Privacy Policy

Wavelength AI is a product brand operated by SG AI Labs LLC (collectively, "we", "us", "our"). When you sign up as a business customer, "you" refers to the business and its authorized administrators. When an end-customer of yours calls your phone line, that person is a "Caller" and we process their information on your behalf as your service provider.

You can reach us at support@wavelength-us.com.

We collect three categories of information:

• Account information — your name, email address, business name, business phone numbers, billing address, and any optional information you provide while configuring the service.
• Call data — caller phone number, call timestamps, call audio (briefly, in transit, for transcription), call transcripts, agent decisions, tool calls (bookings, orders, transfers), and any data your integrated POS / scheduling system returns to us.
• Usage and operational telemetry — service errors, latency metrics, authentication events, abuse-detection signals (e.g. spam-call evaluation results), and similar information needed to operate the service.

We do not knowingly collect information from minors. If you believe a Caller was a minor and you would like that interaction removed from our systems, contact us at the email above.

We use the information described above to:

• Operate Milo — answer calls, transcribe speech, generate replies, and execute the tool calls you authorize (book appointments, place orders, transfer calls).
• Provide the dashboard and admin tools you use to monitor and override calls.
• Bill you for usage, including overage usage above your plan cap.
• Detect and prevent abuse, fraud, and spam (e.g. robocall blocking).
• Improve service reliability, including reviewing failed calls for quality assurance.
• Respond to your support requests.

We do not sell your data or your Callers' data. We do not use call audio or transcripts to train third-party foundation models without your express written consent.

Milo relies on third-party providers to deliver the service. By using the service you authorize us to share the minimum information required with these providers for them to perform their function:

• Twilio — telephony, SMS, and number lookup.
• AssemblyAI — speech-to-text transcription.
• Anthropic — language-model inference for the conversational agent.
• Cartesia — text-to-speech voice generation.
• Google Firebase / Firestore — data storage, authentication.
• Stripe — billing and payments.
• Square / Toast / Calendly — only when you connect the integration; we send and receive booking, menu, and order data with these systems on your behalf.

Each provider operates under its own privacy terms. We choose providers that meet industry-standard security practices, but we do not control their independent processing.

We retain account information for as long as your account is active and for a reasonable period afterward to comply with legal, tax, and accounting obligations. Call audio is ephemeral — we hold it only briefly in transit for transcription and do not persist raw audio by default. Call transcripts and call records are retained for the duration of your account or until you request deletion, whichever is shorter.

Depending on where you and your Callers are located, you may have rights under laws such as the GDPR (Europe) or the CCPA / CPRA (California). These typically include the right to access, correct, delete, port, or restrict our processing of personal information, and the right not to be subject to discriminatory treatment for exercising these rights.

To exercise these rights, contact us at support@wavelength-us.com. We respond within thirty (30) days. See also the GDPR page for European-specific guidance.

We use TLS in transit, encrypted storage for sensitive credentials (OAuth refresh tokens, integration secrets), least-privilege internal access controls, and routine monitoring for unauthorized activity. No system is perfectly secure; you accept that security incidents are possible and that our liability is limited as described above.

Some jurisdictions require notice to one or both parties before a call is recorded or transcribed. You are responsible for ensuring that Milo's operation on your phone line complies with the recording and disclosure laws applicable to your location and your Callers' locations. We provide configurable recording disclosures in the dashboard but make no representation that any default configuration satisfies the law applicable to you.

When a Caller engages with Milo during a phone call — for example, placing a phone order or requesting a Calendly booking — Milo may offer to send the Caller a text message containing a transactional link (a Square or Toast payment link, a Calendly scheduling link, or similar). SMS is delivered via Twilio.

Consent capture. Before any such message is sent, Miloasks the Caller for verbal consent on the live call ("Want me to text the link to this number? You'll get one message — reply STOP to opt out."). The Caller's agreement is recorded with the call ID, the consenting phone number, a timestamp, the source ("verbal"), and a short transcript snippet — both for audit and so that subsequent messages can verify consent is on file before sending.

Message frequency. Transactional only. Milo does not send marketing, promotional, or recurring SMS. A typical Caller receives one message per order or booking they initiated on the call.

Message and data rates may apply per the Caller's carrier and plan.

Opt-out (STOP). A Caller may reply STOP, STOPALL, UNSUBSCRIBE, CANCEL, END, or QUIT to any message to unsubscribe. We honor opt-outs immediately and platform-wide — once recorded, the same phone number stops receiving SMS from every business using Wavelength AI. We send a one-time confirmation message ("You have been unsubscribed and will receive no more messages") in response. Opt-out records are retained indefinitely.

SMS support. For help with SMS, email support@wavelength-us.com.Wavelength AI does not operate Milo as a two-way SMS conversation channel; messages other than STOP-class keywords receive no automated reply.

No sharing of mobile data with third parties for marketing. We will not share your phone number or SMS opt-in data with third parties or affiliates for marketing or promotional purposes. Mobile information collected in connection with SMS consent — including phone numbers, consent timestamps, and the consent transcript — is used solely to operate the SMS feature (delivering the transactional message you authorized on the call, honoring STOP opt-outs, and maintaining the audit log required by carriers and regulators) and is shared only with the sub-processors listed in Section 4 strictly as necessary to deliver that single message (e.g. Twilio for carrier delivery).

As stated at the top of this policy: Wavelength AI and SG AI Labs LLC are NOT liable for any losses your business incurs due to the operation of Milo. This includes — without limitation — losses from incorrect bookings, missed appointments, mis-priced orders, wrong addresses, food allergies missed in notes, transfers to the wrong number, calls that should have been transferred but were not, calls that were rejected as spam, calls that were not rejected as spam, downtime, third-party-provider outages, integration failures, billing errors, or any other operation of the service. Our maximum aggregate liability is the fees you paid to Wavelength AI in the three (3) months immediately preceding the event.

You are responsible for human oversight of the agent. Milo is a tool; you are the operator. Continued use of the service constitutes your acceptance of this allocation of risk.

We may update this policy from time to time. The "Last updated" date at the top reflects the current revision. When we make material changes we will surface the new policy in the dashboard and require re-acceptance.

SG AI Labs LLC — operating the Wavelength AI brand — can be reached at support@wavelength-us.com.