Effective Date: May 27, 2026
Last Updated: May 27, 2026
Viirtue, Inc., including its affiliates, subsidiaries, and related entities, if any, referred to in this Privacy Policy as “Viirtue,” “we,” “us,” or “our,” respects your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you visit our websites, use our portals, mobile applications, communications services, AI-enabled features, billing tools, support channels, and related products and services, collectively the “Services.”
This Privacy Policy is intended to describe our privacy practices. Your use of our Services may also be governed by separate agreements, including master services agreements, partner agreements, reseller agreements, data processing addenda, business associate agreements, acceptable use policies, terms of service, order forms, and other contracts. If there is a conflict between this Privacy Policy and a written agreement between Viirtue and a customer or partner, the written agreement controls to the extent of the conflict.
Viirtue provides cloud communications, VoIP, UCaaS, SIP trunking, fax, AI-enabled voice and call intelligence services, and ViiBE, our quote-to-cash, billing, tax, payment, and customer self-service platform.
Because Viirtue works with MSPs, UCaaS providers, resellers, white-label partners, business customers, account administrators, end users, and callers, our role may vary depending on the context.
When we collect information directly from website visitors, prospects, account contacts, administrators, partners, or users for our own business purposes, Viirtue acts as a business or controller under applicable privacy laws.
When we process information on behalf of a customer or partner through the Services, including call records, messages, recordings, transcripts, AI outputs, contact information, billing data, or end-user information, Viirtue generally acts as a service provider, processor, or business associate, as applicable. In those cases, we process the information under our customer’s instructions and applicable contracts.
If you are an end user, caller, employee, customer, or contact of one of our customers or partners, that organization may be responsible for providing you with additional privacy notices and for responding to certain privacy requests.
We may collect the following categories of information, depending on how you interact with us and which Services are used.
Contact and identity information. This may include name, email address, phone number, company name, job title, mailing address, state, country, and information submitted through demo requests, contact forms, support tickets, events, webinars, or sales communications.
Account and login information. This may include usernames, account identifiers, authentication credentials, user roles, permissions, reseller or tenant associations, administrative settings, support history, and security logs.
Commercial, billing, and transaction information. This may include products and services purchased, quote and contract information, subscription details, invoices, usage rating data, payment status, payment method tokens, tax-related information, account balances, billing addresses, purchase history, and customer self-service activity processed through ViiBE.
Communications and telecommunications information. This may include phone numbers, call detail records, call routing data, caller ID, called party information, date and time of calls, call duration, voicemail data, fax data, SMS or messaging metadata and content where applicable, SIP and network logs, E911 address information, number ordering information, and other information needed to provide communications services.
Call recordings, transcripts, AI outputs, and call intelligence data. If enabled by a customer or account administrator, we may process call recordings, transcripts, summaries, speaker labels, sentiment indicators, intent analysis, call outcomes, action items, and other AI-generated insights. These features may be used for call handling, quality assurance, support, training, coaching, compliance, ticketing, scheduling, or other customer-configured workflows.
Customer content and training materials. For AI Voice Agents (A.I.V.A) and other AI-enabled Services, customers may upload, connect, or authorize access to FAQs, SOPs, product catalogs, policies, websites, knowledge base materials, support documents, CRM or PSA data, calendar data, and other content used to configure or operate the Services.
Integration data. If a customer connects third-party systems, we may process data from CRMs, PSAs, help desks, ticketing systems, calendars, payment systems, tax systems, webhooks, APIs, MCP servers, or other integrations as directed by the customer.
Device, usage, and technical information. This may include IP address, browser type, operating system, device type, device identifiers, mobile application identifiers, pages viewed, referring URLs, session activity, log files, error reports, diagnostic data, cookie identifiers, and similar information.
Mobile application contacts information. If you grant permission in a Viirtue, GoVoip, MobileConnect, or successor mobile application, the application may access contacts information from your device, such as names, phone numbers, email addresses, organization, postal address, birthday, or other contact fields made available by your device. We use this information to provide app features such as contact lists, favorites, quick dial, calling, SMS, and related communications functionality.
Support and communications information. This may include support tickets, emails, chat messages, call recordings with support or sales teams, survey responses, feedback, training sessions, troubleshooting details, and information you provide when communicating with us.
