Last Updated: June 26, 2026
Website: https://hicira.com
Service Provider: Crafted Labs Holdings Inc. ("Cira," "we," "us," "our")
Cira provides AI-powered call answering and receptionist services. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use the Cira Service ("Service").
By using Cira, you agree to the practices described in this Privacy Policy.
We collect information you provide directly, including:
When callers interact with Cira, we may collect:
We collect analytics about how you use Cira, including:
When customers send images via text message, we collect:
Customer-submitted images are processed through automated content moderation systems to detect prohibited or illegal content before being displayed to business owners.
If you connect third-party services, we may access limited data as necessary to perform the integration you enabled. You control what services are integrated and what permissions are granted.
If you connect a Google account or Google Workspace service, Cira may collect and process the following Google user data, depending on the permissions you approve:
We access Google user data only after you choose to connect a Google integration and authorize the requested permissions. Cira's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We use your information for the following purposes:
(We do NOT use your data to train any AI or machine learning models.)
Google user data is used only to provide and improve user-facing features you have enabled, such as calendar availability checks, appointment booking, rescheduling, notifications, synchronization, troubleshooting, and security. We do not use Google user data for targeted advertising, personalized advertising, retargeting, selling to data brokers, credit-worthiness decisions, lending purposes, creating unrelated databases, or training AI or machine learning models.
Cira retains customer call data—including recordings, transcripts, logs, and call metadata—for 30 days, after which it is permanently deleted.
You may export data at any time before deletion.
We may retain limited records (e.g., billing, audit logs) for legal or operational reasons.
When you disconnect a third-party integration or remove access permissions, including access permissions for Google Workspace APIs, Cira immediately deletes the integration data and access tokens stored by Cira for that integration.
Google user data and Google OAuth tokens are retained only for as long as needed to provide the connected integration or as required for legal, security, or operational purposes. Cached Google Calendar data is deleted from active systems when the integration is disconnected, permissions are revoked, or the account is deleted, subject to limited backup, audit-log, and legal-retention obligations.
We do NOT sell customer data.
We do NOT sell Google user data, and we do NOT share Google user data with third parties for advertising, marketing, retargeting, or data broker purposes.
Cira collects mobile phone numbers and SMS data to provide text messaging services, including sending appointment links, booking confirmations, service information, and business notifications.
Mobile phone numbers and SMS communication data collected through Cira are not shared with third parties for marketing or promotional purposes.
You may opt out of SMS messages at any time by replying STOP to any message. For help, reply HELP or contact support@hicira.com.
We share data only with:
We use third-party vendors to operate the Service, including:
These providers may process data solely to operate Cira. Service providers are permitted to process Google user data only as necessary to provide infrastructure, security, communications, AI message processing, scheduling, support, or other enabled Service functionality on our behalf.
If you enable integrations:
We send and receive data only as necessary to operate those integrations.
For Google integrations, Cira shares or transfers Google user data only when necessary to provide the user-facing feature you enabled, to comply with law, to protect rights and security, or with your direction or consent.
We may disclose information when required to:
Call recording is enabled by default.
Cira includes an automated greeting informing callers that the call may be recorded.
However:
You are responsible for complying with federal, state, and local call recording laws, including all-party consent requirements.
You can modify the greeting or disable recording within your settings.
Cira is not liable for your failure to comply with applicable laws.
You may:
To exercise any rights, contact: support@hicira.com
Cira uses modern, industry-standard security practices, including protections for Google user data:
We are not yet SOC 2 certified, but we implement strong security measures consistent with SOC 2 principles.
No system can guarantee absolute security.
Cira is not intended for children under 18 and does not knowingly collect their data.
Cira is designed for U.S.-based businesses and callers.
If you use the Service from outside the U.S., you consent to transferring your data to the United States.
You own:
We own:
You grant us a license to process your data solely to operate and improve the Service, subject to this Privacy Policy, including our commitments regarding integration data and AI model training.
If you follow links to third-party websites or services, their policies apply.
We may update this Privacy Policy at any time.
If changes are material, we will notify you by email or dashboard notification.
Your continued use of the Service after changes means you accept the updated policy.
This Privacy Policy is governed by the laws of the State of Washington.
Crafted Labs Holdings Inc.
Attn: Cira Privacy
Email: support@hicira.com
Website: https://hicira.com