LUNAPhone.AI Privacy Policy

Last Updated: December 8, 2025

Introduction

LUNAPhone.AI LLC ("LunaPhone," "we," "us," or "our") is committed to protecting the privacy of our business clients and their patients. This Privacy Policy explains how we collect, use, and safeguard information in connection with our AI receptionist services.

Information We Collect

From Our Business Clients (Healthcare Practices)

• Business contact information (name, email, phone number)

• Practice information (name, address, hours of operation)

• Billing information for service payment

From Callers (Patients)

When patients call a practice using our service, we may collect:

• Phone number (caller ID)

• Voice conversation data (for AI processing)

• Information provided during the call (name, appointment requests, messages)

How We Use Information

We use collected information to:

• Provide AI receptionist services to healthcare practices

• Book appointments on behalf of practices

• Send notifications to practice staff about calls and appointments

• Send appointment confirmations to patients (via email only, with practice consent)

• Improve our services and AI capabilities

• Comply with legal obligations

SMS Notifications

We send SMS notifications to healthcare practice owners and staff who have subscribed to our service. These notifications include:

• Appointment booking alerts

• Prescription refill requests

• Urgent patient messages

• Emergency call alerts

We do not send marketing messages. SMS notifications are transactional and directly related to our AI receptionist service.

To opt out of SMS notifications, contact us at adam@lunaphone.ai or reply STOP to any message.

HIPAA Compliance

LunaPhone.AI is committed to protecting patient health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA). We:

• Deploy our services on HIPAA-compliant infrastructure (Microsoft Azure)

• Maintain a Business Associate Agreement (BAA) with our cloud providers

• Implement appropriate technical safeguards to protect patient information

• Limit access to protected health information to authorized personnel only

Data Security

We implement industry-standard security measures including:

• Encryption of data in transit and at rest

• Secure cloud infrastructure (Microsoft Azure)

• Access controls and authentication

• Regular security assessments

Data Retention

• Call data and transcripts are retained for 90 days for service quality purposes

• Business client information is retained for the duration of the service agreement

• Billing records are retained as required by law

Third-Party Services

We use the following third-party services to provide our service:

• Microsoft Azure - Cloud hosting and AI processing

• Twilio - Telephony and SMS services

• Google Workspace - Calendar and email services

Each provider maintains their own privacy practices and security certifications.

Your Rights

You have the right to:

• Access information we hold about you

• Request correction of inaccurate information

• Request deletion of your information (subject to legal retention requirements)

• Opt out of SMS notifications

If you have questions about this Privacy Policy or our data practices, please contact us:

LunaPhone.AI LLC

Email: adam@lunaphone.ai

Phone: (312) 584-9696

Website: https://lunaphone.ai

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify our business clients of any material changes via email.

LunaPhone AI LLC is registered in the State of Illinois