Sensitive information. Depending on the Services used, we may process information that certain laws define as sensitive, such as account credentials, payment-related information, precise service location or E911 address information, contents of communications, call recordings, voice data, protected health information, or information processed through regulated workflows. We use sensitive information only as needed to provide the Services, comply with law, secure our platform, or as otherwise permitted by applicable law and customer instructions.
We collect information in the following ways:
From you directly. For example, when you request a demo, create an account, submit a support ticket, use a portal, configure Services, upload content, make a payment, or communicate with us.
From customers, partners, resellers, account administrators, and end users. For example, when they provide or configure information through the Services.
Automatically. For example, through websites, applications, cookies, pixels, logs, device identifiers, network activity, call routing systems, and service usage.
From third parties. For example, from payment processors, tax providers, communications carriers, identity providers, CRM systems, PSA systems, help desks, calendar providers, analytics providers, advertising partners, fraud prevention vendors, security providers, and other service providers or integrations.
From public or business sources. For example, company websites, business directories, social networks, conference attendee lists, or other commercially available sources.
We may use information for the following purposes:
To provide, operate, provision, maintain, and improve the Services.
To create, manage, authenticate, and secure accounts.
To process quotes, contracts, orders, number requests, payments, invoices, taxes, usage rating, and customer self-service transactions through ViiBE.
To route calls, messages, faxes, voicemail, SIP traffic, and other communications.
To provide AI Voice Agents (A.I.V.A), AI Insights, call transcription, summaries, sentiment indicators, caller recognition, workflow automations, ticket creation, scheduling, and related AI-enabled features when enabled.
To configure tenant-specific knowledge bases, call flows, escalation rules, routing rules, allowed actions, and integrations.
To provide customer support, troubleshooting, training, onboarding, implementation, professional services, and account management.
To communicate with customers, partners, prospects, and users about Services, updates, security notices, billing notices, product changes, offers, events, and administrative matters.
To monitor performance, availability, usage, reliability, and security.
To detect, prevent, investigate, and respond to fraud, abuse, spam, illegal activity, security incidents, network misuse, payment risk, and violations of our agreements or policies.
To comply with legal, regulatory, tax, accounting, telecommunications, E911, CPNI, subpoena, court order, law enforcement, and other compliance obligations.
To protect the rights, safety, property, and security of Viirtue, our customers, users, partners, and the public.
To analyze, develop, and improve our Services, including through aggregated, de-identified, or anonymized information.
To conduct marketing, advertising, attribution, and analytics, subject to your choices and applicable law.
Viirtue offers AI-enabled features, including AI Voice Agents (A.I.V.A), AI Insights, call transcription, call summaries, sentiment analysis, caller recognition, workflow automation, and related tools. These features may process call content, caller information, customer knowledge base materials, integration data, recordings, transcripts, summaries, and generated insights.
AI features are configured by customers or account administrators. Customers are responsible for determining whether and how to enable call recording, transcription, sentiment analysis, caller recognition, and automated workflows. Customers are also responsible for providing all notices and obtaining all consents required by applicable law.
Unless expressly authorized by the applicable customer or agreement, Viirtue does not use one customer’s tenant content, call recordings, transcripts, proprietary knowledge base materials, or customer-specific data to train another customer’s tenant, model, or knowledge base.
Viirtue may use aggregated, anonymized, or de-identified information to monitor, secure, improve, and develop the Services, provided the information is not used to identify a specific individual, customer, tenant, or caller.
Where third-party AI providers or subprocessors are used to provide AI-enabled features, we require them to process information only to provide the contracted Services and under applicable confidentiality, security, and data protection obligations.
Customers should not upload sensitive, regulated, confidential, or third-party information into AI features unless they have the necessary rights, permissions, consents, and contractual terms in place.
Certain telecommunications information may be considered Customer Proprietary Network Information, or CPNI, under federal law. CPNI may include information about the quantity, technical configuration, type, destination, location, and amount of use of telecommunications or interconnected VoIP services, as well as related billing information.
We use and disclose CPNI as permitted or required by law, including to provide, bill, maintain, secure, support, troubleshoot, improve, and protect communications services, to prevent fraud or abuse, to comply with legal obligations, and to market services where permitted or with required approval.
