Privacy policy

RemoteAmbition, LLC, doing business as Mercateer ("Mercateer"), provides an AI receptionist and answering service for businesses: it answers their phone calls, web chats, and text messages, gives price estimates, and books jobs on their calendar.

We handle personal information in two different roles. For our website, marketing, and the account information of the businesses that buy Mercateer, we decide how data is used: we act as the data controller. For the content that flows through the service on a customer’s behalf (call recordings, transcripts, messages, and booking details, together "service data"), the business you called or messaged decides how that data is used: that business is the controller and Mercateer is its processor, acting under our customer agreement and data processing agreement.

If you called or messaged a business that uses Mercateer and you want to know how that business uses your information, their privacy notice is the governing document. We describe below what service data we handle for them, and we will help route any request you send us to the right business.

Account and billing information: name, work email, company details, and payment information when a business signs up. Payments are processed by our payment provider; we do not store full card numbers.

Service data, processed on behalf of our customers: call audio recordings, machine-generated transcripts and summaries, voicemail, call metadata such as the caller’s phone number and the time and duration of the call, text message and web chat content, booking and job details, and pricing information drawn from the customer’s own price book.

Website and product usage information collected automatically: device and browser type, pages visited, and interactions with the product, used to keep the service secure and to understand how it is used. See the cookie policy for the specific technologies involved.

People sometimes volunteer sensitive details on calls to a business, for example health conditions, payment details, or property access information. We do not ask for this data for our own purposes; where it arrives, it is handled as service data under the controlling business’s instructions and the protections described in this policy and our data processing agreement.

Voice audio is processed for one purpose: so the agent can understand the caller, respond on the business’s behalf, and produce transcripts and summaries for the business.

Mercateer does not create voiceprints, does not use voice data to identify or authenticate individuals, and does not clone caller voices. The agent speaks with pre-set synthetic voices.

We collect information directly from you (signing up, contacting us), automatically from your device when you use our website or product, and from integrations a customer connects, such as their calendar or CRM.

Caller and end-customer information reaches us indirectly, through the phone lines, chat widgets, and text threads of the businesses that use Mercateer. The agent identifies itself as an AI assistant at the start of the interaction, and a recording disclosure is played where the business has enabled it; businesses are required to keep recording disclosures enabled wherever the law requires them, and their own privacy notices apply alongside this policy.

To deliver the service to our customers, including answering, transcribing, quoting, and booking on their instructions. Legal basis: performance of our contract with the customer, with Mercateer acting as processor for service data.

To manage accounts, billing, and support. Legal basis: performance of a contract and compliance with legal obligations such as tax and accounting rules.

To secure the service, prevent fraud and abuse, and debug problems. Legal basis: our legitimate interest in running a safe, reliable service.

To market Mercateer to prospective business customers, with an opt-out in every message. Legal basis: legitimate interest, or consent where the law requires it.

To improve the service, including training the AI models that power it, using de-identified and aggregated information as described in "How we use data to improve our AI" below. Legal basis: our legitimate interest in improving the service, and our customers’ instructions under the data processing agreement. We do not use service data to profile individual people across customers.

An AI system answers the calls, chats, and texts that the service handles. It transcribes the conversation, answers questions using the content the business has configured, proposes price estimates using available pricing information (such as the business’s price book and typical rates for the region and trade), and books appointments into the business’s calendar.

The AI does not make decisions with legal or similarly significant effects about callers: quotes are estimates, and bookings and quotes are subject to the business’s confirmation. A caller can always ask for a human, request a callback, or contact the business directly.

We use service data, including call recordings, transcripts, and messages, to train and improve the AI models that power Mercateer. Before data is used for training, we de-identify it: names, phone numbers, and other direct identifiers are removed.

Training happens in-house, for one purpose: making the service better for our customers. We do not sell models trained on customer data, expose them to third parties, or build them in a way that could reveal one customer’s information to another.

Customers can opt their workspace out of model training at any time by contacting [email protected]; opting out does not affect the core service.

Our agreements with the third-party AI providers we use prohibit them from using customer or caller data to train their own models, and limit any retention by those providers to short periods needed to provide the service and for safety and abuse monitoring.

