Privacy Policy
This Privacy Policy describes how Ops Armada LLC ("Ops Armada," "we," "us") collects, uses, and discloses information across our product portfolio: VoiceInvoicing (voiceinvoicing.com), VoiceQuoting (voicequoting.com), CallRescuer (callrescuer.com), and ReviewRescuer (reviewrescuer.com). All four products operate on a shared backend under common privacy and security practices governed by this Policy. Where a product has product-specific privacy disclosures (for example, the consumer-facing /sms-consent pages), those documents supplement this Policy and do not replace it.
By using any Ops Armada product, you agree to this Policy together with the Ops Armada Terms of Service and any product-specific terms.
1. Information we collect
Account data (across all products)
- Email address (used as your sign-in identifier).
- Password, stored only as a bcrypt hash — we never see your plaintext password.
- Optional profile fields: business name, phone, business address, default tax rate, default invoice due days.
- Plan, billing-period metering counters, billing-period reset date.
Product-specific content
- VoiceInvoicing: invoices you create (number, status, line items, totals, due date, timestamps), clients you invoice (name, email, phone, address), and Stripe Payment Link IDs.
- VoiceQuoting: quotes you create (line items, pricing, expiration), quote recipients, electronic-acceptance audit records (timestamp, IP, user-agent), and Stripe Connect deposit-session IDs.
- CallRescuer: the Twilio-provisioned phone number assigned to your account, SMS conversation transcripts with consumers who called your number, and the structured lead fields extracted from those conversations.
- ReviewRescuer: Google Business Profile review content, the AI-drafted replies we generate for your approval, and your approval / posting decisions.
Voice data
Raw audio is not stored. When you tap the mic in VoiceInvoicing or VoiceQuoting, we stream the audio to OpenAI Whisper for transcription, then discard it. The resulting transcript and the extracted JSON (client name, line items, etc.) are stored in your account so you can audit what the AI produced. CallRescuer does not record or store voice calls — the system plays a configured greeting and immediately transitions to SMS.
Payment data
Stripe customer ID and subscription ID (if you have a paid plan). We do not store card numbers, bank-account numbers, or any other payment instrument — Stripe handles all of that.
Technical data
- IP address and user-agent at the time of requests (for abuse prevention and logs).
- JWT access tokens in your browser's localStorage (signs you in; never sent to third parties).
We do not use advertising trackers, third-party analytics, or cross-site pixels.
2. SMS / text messaging — A2P 10DLC disclosure
Ops Armada operates a single A2P 10DLC SMS program across its products under brand OPS ARMADA LLC (TCR Brand ID B4F0RB6). When a contractor on the platform sends or initiates a message to a consumer, the SMS is delivered via Twilio on the contractor's behalf. Specifically:
-
Opt-in: Consumers opt in at the point of service. For
VoiceInvoicing and VoiceQuoting, the contractor obtains explicit verbal consent
from the customer at the touchpoint before adding their phone number to the
system. The published verbal-consent script is available at each product's
/sms-consentpage. For CallRescuer, the consumer initiates the interaction by calling the contractor's business number — the inbound call establishes consent for the immediate-rescue conversation that follows. ReviewRescuer messages contractor account-holders only, not consumers. - Message content: Transactional only. Invoice notifications, quote delivery, deposit receipts, payment receipts, missed-call rescue conversations, and contractor-facing review alerts. No marketing, promotional, or recurring messages are sent.
- Message frequency: Low. VoiceInvoicing: 1–5 messages per customer per billing cycle. VoiceQuoting: 1–2 messages per quote. CallRescuer: 3–5 messages per missed-call conversation. ReviewRescuer: 1–3 messages per flagged review, to the contractor only.
- Message and data rates: Standard message and data rates from the recipient's mobile carrier may apply.
- HELP: Reply HELP (or INFO) to any message to receive a response identifying the contractor and providing support contact information.
- STOP: Reply STOP (or any of UNSUBSCRIBE, CANCEL, END, QUIT, OPTOUT, REVOKE, STOPALL) to any message at any time to immediately stop receiving SMS. Twilio handles STOP keywords automatically and adds the number to a carrier-wide suppression list. Opt-outs are honored globally across the Ops Armada SMS program: once a number opts out, no contractor on any Ops Armada product can text it again unless the recipient replies START or YES.