We do not use CPNI for unrelated purposes without appropriate authorization where required. Separate CPNI notices, approvals, authentication procedures, or customer choices may apply.
Some customers may use the Services in healthcare or other regulated environments. If Viirtue creates, receives, maintains, or transmits protected health information, or PHI, on behalf of a HIPAA covered entity or business associate, Viirtue will process PHI only as permitted by the applicable business associate agreement and applicable law.
This Privacy Policy does not replace any business associate agreement, data processing addendum, customer agreement, or customer notice of privacy practices. If there is a conflict between this Privacy Policy and a signed business associate agreement for PHI, the business associate agreement controls for that PHI.
Customers are responsible for determining whether HIPAA, state health privacy laws, call recording laws, financial privacy laws, employment laws, or other regulated data obligations apply to their use of the Services.
Our mobile applications may request access to your device contacts to provide calling, messaging, contact list, quick dial, favorites, presence, or similar features. We access contacts only when permission is enabled on your device.
We do not sell device contacts information or use it for third-party advertising. We use contacts information to provide the mobile application features requested by the user or configured by the customer.
You can revoke contacts permissions through your device settings. Certain features may not function properly if contacts access is disabled, but core account access may remain available depending on the application and configuration.
If Gravatar or similar avatar services are enabled, the application may send a hashed version of an email address to retrieve an avatar image. Users or administrators may disable such features where supported.
We and our service providers may use cookies, pixels, tags, scripts, local storage, and similar technologies to operate our websites, remember preferences, secure sessions, analyze traffic, measure campaigns, prevent fraud, and improve user experience.
These technologies may collect device information, IP address, browser type, pages viewed, referring URLs, approximate location, session activity, and similar data.
We may use analytics and advertising partners to help us understand website usage, measure marketing effectiveness, and show or measure ads. Some privacy laws may define certain disclosures of online identifiers to advertising or analytics partners as a “sale,” “sharing,” or “targeted advertising,” even if no money is exchanged.
Manage consent tool. When you visit our website, our Manage consent tool will appear automatically so you can review and choose which categories of cookies and tracking technologies you allow. You can change your preferences at any time by clicking the Manage consent tab on our website, which remains accessible on every page. Through the Manage consent tool you can also exercise applicable opt-out rights, including the right to opt out of “sale,” “sharing,” and “targeted advertising” under U.S. state privacy laws. You can also manage cookies through your browser settings.
Where required by applicable law and technically feasible, we honor legally recognized opt-out preference signals, such as Global Privacy Control.
SMS messaging. Where you provide a mobile phone number and affirmatively opt in to receive SMS messages from Viirtue, we may send transactional, account, support, or marketing SMS messages consistent with your opt-in. We use strict opt-in for SMS: we do not send marketing SMS messages without your prior express consent. You may opt out at any time by replying STOP to any SMS message from Viirtue, or by contacting us at the address in Section 21. After you opt out, we may send a single confirmation message acknowledging the opt-out. Message and data rates may apply. Message frequency varies.
No sharing of mobile opt-in data. Mobile information, including mobile phone numbers and SMS opt-in status, will not be shared with third parties or affiliates for marketing or promotional purposes. Information sharing to subcontractors that support our messaging operations, such as messaging carriers and 10DLC platform providers, is permitted only to the extent necessary to deliver the messages you have opted in to receive.
Email marketing. Where we send marketing or promotional emails, we operate on a strict opt-in basis where required by applicable law and provide a clear unsubscribe mechanism in every marketing email. We use HubSpot to manage marketing communications, including subscription preferences, unsubscribes, and “do not contact” status. You can unsubscribe from marketing emails at any time using the link in the email or by contacting us at the address in Section 21. Transactional and account-related emails, such as billing notices, security alerts, support responses, and service notifications, are not marketing communications and may continue after a marketing unsubscribe.
Choices. See Section 14 for the full list of privacy choices available to you.
We may disclose information to the following categories of recipients:
Customers, partners, resellers, account administrators, and authorized users, based on account structure, permissions, and service configuration.
Telecommunications carriers, VoIP providers, messaging providers, numbering providers, E911 providers, fax providers, and network partners needed to provide communications services.
