Privacy Policy

We collect only the information necessary to operate, secure, and improve the Service.

1.1 Account Information

• Full name
• Email address
• Phone number
• Company name
• Login credentials (encrypted)

1.2 Payment Information

• Payment details are processed exclusively by Stripe
• Sterling does not store or access full credit card numbers
• Stripe is PCI-DSS compliant

1.3 Usage & Technical Data

• Calls placed and minutes used
• Appointment activity
• AI interaction logs
• Platform usage metrics
• IP address, browser type, device information
• Security and audit logs

This data is used strictly for service operation, analytics, and abuse prevention.

1.4 Lead Data (Uploaded by You)

Contact names, phone numbers, notes, tags, and related metadata that you upload.

1.5 Referral Data

• Referral codes
• Referral relationships and attribution

We use collected information solely to:

• Provide, operate, and maintain the Service
• Process payments and usage-based billing
• Deliver AI calling and appointment functionality
• Send critical service-related communications
• Improve performance, reliability, and security
• Prevent fraud, abuse, and unauthorized use
• Generate analytics and reporting
• Sync calendars and appointments (via Cal.com)

We do not use your data for advertising or third-party marketing.

We implement industry-standard security practices, including:

• Encrypted databases hosted via Supabase (AWS)
• Encryption in transit (TLS) and at rest
• Strict row-level access controls
• Secure authentication and authorization
• Role-based access restrictions

While no system is 100% secure, Sterling takes reasonable measures to protect your data from unauthorized access, loss, or misuse.

Sterling integrates with trusted third-party services strictly to operate the platform:

• Stripe – Payment processing
• Supabase – Database and authentication
• Cal.ai / Cal.com – Scheduling and calendar integrations
• Telephony & AI Providers – Call delivery and AI processing

We share only the minimum data required for functionality. Each provider operates under its own privacy policy.

Sterling uses essential cookies only, including for:

• Authentication
• Session management
• Security and fraud prevention

We do not use advertising cookies, behavioral tracking, third-party tracking pixels, data resale, or profiling.

You have the right to:

• Access your personal information
• Update or correct your data
• Delete your account and associated data
• Export your data (upon request)
• Opt out of non-essential communications

Requests can be made by contacting support.

• Data is retained while your account is active
• Upon cancellation, data is retained for up to 90 days for potential reactivation
• After 90 days, data is permanently deleted unless legally required to retain it

EU Users (GDPR)

You have the right to:

• Access
• Rectification
• Erasure
• Data portability
• Restriction of processing

California Residents (CCPA)

• We do not sell personal information
• You may request disclosure or deletion of data

Sterling is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors.

You are solely responsible for:

• The legality of uploaded leads
• Consent and opt-in compliance
• Compliance with TCPA, DNC, FCC, and other regulations

You may not upload:

• Non-consented or illegally obtained leads
• Numbers on Do-Not-Call lists (where applicable)
• Sensitive or protected personal data

We may update this Privacy Policy periodically. Material changes will be communicated via email or dashboard notification.

Continued use of the Service constitutes acceptance of the updated policy.