- No third-party sharing: Mobile information, phone numbers, and SMS consent records are not shared, sold, or rented to third parties or affiliates for marketing or promotional purposes. The only third party that receives phone numbers is Twilio (our SMS carrier), and only for the sole purpose of delivering the messages described above.
Per-product consumer-facing disclosures are published at: voiceinvoicing.com/sms-consent, voicequoting.com/sms-consent, and callrescuer.com/sms-consent.
3. How we use the data we collect
- To operate the products — store your data, generate PDFs, route payments via Stripe, deliver SMS via Twilio, and deliver email via Resend.
- To send transactional notifications to recipients you explicitly designate (invoice customers, quote recipients, callers, etc.).
- To send automated payment-reminder emails for unpaid VoiceInvoicing invoices on day-1 (contractor) and days 3, 7, 14 (customer). Reminders auto-stop when the invoice is marked paid.
- To enforce plan limits and detect abuse (rate-limiting, audit logs).
- To respond to your support and feedback messages.
- To comply with legal obligations when required.
We do not sell your data. We do not train AI models on your data. We do not share your client or recipient lists with anyone except the sub-processors listed below, and only for the limited purpose of delivering the service you requested.
4. Sub-processors
To deliver the products we transmit limited data to the following vendors. Each is bound by its own terms and privacy policies:
| Vendor | What they receive |
|---|---|
| OpenAI | Voice audio for transcription (not retained) and transcripts for field extraction. |
| Stripe | Payment processing (subscriptions, invoice payment links, VoiceQuoting Connect deposits). Customer email and name only. |
| Twilio | Recipient phone number and message body for outbound SMS; inbound SMS content for CallRescuer. |
| Resend | Recipient email address and message content for outbound email (invoices, quotes, reminders). |
| Railway | Backend and Postgres hosting. All account, invoice, quote, lead, and review data sits here at rest, encrypted. |
| Vercel | Frontend hosting; no personal data touches Vercel servers beyond request logs. |
| Google (Business Profile API) | ReviewRescuer only: read access to review content and write access to post replies, scoped per the contractor's authorization. |
5. Retention
- Account and product data: kept as long as your account is active.
- On account deletion: we delete your account, clients, invoices, quotes, leads, and transcripts within 30 days. CallRescuer subscribers receive a 30-day number-hold grace period and 90-day data-retention window per the CallRescuer Terms of Service.
- Some data may persist in encrypted backups for up to 60 days after deletion, then is overwritten.
- Legal and tax records we are required to retain will be kept only as long as required.
- SMS opt-out records are retained indefinitely to ensure ongoing compliance with TCPA and carrier opt-out requirements.
6. Your rights
Regardless of where you live, you can:
- Access your data (Settings page + product-specific history).
- Correct your data (Profile page + content editors).
- Delete your account — in-product Settings or by emailing the addresses below.
- Export your data — Settings → "Download CSV export" in each product.
California residents (CCPA/CPRA): You have the additional right to know what personal information we have collected, to delete it, to correct it, and to opt out of sale or sharing (we do not sell or share for marketing, so there is nothing to opt out of). Email the addresses below to exercise these rights.
7. Security
- TLS in transit to the backend and to every sub-processor.
- bcrypt password hashing — we never store plaintext passwords.
- JWT access tokens with configurable expiry.
- Database at rest is encrypted by Railway's underlying cloud provider.
- Stripe webhook signatures and Twilio webhook signatures are verified on every event.
No system is 100% secure. If you suspect a vulnerability, email security@opsarmada.com so we can respond quickly.
8. Children
Our products are not intended for anyone under 18. We do not knowingly collect data from children. If you believe a child has registered, email us and we will delete the account.
9. International data transfer
Our infrastructure is primarily in the United States. If you access an Ops Armada product from outside the US, you consent to your data being transferred to and processed in the US.
10. Changes to this Policy
We will post the new version here and update the "Last updated" date above. Material changes will also be emailed to your account email when practical.
11. Contact
General privacy questions: privacy@opsarmada.com
Per-product support: support@voiceinvoicing.com · support@voicequoting.com · support@callrescuer.com · support@reviewrescuer.com