Administrator may view your support tickets and activity
• Your Organization Administrator may view aggregate Scam Check statistics for your organization but cannot see the actual content you submitted for analysis
• Your Organization Administrator may view an AI agent activity feed that shows when the agent has sent you a proactive follow-up or help guide, including the type of alert and a summary of the action taken. Your Organization Administrator cannot see the full content of agent messages sent to you, nor the content of your conversations, Scam Check submissions, or AI chat sessions
• Your organization may have additional privacy policies that apply to you
• You may delete your own account, but your organization may retain certain records
• Contact your Organization Administrator for questions about your organization's data practices

11. International Users

Silver Support Hub LLC is based in the United States. If you access our Service from outside the US, your information will be transferred to and stored in the US. By using our Service, you consent to this transfer. We take steps to ensure your data is protected in accordance with this Privacy Policy.

12. Third-Party Links

Our Service may contain links to third-party websites or resources. We are not responsible for the privacy practices of these external sites. Please review their privacy policies before sharing information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via:

• Email notification to all users
• Prominent notice on our website
• Updated "Last Updated" date at the top of this page

Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy. If you do not agree to the updated Privacy Policy, you must stop using the Service.

14. Contact Us

If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how we handle your data, please contact us: