Privacy Policy

Controller: Solto LLC

Address: 16990 Dallas Parkway, Suite 100, Dallas, Texas 75248

Email (privacy requests): privacy@GoSolto.com

• Scope. This Policy covers information we process about visitors, account owners, admin users, end users invited to an account (e.g., team members), and—in limited cases—consumer contacts that our customers process within the Services (e.g., their leads/clients).
• Controller/Processor. We act as a business/controller for data about our website visitors, prospects, customers, and their account users; and as a service provider/processor for content our customers choose to store or process in the Services (e.g., contact lists, messages, call/SMS records, uploaded media, AI prompts/outputs).

A. Information You Provide

• Account & profile. Name, email, password, phone, company, role, preferences.
• Billing & transactions. Payment method tokens, last4, billing address, subscription plan, invoices, refunds, charge status (card data processed by Stripe; see §8).
• Customer support & communications. Messages, tickets, call/chat transcripts (including AI agent chats), feedback, survey responses.
• Content you upload or connect. Files, media, images, documents, templates, forms, custom fields, integrations, webhooks, notes, tags.
• Communications & marketing. Email/SMS opt-in status, campaign interaction, unsubscribe preferences.
• Telephony & messaging. Call/SMS/MMS metadata and content, voicemail, recordings, transcriptions (where enabled), caller ID, routing details.
• AI features. Prompts, inputs, context provided to AI tools, and the resulting outputs.
• Brokerage-related (if you also participate in the brokerage). Real estate license details, W-9, E&O documents, escrow and Commission Disbursement Authorizations (CDAs), and—if necessary for payouts or compliance—driver's license and Social Security Number (SSN). (Brokerage operations are primarily governed by separate agreements.)

B. Information Collected Automatically

• Usage data. App activity, feature usage, settings, log files, timestamps, referring/exit pages, error/crash data.
• Device & network. IP address, device identifiers, browser type/version, OS, language, time zone, screen size, mobile carrier, approximate location (derived from IP).
• Cookies & similar technologies. Cookies, pixels, local storage, tags/SDKs, and session telemetry (e.g., page views, clicks). See §10.

C. Information From Third Parties

• Single sign-on & integrations. If you connect third-party services (e.g., calendars, email, storage), we receive data needed to enable the connection.
• Payment processors. Limited billing/transactional data from Stripe (status, last4, card brand—no full card numbers).
• Advertising & analytics partners. Audience/interest segments, campaign performance, and conversion data (aggregated or pseudonymous).

1. Provide and operate the Services (create accounts, authenticate users, deliver features, maintain your subaccount and workspace).
2. Process transactions (subscriptions, invoices, refunds, taxes) via Stripe.
3. Secure, troubleshoot, and improve the Services (monitoring, debugging, error reporting, quality assurance).
4. Enable communications (email, in-app, calls, SMS/MMS), including marketing texts/emails where you've consented or where permitted by law.
5. Support & training (responding to tickets, diagnostics, demos, onboarding).
6. AI features (generate content, summarize/transcribe audio where enabled, classify or route communications, assist with automations).
7. Analytics & research (aggregate/pseudonymous insights on feature adoption and performance).
8. Compliance & enforcement (detect/prevent fraud, abuse, spam; comply with legal obligations and enforce agreements).
9. Business operations (accounting, audits, reporting, mergers/acquisitions due diligence).

Customer content is stored within each customer's subaccount/workspace. Solto has administrative access to all customer subaccounts and their stored information for security, support, maintenance, troubleshooting, abuse prevention, billing, and legal compliance.

While our operations are US‑focused, when a legal basis is required, we rely on: contract (to deliver the Services you request), legitimate interests (e.g., security, improvement), consent (e.g., certain cookies/ads; SMS marketing where required), and legal obligations (e.g., tax, accounting, lawful requests).

• What's involved. If you use AI features, your inputs (e.g., prompts, messages, files, call audio) and outputs may be processed by Solto systems and third‑party AI providers to generate results, perform transcriptions/summaries, classify content, or automate workflows.
• Provider practices. Third‑party AI providers may temporarily retain inputs/outputs for abuse monitoring, diagnostics, or to comply with law. Where provider settings allow, we aim to disable training on your data; however, providers' retention practices may vary.
• Customer responsibility. Do not input data you are not authorized to process. If you process personal data of your leads/clients in AI features, you must provide your own notices and obtain any required consents.

• We use Stripe as our payments processor. We do not store full payment card numbers. Stripe processes card data and provides us with limited information (e.g., last4, brand, expiration, tokens) and transaction outcomes.
• We accept any payment methods that Stripe supports and makes available in your region.

• Consent & compliance. By providing a phone number and opting in, you agree to receive marketing and service messages (including autodialed or prerecorded) from Solto at that number. Message and data rates may apply. Message frequency varies.
• Opt‑out. You can reply STOP to opt out of marketing texts and HELP for help. We may still send you non‑marketing, transactional messages (e.g., account/security alerts).
• Campaign policies. You must have appropriate consent for any consumer communications you send through the Services to your contacts. You are responsible for your compliance with TCPA, CTIA, and carrier rules.
• SMS data privacy. Solto, LLC values your privacy and is committed to not selling, sharing, or otherwise disclosing your opted-in SMS information to third parties. Your phone number and any information related to your SMS subscription will not be shared with any external entities, unless required by law or in connection with a legal obligation.

• We use cookies, pixels, tags/SDKs, device identifiers, and similar technologies for authentication, preferences, performance, analytics, and advertising/retargeting (including cross‑site, cross‑device, and interest‑based ads).
• Your choices. You can control cookies at the browser/device level (e.g., block/clear cookies, limit ad tracking, reset IDs). Some features may not function without certain cookies.
• Targeted advertising. We use major ad platforms for measurement and retargeting. Depending on your state, targeted advertising may be categorized as a form of "sale" or "share" of personal information. We do not provide a Do Not Sell/Share link at this time; you may use browser/device settings, platform‑specific ad settings, or contact us to exercise choices available to you under applicable law.

1. Service providers. To vendors who process data for us (e.g., hosting, security, email/SMS delivery, analytics, support) under appropriate contractual safeguards.
2. At your direction. When you integrate or connect third‑party tools, we disclose data as necessary to enable the connection.
3. Legal, safety, and enforcement. To comply with law or lawful requests; to protect rights, safety, and property (ours, yours, or others); to detect/prevent fraud, abuse, or security incidents; and to enforce agreements or policies.
4. Business transfers. In connection with or during negotiations of any merger, financing, acquisition, reorganization, sale of assets, or transition of service to another provider.
5. Aggregated/de‑identified data. Shared for analytics and improvement, not to identify you.

We do not sell personal information for money. We engage in advertising/retargeting uses that some laws may categorize as "sale" or "sharing" (see §10).

We retain personal information for as long as your account is active or as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Typical retention horizons (subject to change based on settings, legal, and operational needs):

• Account/profile & subscription records: for the life of the account plus a reasonable period (e.g., 2–7 years) for tax/audit.
• Content within subaccounts (e.g., messages, files, call/SMS records): until you delete it or your admin configures retention; certain system logs/backups may persist for limited periods (e.g., ~30–180 days).
• Telemetry & security logs: commonly 12–24 months.
• Marketing data: while you remain subscribed/engaged or until you opt out, plus a reasonable period to maintain suppression lists.

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information, including encryption in transit, access controls, environment isolation, vulnerability management, and auditing. No system is perfectly secure; you are responsible for maintaining the confidentiality of your credentials and for securing your devices.

Depending on your state, you may have rights to:

• Know/Access categories or specific pieces of personal information we maintain about you;
• Correct inaccurate personal information;
• Delete personal information (subject to lawful exceptions);
• Opt out of targeted advertising or certain profiling/automated decision‑making; and
• Receive information about our data practices.

Requests. Email us at privacy@GoSolto.com with your name, account email, and state of residence, and describe your request. We will verify your identity (and authority, if you are an authorized agent) before fulfilling a request. We will respond within timeframes required by applicable law. If your request is denied, you may have the right to appeal; appeal instructions will be provided in our response.

Sensitive information. Where required, we will obtain consent or provide additional notices before processing sensitive personal information (e.g., driver's license, SSN for brokerage payouts/compliance).

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.

We are US‑based and currently do not participate in the EU‑US/UK‑US Data Privacy Framework programs. If data is transferred from other regions to the US, we will use appropriate safeguards as required by applicable law or process the data as a service provider on your instructions.

• Access & roles. Workspace administrators control user access/permissions within the subaccount and may access, export, or delete content associated with your user.
• Retention & deletion. Admins may configure retention or delete content; deletion may be delayed or limited by backup/archival and legal requirements.
• Integrations. When admins enable integrations, related data may be disclosed to the integrated services under their terms/policies.

Browser‑level signals such as DNT and GPC may impact certain tracking depending on your settings and applicable state laws. You can also manage preferences through your browser/device and ad platform settings (see §10). For additional requests, contact privacy@GoSolto.com.

The Services may link to or integrate with third‑party websites, apps, or services. We are not responsible for their content or privacy practices. Review their privacy policies before providing any information.

We may update this Policy from time to time. We will post the updated Policy with a new Effective Date. If changes materially affect your rights or how we use personal information, we will provide additional notice where required.

A. If You Also Participate in Solto's Brokerage

Brokerage‑specific data practices (e.g., license verification, W‑9/SSN for tax reporting, E&O, escrow/CDAs) are primarily governed by the Independent Contractor Agreement and brokerage policies. This Privacy Policy continues to apply to your use of the software/SaaS.

B. California/State‑Law Notice (Summary)

We collect identifiers, commercial information, internet/network activity, geolocation (approximate), audio/electronic data (e.g., call recordings where enabled), professional information, and in limited cases sensitive information (e.g., SSN/ID for brokerage payouts). We use and disclose these categories for the purposes described above. We do not sell personal information for money; we engage in targeted advertising as described in §10. You may exercise applicable state privacy rights by contacting privacy@GoSolto.com.