Legal
Privacy Policy
Last updated: July 12, 2026
This Privacy Policy explains how TextGopher (“we,” “us”) collects, uses, and shares personal information. It covers our websites (textgopher.com and app.textgopher.com) and the TextGopher service.
1. Two kinds of people, two roles
We handle information in two different capacities, and your rights differ depending on which one applies to you:
- Business customers (contractors). If you sign up for TextGopher, we collect and use your information for our own purposes as described below. For this data, we decide how it is processed.
- Consumers (your customers' side of the conversation). If you called or texted a local service business and received a message “powered by TextGopher,” we process your phone number and messages on behalf of that business, as its service provider. The business decides why and how that data is used; we act on its instructions. If you want your conversation data accessed or deleted, the fastest path is to contact the business you texted with — and you can always contact us directly and we will help route your request.
2. Information we collect
- Account information (from business customers): business name, trade, service area, your name, email address, phone number(s) for lead notifications, timezone, and login credentials (passwords are stored only as one-way hashes).
- Billing information: handled by Stripe, our payment processor. We store your Stripe customer reference, plan, and subscription status — we never see or store full card numbers.
- Lead and conversation data (processed on behalf of business customers): consumer phone numbers, call metadata (caller ID, time, and outcome of missed calls), the content of SMS conversations, and details consumers share in them (such as a service address, the problem described, and preferred time windows).
- Consent records: a per-business ledger of each consumer phone number's messaging status (contacted us / opted in / opted out), kept to honor opt-outs and to document compliance.
- Usage and log data: standard server logs (IP address, browser type, pages requested) and product event logs (an append-only audit trail of significant account and messaging events).
3. How we use information
- To provide the Service: answering missed calls by text, running qualification conversations, and delivering leads to the right business.
- To operate messaging compliantly: identifying the business in the first message, enforcing opt-outs and quiet hours, and registering numbers with carrier systems.
- To bill subscriptions, provide support, and send service communications (such as trial reminders, usage warnings, and security notices).
- To secure, debug, and improve the Service.
AI processing. Conversation replies are generated with the help of Google's Gemini models. Message content from a conversation is sent to Google's API to generate the next reply and extract job details. We use API terms under which the content is not used to train Google's models.
What we don't do: we do not sell personal information, we do not share consumer phone numbers or conversation content with third parties for their own marketing, and we do not use one business's lead data for another business's benefit.
4. Service providers (processors)
We share information with a short list of providers who process it for us, under contract, only to provide their service:
- Twilio — telephony and SMS delivery (phone numbers, call events, message content pass through Twilio's platform).
- Stripe — payments and subscription billing.
- Google (Gemini API) — AI generation of conversation replies and extraction of job details from message content.
- Infrastructure providers that host our servers and databases, and an email provider for transactional email.
We may also disclose information if required by law or legal process, to protect the rights and safety of consumers, our customers, or the public, or as part of a merger or acquisition (in which case this policy continues to apply until updated).
5. Retention
- Conversation transcripts and lead data: retained while the business's account is active so it has its job history, and for up to 30 days after account closure for export, after which they are deleted from production systems in the ordinary course.
- Consent and opt-out records: retained for at least 4 years, including after account closure, because they document legal compliance (opt-out suppression must survive everything else).
- Account and billing records: retained as long as needed for tax, accounting, and legal purposes.
- Backups: encrypted database backups roll off on a fixed schedule; deleted data leaves backups as they expire.
6. Security
We use TLS for data in transit, encrypt high-value credentials at rest, restrict production access to authorized personnel, and keep an append-only audit log of significant events. No system is perfectly secure; if a breach affects your information, we will notify you as required by law.
7. Your California privacy rights (CCPA/CPRA)
If you are a California resident, you have the right to: know what personal information we have about you and how it is used; access a copy of it; correct inaccurate information; delete it (subject to legal exceptions — for example, we must keep opt-out records); and not be discriminated against for exercising these rights. We do not sell or “share” (for cross-context behavioral advertising) personal information, so there is nothing to opt out of on that front.
To exercise these rights, email support@textgopher.com with the subject “Privacy request.” We will verify your identity (typically by confirming control of the email or phone number on file) and respond within 45 days. If your request concerns a conversation you had with one of our business customers, we will notify that business and assist it in responding, as its service provider. You may use an authorized agent to submit a request with proof of authorization.
8. Cookies and analytics
The marketing site sets no advertising or analytics cookies. The dashboard sets a session cookie required to keep you logged in. That's it.
9. Children
The Service is for businesses and is not directed to anyone under 18. We do not knowingly collect information from children.
10. Changes
We may update this policy from time to time. Material changes will be announced by email or in the dashboard before they take effect, and the “Last updated” date above always reflects the current version.
11. Contact
Privacy questions or requests: support@textgopher.com.