We share information with subprocessors that help us run the service, under contracts that impose data protection obligations no less protective than ours. The current list, including each provider’s purpose and location, is published at mercateer.com/legal/subprocessors, and the data processing agreement describes how customers are notified of changes.

We may also share information with professional advisors, to comply with law or valid legal process, to protect the rights and safety of Mercateer, our customers, and the public, or as part of a corporate transaction such as a merger or acquisition, in which case this policy continues to apply until you are told otherwise.

We do not sell personal information, we do not share service data for cross-context behavioral advertising, and text message opt-in data and consent are never shared with third parties or affiliates for their marketing.

Mercateer is operated from the United States and our subprocessors process data primarily in the United States, including AI processing of call and message content.

Where personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland, we rely on the European Commission’s Standard Contractual Clauses, supplemented by the UK Addendum and Swiss adaptations where applicable. You can request a copy of the relevant safeguards through the contact options below.

Service data is retained for as long as the customer’s account is active, so the business can review its calls, transcripts, and bookings. When a customer deletes specific data, we delete it within 30 days. When an account is closed, the customer has 30 days to export its data; we then delete the associated service data within 30 days after that export window ends, and copies in encrypted backups are purged within 90 days.

Account and billing records are kept for the life of the account plus the periods required by tax, accounting, and other laws. Marketing data is kept until you opt out or ask us to delete it.

These periods match the commitments in our terms of service and data processing agreement.

Depending on where you live, you may have the right to access, correct, export, restrict, object to the processing of, or delete your personal information, to withdraw consent, and to complain to your data protection authority. We respond to requests within the time the law requires, generally within 30 days.

If you called or messaged a business that uses Mercateer, we act as that business’s processor: we will forward your request to the business within 5 business days and carry out its instructions, including deletion. You can also contact the business directly, which is usually faster. The end user terms at mercateer.com/legal/end-user-terms describe the assistant’s role when you call, chat, or text a business.

If you live in California or another US state with a privacy law, you may have rights to know, correct, and delete personal information, to opt out of sales, sharing, and targeted advertising, and to limit the use of sensitive personal information. The categories of personal information we have collected and disclosed for business purposes in the preceding 12 months are those described in "Information we collect" and "How we share information" above.

We do not currently sell personal information or share it for cross-context behavioral advertising, and we do not use or disclose sensitive personal information for purposes other than those permitted by law, so there is currently no sale, sharing, or sensitive-use to opt out of or limit; if that changes, we will update this policy and provide the required opt-outs first. We honor Global Privacy Control signals by keeping analytics off for browsers that send them, our practices do not otherwise vary in response to Do Not Track signals, and we do not discriminate against you for exercising your rights.

You can submit requests through either contact method listed at the end of this policy, including through an authorized agent; we verify requests before acting on them.

Texts sent through the service are sent on behalf of the business you contacted, in response to your own call or message, for example a missed-call text-back or a booking confirmation.

You can opt out of texts from a business at any time by replying STOP, which stops further texts from that business’s number, or get help by replying HELP. Message and data rates may apply. Phone numbers and opt-in data collected for texting are never shared with third parties for their marketing.

We protect personal information with technical and organizational measures appropriate to the risk, including encryption in transit and at rest, access controls on a least-privilege basis, multi-factor authentication for our systems, logging and monitoring, and security review of the vendors we use.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work to protect your information and to notify affected parties as required by law if an incident occurs.

Our website and platform are designed for businesses and are not directed to children, and we do not knowingly collect personal information from children for our own purposes. If a child calls a business that uses Mercateer, that audio is handled as service data on the business’s behalf. If you believe a child has provided us personal information directly, contact us and we will delete it.

Our use of cookies and similar technologies is described in the cookie policy, which lists each cookie, what it does, how long it lasts, and the consent and opt-out controls available, including the "Manage cookies" link in the footer of this site.

We will post any changes to this policy on this page and update the date above. For material changes, we will give customers advance notice by email or in the product before the changes take effect.

You can send questions and privacy requests to [email protected] or through the contact form on this site. We route caller requests to the responsible business as described above, and you can also complain to your local data protection authority.