Privacy Policy

One Dash Zero LLC  ·  Effective Date: 03/01/2026  ·  Last Updated: 05/24/2026

This Privacy Policy describes how One Dash Zero LLC (“we,” “us,” or “our”) collects, uses, and shares information in connection with our website (onedashzero.ai), AI voice and chat services, the FONE mobile application, and related products (collectively, the “Services”). It applies to site visitors, customers, callers to numbers powered by the Services, app users, team members, resellers, and partners.

Information We Collect

Account information: When you create an account or configure an AI agent, we collect your name, email address, phone number, company name, and business configuration data (such as agent scripts, operating hours, and integration credentials).

Calling and messaging data: We collect call and message metadata (date, time, duration, phone numbers), audio recordings, transcripts, and caller inputs processed through our AI systems. Call recordings are stored to provide call history and transcription features to our customers.

Device and usage data: We automatically collect device identifiers, operating system and version, app version, IP address, browser type, pages visited, features used, and interaction timestamps when you use our website or Services.

Push notification tokens: When you use the FONE mobile app and enable notifications, we collect device push notification tokens (including Apple Push Notification service tokens and VoIP push tokens) to deliver incoming call alerts and notifications to your device.

Microphone and audio data: The FONE app requests access to your device microphone to enable Voice over IP (VoIP) calling. Microphone audio is transmitted in real time during active calls only and is not recorded by the app itself. Call recordings, when enabled, are processed server-side by our telephony provider (Twilio).

Payment data: Billing information is processed through Stripe. We receive limited transaction details (last four digits of card, billing address, transaction amounts) but do not store full credit card numbers on our servers.

Integration data: If you connect third-party integrations (such as Google Calendar, Slack, Square, or CRM systems), we store the API credentials and access tokens you provide to enable those integrations. We access third-party data only as needed to perform the integration functions you configure.

How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Services, including AI voice and chat agents, the FONE app, and management dashboards
• Authenticate users and manage accounts
• Deliver incoming call notifications via push notifications
• Enable VoIP calling and real-time communication features
• Process payments and manage billing
• Communicate with you about your account, service updates, and support requests
• Improve, personalize, and develop new features for our products
• Monitor and analyze usage trends and performance
• Comply with legal obligations and enforce our terms
• Detect, prevent, and address fraud, abuse, and security issues

How We Share Your Information

We share information with service providers that help us deliver the Services:

• Twilio — Telephony, VoIP calling, SMS, WhatsApp messaging, and push notification delivery
• Anthropic — AI language model processing for chat conversations
• Retell & Vapi — Voice call AI orchestration
• ElevenLabs — Voice synthesis
• Cloudflare — Hosting, content delivery, security, and database services
• SendLayer — Transactional email delivery
• Stripe — Payment processing
• Google — Calendar integration and OAuth authentication
• Apple — Push notification delivery via APNs for iOS devices

We also share information with our customers (e.g., call transcripts and recordings are shared with the business whose AI agent handled the call), and as required by law or to protect rights and safety.

We do not sell your personal information. We do not share personal information for cross-context behavioral advertising. We do not track users across third-party apps or websites for advertising purposes.

Data Types Collected (App Store Disclosure)

In connection with the FONE mobile application, we collect the following categories of data:

• Contact info: Name, email address, phone number
• Identifiers: User ID, device ID
• Usage data: App interactions, feature usage, timestamps
• Audio data: Real-time microphone audio during VoIP calls (not stored on device)
• Diagnostics: Crash logs, performance data
• Push notification tokens: VoIP and standard push tokens for call and message delivery

None of this data is used for tracking or third-party advertising. All data collected through the FONE app is used solely to provide and improve the Services.

Third-Party SDKs in the FONE App

The FONE mobile application incorporates the following third-party software development kits (SDKs):

• Twilio Voice SDK — Enables VoIP calling functionality. Processes audio data and call signaling. Twilio Privacy Policy
• Apple PushKit / CallKit — Delivers incoming call notifications and provides native iOS call UI. Processes device tokens and call metadata.
• Capacitor (Ionic) — Cross-platform app framework. Does not independently collect user data.

Cookies and Tracking

We use cookies for session authentication, security, and basic analytics (via Cloudflare Web Analytics). We do not use third-party advertising cookies or tracking pixels. We do not participate in cross-site tracking. You can control cookies through your browser settings.

The FONE mobile app does not use cookies. The app does not include any advertising SDKs, ad networks, or tracking frameworks.

App Tracking and Advertising

We do not track you across other companies’ apps or websites. We do not collect device advertising identifiers (IDFA/GAID). We do not serve targeted advertisements. The FONE app does not request App Tracking Transparency (ATT) permission because no tracking occurs.

Data Retention

We retain information as long as necessary to provide the Services and fulfill the purposes described in this policy. Specific retention periods include:

• Account data: Retained while your account is active and for up to 30 days after deletion request
• Call recordings and transcripts: Retention is configurable per customer account. Default retention is 90 days unless configured otherwise
• Chat conversation history: Retained while your account is active
• Server logs: Retained for up to 30 days
• Payment records: Retained as required by tax and financial regulations

Your Rights — California (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know what personal information we collect and how it is used
• Access your personal information
• Request deletion of your personal information
• Request correction of inaccurate personal information
• Not be discriminated against for exercising these rights

We do not sell personal information. We do not share personal information for cross-context behavioral advertising. To make a request, email privacy@onedashzero.ai with the subject “California Privacy Request.” We will verify your identity before processing your request.