Cloud hosting, infrastructure, storage, CDN, monitoring, security, authentication, logging, and support providers.
Payment processors, banking partners, tax providers, billing providers, collections providers, and fraud prevention vendors.
AI, transcription, analytics, and automation providers used to provide enabled Services.
CRM, PSA, help desk, ticketing, calendar, webhook, API, and other integration providers, when configured or authorized by a customer.
Professional advisors, auditors, insurers, attorneys, accountants, consultants, and compliance providers.
Marketing, analytics, event, advertising, and communications providers.
Government authorities, regulators, law enforcement, courts, or third parties when required by law, legal process, emergency circumstances, security incidents, fraud prevention, or to protect rights and safety.
Successors or counterparties in a merger, acquisition, financing, restructuring, sale, transfer, bankruptcy, or other corporate transaction involving all or part of our business.
We do not sell personal information for money. We do not share mobile opt-in data with third parties or affiliates for marketing or promotional purposes. We may share limited online identifiers and website activity with advertising or analytics partners in a way that may be considered “sale,” “sharing,” or “targeted advertising” under some privacy laws. You may opt out as described in this Privacy Policy and through the Manage consent tool on our website.
We retain different categories of information for different periods based on the type of information, how it is used, customer configuration, contractual commitments, legal and regulatory requirements, and our legitimate business needs.
Customer account and communications data (NetSapiens-hosted communications services). When a customer cancels service, we open an internal cancellation ticket and hold the associated account in a deprovisioning state for a period of approximately ninety (90) days before deleting customer-configurable data such as user accounts, extensions, domain configurations, voicemail, and similar account artifacts. This hold period exists so that customers who reactivate can resume service without losing their configuration. After the hold period, we delete or de-provision the customer’s account-level data from active production systems.
Call recordings, voicemail, and similar telephony media. Call recordings, voicemail, and similar media are retained according to customer configuration and applicable retention settings. Customers and account administrators are responsible for setting retention periods within the Services consistent with their own legal, regulatory, and recordkeeping requirements. Where call recording is enabled, the customer is responsible for providing all required notices and consents under applicable federal, state, and international call recording laws.
ViiBE (quote-to-cash, billing, tax, and customer self-service). Data stored in ViiBE, including customer records, contacts, quotes, contracts, invoices, payment records, tax records, and related transaction data, is retained for the duration of the partner or customer relationship and for the additional periods required to maintain financial, tax, accounting, and audit records under applicable law.
Partners and account administrators control the deletion of data they manage in ViiBE through self-service tools available within the platform. These tools allow partners and administrators to delete customer accounts, remove contacts and records, disconnect integrations, and remove other customer-configurable data they no longer need. Partners and administrators are responsible for using these tools consistent with their own legal, regulatory, and contractual obligations to their end customers.
Viirtue does not perform routine, automated scrubs of partner-managed ViiBE data on partners’ behalf. If you are an end customer or contact of a Viirtue partner and you would like ViiBE data about you deleted, please contact the partner that manages your account first. If you submit a deletion request directly to Viirtue using the process below, we will assist by working with the applicable partner and by deleting any data we directly control, subject to the legal retention obligations described in this section.
Marketing and prospect data (HubSpot). Marketing contact data, including email addresses, phone numbers, company information, and engagement history, is retained in HubSpot for ongoing marketing, sales, and customer relationship purposes. If you unsubscribe from marketing emails, we will record your unsubscribe status and stop sending you marketing email. If you request that your marketing data be deleted using the process in this section, we will delete your contact record from our CRM, subject to any legal or contractual reasons we may need to retain certain information. Submitting an unsubscribe is not the same as a deletion request; if you want both, please tell us.
Financial, tax, and regulated records. Invoices, payment records, tax records, accounting records, CPNI records, E911 records, and other records subject to legal, regulatory, or audit retention requirements are retained for the periods required by applicable law, even after a customer cancels service or requests deletion. These records may continue to identify a former customer because the underlying legal obligation requires it.
Anonymized and aggregated data. Where we no longer need information in identifiable form, we may retain de-identified or aggregated information for analytics, security, service improvement, and benchmarking, provided that the information is maintained in a manner that cannot reasonably be linked back to a specific individual, customer, tenant, or caller.
