> For the complete documentation index, see [llms.txt](https://help.ringtonic.app/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://help.ringtonic.app/legal/privacy-policy.md).

# Privacy Policy

**1. Introduction**

* This Privacy Policy applies to all information collected through our desktop application, Ring Tonic ("Service"), and any related services, sales, marketing, or events.

**2. Information We Collect**

* We may collect personal information that you voluntarily provide to us when registering to use our Service, expressing an interest in obtaining information about us or our products and services, or otherwise contacting us.
* The personal information we collect depends on the context of your interactions with us and the Service, the choices you make, and the features you use.

**3. How We Use Your Information**

* We use personal information collected via our Service for a variety of business purposes, such as:
  * To facilitate the creation and securing of your account on our Service.
  * To post testimonials with your consent.
  * To enforce our terms, conditions, and policies.
  * For other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and to evaluate and improve our Service, products, marketing, and your experience.

**4. Sharing Your Information**

* We may share your information with our service providers, in connection with any business transfers, to comply with laws, to protect your rights, or with your consent.

**5. Cookies and Similar Technologies**

* We may use cookies and similar tracking technologies to access or store information.

**6. Data Security**

* We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process.

**7. Data Retention**

* We will only retain your personal information for as long as necessary for the purposes set out in this Privacy Policy.

**8. Privacy Rights**

* Depending on your location, you may have rights under applicable data protection laws in relation to your personal data, such as the right to request access, correction, or deletion of your personal data.

**9. Policy Updates**

* We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible.

**10. Google User Data (Google API Services)**

* When you connect a Google Ads account to Ring Tonic, you authorize us through Google's OAuth consent screen using the `https://www.googleapis.com/auth/adwords` scope. Ring Tonic's access to and use of information received from Google APIs adheres to the [Google API Services User Data Policy](https://developers.google.com/terms/api-services-user-data-policy), including the Limited Use requirements.
* **Google data we access.** Only for the Google Ads account(s) you explicitly select, we access: the list of Google Ads accounts your Google login can manage (account IDs and account names), each account's conversion-tracking settings, and each account's conversion actions. We do not access Gmail, Google Drive, Google Contacts, or any other Google service.
* **How we use it.** We use this data solely to (a) let you choose which Google Ads account to connect, (b) map your pipeline stages to your existing Google Ads conversion actions, and (c) upload offline ("click") conversions to that account so your inbound calls and contacts can be attributed to the campaigns, ad groups, and keywords that generated them. We do not use Google user data for any other purpose.
* **What we store.** We store your Google OAuth tokens in encrypted form, the Google Ads customer IDs you connect, your conversion mappings, and records of conversion-upload attempts. Personal identifiers such as email address and phone number are hashed before they are sent to Google and are redacted from any stored API responses; we do not retain raw Google user identifiers.
* **What we send to Google.** When a contact advances through your pipeline, we upload an offline conversion to your own Google Ads account containing the conversion action, conversion value and currency, a timestamp, an order ID, hashed email/phone identifiers, the ad click identifiers (gclid, gbraid, or wbraid), and your configured consent signals.
* **Sharing.** We do not sell Google user data, do not use it for advertising or to train artificial-intelligence or machine-learning models, and do not transfer it to third parties except (i) to Google as described above, (ii) to service providers that operate our Service under confidentiality obligations, or (iii) when required by law.
* **Your control.** You can disconnect your Google Ads account at any time from **Settings → Integrations → Google Ads** in Ring Tonic, which stops all further access and removes the stored tokens. You can also review or revoke Ring Tonic's access from your [Google Account permissions](https://myaccount.google.com/permissions) page.

**11. Google Calendar (Google API Services)**

* When you connect a Google Calendar account to Ring Tonic, you authorize us through Google's OAuth consent screen using the `https://www.googleapis.com/auth/calendar.events` and `https://www.googleapis.com/auth/calendar.readonly` scopes. Ring Tonic's access to and use of information received from Google APIs adheres to the [Google API Services User Data Policy](https://developers.google.com/terms/api-services-user-data-policy), including the Limited Use requirements.
* **Google data we access.** Only for the Google account the workspace owner explicitly connects, we access: the connected account's primary calendar, whose calendar ID (which Google sets to the account email) we use as a display label and connection health check; and free/busy availability for the specific time window of a requested appointment. The free/busy lookup returns only free/busy time ranges — not event titles, attendees, or any other event content. We do not list or read other people's events, we do not access any calendar other than the connected account's calendar, and we do not access Gmail, Google Drive, Google Contacts, Google Photos, or any other Google service.
* **How we use it.** We use this data solely to (a) label the connected calendar in your settings, (b) check availability for a requested time slot so our AI Agent call-flow node can detect scheduling conflicts, and (c) create the single appointment event the caller requested on your primary calendar. We do not use Google user data for any other purpose.
* **Limited Use and human access.** Our use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements. We do not allow our personnel to read your Google Calendar data except where you have given affirmative consent, where necessary for security, to comply with applicable law, or where the data is aggregated and used for internal operations in accordance with the Limited Use requirements.
* **What we store.** We store your Google OAuth refresh token and latest access token in encrypted form, along with the access-token expiry, the connected account email, the calendar ID, which user connected the integration, the connect and disconnect timestamps, and the connection's health status. We retain this data while the integration is connected and until it is no longer needed to provide the booking feature; when it is no longer needed we delete or destroy it. To fully revoke Ring Tonic's access and invalidate the stored tokens at any time, remove Ring Tonic from your [Google Account permissions](https://myaccount.google.com/permissions) page.
* **What we send to Google.** When a caller confirms an appointment, we create one event on your connected account's primary calendar containing a title ("Appointment with {caller name}", or "Appointment (AI booking)" when no name was captured), a description with the caller's name, phone number, and any optional booking notes, and the start and end times in your workspace's configured timezone. We do not add attendees and do not send email invitations. Caller-provided details written into the event are handled in accordance with our caller-facing privacy terms and call-consent practices.
* **Sharing.** We do not sell Google user data, do not use it for advertising or to train artificial-intelligence or machine-learning models, and do not transfer it to third parties except (i) to Google as described above, (ii) to service providers that operate our Service under confidentiality obligations, or (iii) when required by law.
* **Changes to this policy.** If we change how Ring Tonic uses Google user data, we will notify you and ask you to consent to the updated privacy policy before the new use takes effect.
* **Your control.** You can disconnect your Google Calendar at any time from **Settings → Integrations → Google Calendar** in Ring Tonic, which immediately stops all further access; Ring Tonic makes no further Google Calendar calls for your workspace and no longer uses the stored tokens. To fully revoke Ring Tonic's access and invalidate the stored tokens at Google, review or remove Ring Tonic's access from your [Google Account permissions](https://myaccount.google.com/permissions) page.

**12. Contact Us**

* If you have questions or comments about this policy, you may [email us](mailto:me@phuclh.com).