Your Rights — EEA/UK (GDPR)

If you are in the EEA or UK, our legal bases for processing include contract performance, legitimate interests, consent, and legal obligations. You have the right to access, correct, delete, restrict processing, object to processing, data portability, withdraw consent, and lodge a complaint with a supervisory authority. To make a request, email privacy@onedashzero.ai with the subject “GDPR Request.”

Account Deletion

You may request deletion of your account and all associated personal data through any of the following methods:

• In-app: Navigate to Settings within the FONE app and select “Delete Account”
• Email: Send a request to privacy@onedashzero.ai with the subject “Delete My Account”
• Phone: Call +1 (762) GET-DASH and request account deletion

Upon receiving your request, we will delete your account, profile information, call recordings, transcripts, integration credentials, and any other personal data within 30 days, except where retention is required by law or legitimate business purposes (such as fraud prevention or financial record-keeping).

Children’s Privacy

The Services are not directed to children under the age of 13 (or 16 in the EEA/UK). We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under the applicable age, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at privacy@onedashzero.ai.

International Data Transfers

Your information may be transferred to and processed in the United States, where our servers and service providers are located. If you are located outside the United States, you consent to the transfer of your information to the United States. We rely on standard contractual clauses and other lawful transfer mechanisms where required.

Security

We implement appropriate technical and organizational measures to protect your information, including:

• Encryption of all data in transit using TLS/HTTPS
• Encryption of sensitive data at rest
• Access controls restricting personal data to authorized personnel
• Regular security monitoring and logging
• Secure credential storage for third-party integration tokens

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new effective date. If you continue to use the Services after the updated policy takes effect, you accept the revised policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:

Email: privacy@onedashzero.ai
Phone: +1 (762) GET-DASH
Mail: One Dash Zero LLC, 30 N Gould St #26420, Sheridan, WY 82801

Browser Extension (OD0 Partner Tools)

This section applies specifically to the OD0 Partner Tools browser extension published in the Chrome Web Store.

Scope. The extension shows in-page overlay panels with One Dash Zero community-marketing tooling while a partner is actively browsing facebook.com or reddit.com. The overlay appears in context on supported pages and surfaces information about which Facebook groups or Reddit subreddits the partner’s One Dash Zero account is mapped to, the partner’s remaining daily-cap allowance, and AI-generated draft suggestions. It runs only on facebook.com and reddit.com, and only while the partner has the page open. The partner always submits posts and comments using Facebook’s or Reddit’s own composer and submit button — the extension does not post on the partner’s behalf.

No data collection in the background. The extension does not collect, transmit, sell, or share personal information, browsing history, or other users’ page content. It does not track browsing across sites. It does not run background timers, alarms, or background network activity. Short, time-bounded user-interface and confirmation timers (up to 5 seconds) may run while the partner is actively on a supported page — these are described in “Confirmation observation” below.

Page-context capture (partner-triggered). When the partner clicks “Generate” or “Inject” in the overlay, limited page context is sent to One Dash Zero so the AI-generated draft has the right context. On Reddit, this is the subreddit slug, the current thread’s title, the thread author’s username, and the thread’s permalink. On Facebook, this is the mapped group’s URL. These captures happen only when the partner clicks an overlay button and are sent only to One Dash Zero’s own services.

Confirmation observation (5 seconds, partner-triggered). After the partner clicks “I posted this” in the Reddit overlay, the extension watches Reddit’s comment area for up to 5 seconds to confirm the partner’s own comment appeared. This is how the extension matches an attribution record to the post the partner just made. Comments by other users that appear in that 5-second window are observed at the page level (because Reddit shows all new comments in the same area the extension is watching) and discarded immediately by a filter that matches only the partner’s own signed-in username. Nothing about other users’ comments is transmitted to One Dash Zero or anywhere else. Only the partner’s own comment’s identifier and link — once matched — are sent to One Dash Zero’s API to complete the attribution record.

Local storage. To pair the extension with the partner’s One Dash Zero account, the extension stores a pairing token in the browser’s local extension storage (chrome.storage.local), scoped to the partner’s account and used to authenticate the partner’s requests to One Dash Zero’s API. The token is created by the partner from their One Dash Zero partner portal, stays on the partner’s own device, and is sent only to One Dash Zero’s own API (api.1-0.dev) — never to Facebook, Reddit, or any third party. The partner can remove the token at any time by unpairing through the extension popup or by removing the extension from the browser, and One Dash Zero will revoke the corresponding server-side record on request to privacy@onedashzero.ai.

Permissions requested. Storage (to hold the pairing token described above). Host access to facebook.com and reddit.com (so the extension can show its overlay panel and operate the draft-and-insert flow on those sites). The extension does not use host access to read or transmit page content beyond the partner-triggered captures and the 5-second confirmation observation described above.

Data sharing and API endpoints. One Dash Zero does not sell partner data and does not share it with third parties. The extension communicates only with One Dash Zero’s own services (api.1-0.dev). The endpoints called by the extension are: group-readiness lookup, draft generation, and post-submitted attribution write on the Facebook side; subreddit-readiness lookup, draft generation, and response-submitted attribution write on the Reddit side.

Contact. dash@onedashzero.ai