Legal

Privacy Policy

Last updated: March 24, 2026

The short version: We don't sell your data. We don't share it with advertisers. We collect only what's needed to deliver our service, we keep it secure, and you can ask us to delete it anytime.

Who We Are

GrayMirror AI, operated by Palindrome LLC ("we," "us," "our"), provides AI-powered automation services for businesses, including lead response, appointment booking, and follow-up systems. This policy covers how we handle data for both our direct clients (business owners) and their customers (end users who interact with our systems via SMS or web forms).

What We Collect

From business clients:

Contact information (name, email, phone number)
Business details (business name, industry, services offered)
Calendar availability and scheduling preferences

From end users (your customers):

Contact information submitted through web forms (name, email, phone number)
Service requests and messages submitted through forms
SMS conversation content exchanged with our AI assistant
Appointment booking details

Automatically collected:

Timestamps of form submissions and messages
Basic usage data for system performance monitoring

How We Use Your Data

We use collected data for one purpose: delivering the service you or your business signed up for. Specifically:

Responding to customer inquiries via SMS
Qualifying leads and booking appointments
Sending appointment confirmations and reminders
Generating performance reports for business clients
Improving the quality and accuracy of our AI responses

We will never sell, rent, or trade your personal data to third parties. Period.

Who Has Access to Your Data

Your data is accessible only to:

You (or the business that serves you)
GrayMirror AI - our team, strictly for service delivery and support
Service providers we rely on to operate (listed below) - only to the extent necessary for functionality

Our service providers include:

Twilio - for sending and receiving SMS messages
Anthropic (Claude AI) - for AI-powered conversation processing
Google - for calendar integration and data storage
Hetzner - for secure server hosting

Each of these providers has their own privacy policies and security practices. We select providers with strong data protection standards.

How We Protect Your Data

All data is transmitted over encrypted connections (HTTPS/TLS)
Our servers are hosted in secure, access-controlled data centers
Access to data is restricted to authorized personnel only
We regularly review and update our security practices

SMS Messaging

Program name: GrayMirror AI Appointment Scheduling

Our systems send SMS messages only to individuals who have explicitly opted in through a web form with a clear consent checkbox, in compliance with the Telephone Consumer Protection Act (TCPA). We maintain timestamped records of all opt-in consent.

Message frequency: Message frequency varies. You may also receive up to 2 follow-up messages if a conversation goes inactive.

Message and data rates may apply. Check with your carrier for details.

Opt-out: Reply STOP to any message to immediately stop receiving messages. We honor all opt-out requests immediately.

Help: Reply HELP to any message to receive support contact information, or contact us at [email protected] or (808) 315-4029.

We do not send marketing or promotional messages. All SMS communication is directly related to the service inquiry the customer initiated. We do not send messages before 8:00 AM or after 11:00 PM in the recipient's local time zone.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.

Your Rights

You have the right to:

Access - Request a copy of any personal data we hold about you
Correction - Ask us to correct any inaccurate data
Deletion - Ask us to delete your personal data from our systems. We will remove your data from our servers, databases, and logs. We will also request deletion from our third-party service providers where applicable.
Opt-out - Stop receiving SMS messages at any time by replying STOP, or by contacting us directly

To exercise any of these rights, contact us using the information below. We aim to respond to all requests within 48 hours.

Data Retention

We retain client data for the duration of our service relationship. When a business client ends their service with us, we delete their data and their customers' data within 30 days unless otherwise requested.

End user data (form submissions, SMS conversations) is retained for the purpose of ongoing service delivery and reporting. Upon request, we will delete specific records promptly.

Children's Privacy

Our services are not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.

Changes to This Policy

If we make meaningful changes to this privacy policy, we will notify our business clients via email before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

Contact Us

If you have questions about this privacy policy, want to exercise your data rights, or have any privacy concerns, reach out:

Email: [email protected]
Phone: (808) 315-4029
Web: graymirror.ai