CREST SYSTEMS

Effective July 11, 2026. Written in plain language to describe how our system actually works. If we change it, we'll post a new version with a new date.

Privacy

Privacy policy

Last updated July 11, 2026

Crest Deployment Systems LLC (doing business as “Crest Systems”) builds CSflow, an AI agent that answers phone calls for service businesses. This policy covers our website, crestsystems.ai, and our demo phone line. The short version: we record calls and say so up front, we keep evidence-grade records of consent, and we're clear about how your information is used.

What we collect

When you talk to the agent on the phone (calling our demo number, or receiving the demo call you requested): the audio recording of the call, a written transcript, your phone number, anything you choose to share on the call (like your name, business, or appointment details), and an append-only log of call events — timestamps, state changes, and the actions the agent took. See Recording & consent for the full plain-language picture.

When you request a demo call on the site: your phone number, the exact consent text you agreed to (versioned and cryptographically fingerprinted), the page you agreed on, your IP address and browser information, the time, and the record of your text-message verification. This is deliberate: it's an audit trail proving you actually consented before any call was placed.

When you use the sales chat on the site: the messages you type. To generate replies, your chat messages are sent to third-party AI model providers through a model-routing service — that means text you type in the chat leaves our infrastructure and is processed by those providers. Do not put payment details or sensitive personal information in the chat; the agent is instructed to refuse them anyway. We may review chat logs to check the agent's quality.

When you browse the site: standard technical logs (IP address, pages requested, browser type) kept by us and our hosting provider for security and debugging.

How we use it

  • To run the call and do what you asked — answer questions, book appointments, send the confirmation you agreed to.
  • To keep a reliable business record of what the agent said and did, and proof that consent was given, in case a question or dispute ever comes up.
  • To review and improve how the agent behaves, internally.
  • To secure the service and comply with the law.

We do not sell or share your personal information for cross-context behavioral advertising today. If that ever changes, we will update this policy and give you the choices the law requires, including the ability to opt out. We do not use call recordings to train public AI models.

Text messages

We send texts in exactly two cases: a one-time verification code when you request a demo call, and a single booking confirmation if an appointment is booked on a call — and the confirmation is sent only if you explicitly agreed to receive it when you signed up. That consent is recorded as its own explicit field; without it, the system refuses to send the text. No marketing texts. Message and data rates may apply.

The live view

A caller can choose to project their own call's live captions onto a viewer's browser on our site, by keying a code on their dialpad during the call; the person at the screen must explicitly accept before anything is shown. What crosses to the viewer is strictly limited to captions and simple call-status labels — never phone numbers, caller ID, or any internal data. Details here.

Who processes your data

We run on infrastructure providers who process data on our behalf, under contract, to provide the service: cloud hosting and storage, a telephony carrier to connect calls, speech-to-text and text-to-speech providers, AI language-model providers (for the voice agent and the sales chat), and a text-message delivery provider. They process your data to provide their function to us, not for their own purposes.

How long we keep it

  • Call recordings and transcripts: up to five years, as a business record. A legal hold can extend that if a recording becomes evidence in a legal matter.
  • Consent records and the call event log: kept as append-only legal records for the same period. They can't be edited after the fact — by design, that includes by us.
  • Chat and technical logs: kept only as long as needed for quality review, security, and debugging.

If you ask us to delete a call's recording and transcript, we will, unless the law requires us to keep them — and we'll tell you the outcome either way. The append-only log keeps a minimal note that the call happened (timestamps and technical fingerprints, not audio or transcript text).

Your rights

You can ask us what we have about you, ask for a copy, ask us to correct it, or ask us to delete it. Depending on where you live, state privacy laws give you specific versions of these rights; we honor the requests regardless of which state you're in. To exercise any of them, email developer@crestsystems.ai from a way we can verify (or include the phone number the call involved). We'll never treat you worse for exercising your rights.

Children

Our site and demo line are for businesses and adults; we don't direct services to children and don't knowingly collect children's information. If a minor's information ended up in a recording, contact us and we'll handle it.

Changes to this policy

The consent language, disclosure script, and retention policy in our systems are versioned records: changing any of them means a new version with a new date, never a silent edit. This page follows the same rule — meaningful changes get a new “last updated” date, and anything that would expand how we use data you already gave us would be a new consent to ask you for, not an edit here.

Contact

Crest Systems — developer@crestsystems.ai. A human reads it.

Related: Recording & consent · Terms