Logs, support records, and operational records. Security logs, audit logs, support tickets, troubleshooting records, and similar operational records are retained for periods consistent with our security, support, and compliance needs.
Historical and legacy data. Viirtue acknowledges that some legacy customer data predates current retention practices and may continue to exist in archive systems. We are actively working to bring all customer data under consistent retention and deletion controls. If you believe legacy data about you exists and you would like it removed, please submit a request using the process below and we will work to honor it, subject to applicable legal retention obligations.
If you would like Viirtue to delete information we hold about you, you may submit a request:
Email: support@viirtue.com with the subject line “Privacy Request – Data Deletion”
Phone: 1-833-844-7883
Please note that a data deletion request is different from a cookie or tracking consent choice. To manage cookies, tracking, or sale/sharing/targeted-advertising preferences, use the Manage consent tool on our website.
We may need to verify your identity before completing a request. If you are an end user, caller, employee, or contact of a Viirtue customer or partner, we may direct your request to that customer or partner and assist them in responding. Some information cannot be deleted because we are required to keep it by law, regulation, or contract, including certain financial, tax, telecommunications, E911, CPNI, and audit records. Where complete deletion is not possible, we will, where appropriate, anonymize the information so that it can no longer reasonably be linked to you.
We use reasonable administrative, technical, and physical safeguards designed to protect information against unauthorized access, loss, misuse, disclosure, alteration, or destruction.
These safeguards may include encryption in transit and at rest, tenant-level data segregation, role-based access controls, authentication controls, audit logs, monitoring, vulnerability management, backups, incident response processes, employee training, and vendor due diligence.
No system or method of transmission or storage is completely secure, and we cannot guarantee the security of information transmitted to or stored by us. Customers and users are responsible for protecting account credentials, maintaining appropriate access controls, promptly removing access for users who no longer need it, and notifying us of suspected unauthorized access.
Customer backups. We recommend that customers maintain their own backups of any data they consider critical, including exported call detail records, billing reports, contact lists, knowledge base content, and other configurable customer content, in addition to any backup or retention features Viirtue provides.
Depending on your relationship with us and applicable law, you may have the following choices:
Access, update, or correct certain account information through the Services.
Opt out of marketing emails by using the unsubscribe link or contacting us at support@viirtue.com. We use HubSpot to manage email subscription preferences.
Opt out of SMS messages by replying STOP to any SMS message from Viirtue, or by contacting us at the address in Section 21.
Manage cookies, tracking, and “sale,” “sharing,” and “targeted advertising” preferences using the Manage consent tool on our website, or through your browser settings.
Revoke mobile app permissions through your device settings.
Request deletion of your data using the process in Section 12. We will honor verified deletion requests to the extent permitted by law.
Request access, correction, portability, or other privacy rights where applicable.
Withdraw consent where processing is based on consent, subject to legal or contractual limits.
If you are an end user, caller, employee, customer, or contact of one of our customers or partners, we may need to direct your request to that customer or partner, or assist them in responding to your request.
Residents of certain U.S. states may have rights under applicable privacy laws. These rights may include the right to:
Know or access the personal information we collect, use, disclose, sell, or share.
Receive a portable copy of certain personal information.
Correct inaccurate personal information.
Delete personal information, subject to exceptions.
Opt out of sale, sharing, targeted advertising, or certain profiling.
Limit certain uses or disclosures of sensitive personal information, where applicable.
Appeal a decision regarding a privacy request, where applicable.
Not be discriminated against for exercising privacy rights.
To exercise opt-out rights related to cookies, tracking, sale, sharing, or targeted advertising, use the Manage consent tool on our website. To submit any other privacy request, contact us at support@viirtue.com or call 1-833-844-7883. We may need to verify your identity and authority before completing a request. Authorized agents may submit requests where permitted by law, but we may require proof of authorization.
The table below describes categories of personal information we may collect, the purposes for collection, and categories of recipients.
Category | Examples | Purposes | Categories of Recipients |
|---|---|---|---|
Identifiers | Name, email, phone number, company, address, IP address, account ID | Account management, support, sales, service delivery, security, billing | Service providers, customers, partners, account admins, carriers, CRM and support providers |
Commercial information | Products purchased, invoices, payments, quotes, contracts, tax data, usage | Billing, payments, tax automation, quoting, customer self-service, account management | Payment processors, tax providers, billing providers, service providers, account admins |
Internet or network activity | Website usage, browser data, device data, cookies, logs | Website operation, analytics, security, fraud prevention, marketing | Analytics providers, advertising partners, hosting providers, security providers |
Geolocation or service location | Approximate IP location, E911 address, service address | E911, service provisioning, tax, fraud prevention, compliance | E911 providers, carriers, tax providers, service providers |
Audio, visual, or communications data | Call recordings, voicemails, transcripts, support calls, SMS, fax, message content where applicable | Communications services, AI features, support, quality, compliance, customer-configured workflows | Customers, account admins, AI and transcription providers, communications providers, service providers |
Professional or employment-related information | Job title, company, business contact details | Sales, account management, support, partner management, events | CRM providers, support providers, marketing providers, service providers |
Inferences | Sentiment indicators, call summaries, intent, usage insights, customer interaction trends | AI Insights, quality assurance, support, analytics, service improvement | Customers, account admins, AI providers, service providers |
Sensitive personal information | Account credentials, payment-related information, communications content, precise service location where applicable, PHI where governed by a BAA | Security, authentication, billing, service delivery, compliance, customer-configured services | Service providers, customers, account admins, carriers, payment providers, regulated subprocessors |
We use sensitive personal information only as reasonably necessary to provide the Services, secure accounts, process payments, comply with law, or as otherwise permitted by applicable law and customer instructions. We do not use sensitive personal information for unrelated cross-context behavioral advertising.
Viirtue is based in the United States. Information may be processed in the United States and other countries where we or our service providers operate. These countries may have data protection laws that differ from the laws where you live.
Where required, we use appropriate safeguards for international transfers, such as contractual protections or other lawful transfer mechanisms.
Where the GDPR, UK GDPR, or similar laws apply, Viirtue may act as a controller for information we process for our own purposes and as a processor for customer data processed through the Services.
Our legal bases may include performance of a contract, legitimate interests, consent, compliance with legal obligations, and protection of vital interests or legal claims.
Depending on applicable law, you may have rights to access, correct, delete, restrict, object to processing, request portability, withdraw consent, or lodge a complaint with a supervisory authority.
Where complete deletion of personal information is not feasible because we are subject to legal retention obligations, or because deletion would impair the integrity of legitimate operational records, we may retain the information in an anonymized or de-identified form such that it can no longer be used to identify you.
If your information is processed on behalf of a Viirtue customer or partner, please contact that customer or partner first. We will assist them as required by applicable law and contract.
The Services are intended for business use and are not directed to children. We do not knowingly collect personal information from children under 13, or under the age required by applicable law, without appropriate consent.
If you believe a child has provided personal information to us, contact us at support@viirtue.com.
Our websites and Services may link to or integrate with third-party websites, applications, platforms, payment tools, CRMs, PSAs, calendars, help desks, carriers, or other services. Their privacy practices are governed by their own policies and terms.
Customers are responsible for reviewing and configuring third-party integrations appropriately.
We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date and provide notice as required by law, which may include posting the updated policy, notifying account administrators, or sending other communications.
We will not use previously collected personal information in a materially different way without providing any notice or consent required by applicable law.
For questions, privacy requests, or concerns, contact us at:
Viirtue, Inc.
401 16th Street N
St. Petersburg, FL 33705
Email: support@viirtue.com
Phone: 1-833-844-7883
For security concerns, include “Security” in the subject line. For privacy requests, include “Privacy Request” in the subject line. For data deletion requests, include “Privacy Request – Data Deletion” in the subject line.
Automate calls with smart, human-sounding voice agents built for scale.
Uncover real-time customer insights with AI-powered emotion and intent detection.
Viirtue’s free, full-service tool for MSPs.
Free for all Viirtue partners, ViiBE makes quoting and billing seamless, so you can grow your business efficiently while serving your clients better.
In just 25 minutes, you will spot the leaks, estimate the damage, fix the workflow, and get AI-ready, with downloadable checklists to lock it all in.
Download the FREE ebook and fix what’s costing you time and money before it costs you another week.