Privacy Policy

Last Updated: 03/24/2026

This Privacy Policy describes how KEHi LLC (“KEHi,” “we,” “us,” or “our”) collects, uses, discloses, stores, and protects information through:

our AI phone receptionist and related voice, messaging, intake, scheduling, and automation tools (the “AI Receptionist”);

our dashboards, web portals, mobile applications, APIs, and software integrations (collectively, the “Application”); and

our websites and online properties, including https://kehi.ai (the “Site”).

Together, the AI Receptionist, Application, and Site are the “Services.”

By accessing or using the Services, you agree to this Privacy Policy. If you do not agree, do not use the Services.

This Privacy Policy does not govern how KEHi customers, subscribers, clinics, practices, offices, or other businesses using our Services (“Subscribers”) collect, use, or disclose personal information for their own purposes. If you are a caller, patient, lead, customer, or end user interacting with a Subscriber through KEHi-powered tools, you should also review that Subscriber’s privacy notice and contact that Subscriber directly for questions about its practices.

We may update this Privacy Policy from time to time. If we make material changes, we may post an updated version through the Services or Site and, where required by law, provide additional notice.

This Privacy Policy applies to information KEHi collects:

1. Scope

directly from Subscribers, prospective customers, Site visitors, and support contacts;

automatically through use of the Site or Application;

through calls, texts, intake flows, scheduling flows, and other interactions processed through the Services; and

from third-party integrations that a Subscriber authorizes us to connect.

This Privacy Policy does not apply to information collected offline outside the Services, except where expressly stated.

2. Personal Information We Collect

Depending on how the Services are used, KEHi may collect the following categories of information.

A. Information provided by Subscribers

We may collect:

name

business or organization name

email address

phone number

mailing address

billing contact details

login credentials

account and profile information

customer support communications

onboarding and setup information

workflow instructions, scripts, service descriptions, FAQs, knowledge base content, and other content submitted to configure the Services

B. Information collected through calls, texts, and workflows

When the Services are used to communicate with callers, leads, customers, patients, or other end users on behalf of a Subscriber, KEHi may process:

caller or contact name

phone number

email address

appointment details

call metadata

call recordings

voicemail recordings

call transcripts

text or SMS content

intake responses

service requests

conversation summaries

routing or escalation outcomes

any other information voluntarily provided during the interaction

C. Automatically collected information

When you use the Site or Application, we may automatically collect:

IP address

browser type

device identifiers

operating system

app version

log and event data

session activity

clickstream and usage data

referring URLs

approximate location derived from IP address

cookie and similar technology data

D. Information from integrations and third parties

If a Subscriber connects outside systems, we may receive and process data from those systems, such as:

calendar data

CRM data

contact records

business hours and location data

scheduling availability

email configuration data

payment or subscription status data

website content and other business information the Subscriber authorizes us to access

E. Sensitive information

Depending on the Subscriber’s use case, KEHi may process information that may be considered sensitive under applicable law, including:

voice recordings

transcript content

message content

health-related information

precise appointment information

account access information submitted for integrations

Subscribers are responsible for determining whether their use case involves sensitive or regulated data and for obtaining any notices or consents required by law.

3. How We Use Personal Information

We may use personal information to:

provide, operate, and maintain the Services;

configure the AI Receptionist and related automations;

answer calls, process messages, schedule appointments, and route inquiries;

send service-related texts, reminders, confirmations, and follow-ups;

generate transcripts, summaries, classifications, and workflow outputs;

authenticate users and manage accounts;

provide customer support;

process billing and subscriptions;

monitor system performance, uptime, and quality;

improve functionality, usability, and security;

detect, investigate, and prevent fraud, abuse, misuse, and unauthorized access;

comply with legal obligations and enforce agreements; and

develop, test, troubleshoot, and improve our products and services.

Where permitted by law and contract, we may also use deidentified or aggregated information for analytics, research, product improvement, and operational reporting.

4. AI Processing and Automated Assistance

KEHi uses automated tools, including artificial intelligence and machine-learning-assisted systems, to help provide the Services. These tools may be used to:

interpret speech and caller requests;

generate text responses or conversation suggestions;

summarize calls or messages;

categorize and route interactions;

assist with intake, scheduling, reminders, and follow-up workflows; and

improve service quality and operational efficiency.

AI-generated outputs may be reviewed by KEHi personnel and by Subscribers for support, troubleshooting, quality assurance, compliance, safety, service improvement, and customer-requested functionality.

KEHi does not guarantee that AI-generated outputs will always be accurate, complete, or appropriate for every use case. Subscribers remain responsible for reviewing and validating outputs where appropriate, especially in healthcare, legal, financial, emergency, or other sensitive contexts.

5. Call Recordings, Transcripts, and Voice Data

The Services may record, transcribe, store, summarize, and analyze calls and voicemails.

We may process call recordings and transcripts to:

deliver the Services;

create records of interactions;

support appointment handling, reminders, and follow-up;

generate summaries and workflow outputs;

support quality assurance and troubleshooting;

improve performance and reliability; and

maintain business and security records.

Because call-recording and consent laws vary by state and jurisdiction, each Subscriber is solely responsible for determining whether notice or consent is legally required before recording or transcribing calls and for providing any required notice or obtaining any required consent.

If you are a caller and do not consent to call recording where applicable, discontinue the call and contact the relevant Subscriber through another method.

6. SMS, Text Messaging, and Communications

KEHi may send SMS or similar messages on behalf of Subscribers, including:

conversational responses;

appointment confirmations;

reminders;

follow-up messages;

missed-call texts;

intake links;

service updates; and

other operational or customer-service messages.

Subscribers are solely responsible for obtaining any consent required by law before sending text messages through the Services.

Where applicable, recipients may opt out of certain messages by replying STOP, and may obtain help by replying HELP. Message frequency may vary. Message and data rates may apply.

Consent to receive transactional or service-related messages is not the same as consent to receive marketing or promotional messages. Subscribers are responsible for distinguishing those use cases and configuring their campaigns accordingly.

7. Healthcare, HIPAA, and Regulated Data

Some Subscribers may use KEHi in healthcare or adjacent workflows.

Where KEHi creates, receives, maintains, or transmits protected health information (“PHI”) or electronic protected health information (“ePHI”) on behalf of a covered entity or business associate, KEHi intends such processing to be governed by applicable law and the parties’ written agreements, including any required Business Associate Agreement (“BAA”).

KEHi does not represent that every feature, workflow, integration, or deployment is automatically HIPAA-ready for every customer use case by default. Healthcare customers are responsible for:

determining whether their intended use of the Services involves PHI or ePHI;

ensuring a signed BAA is in place before transmitting PHI through the Services where required;

configuring the Services appropriately for their compliance obligations; and

avoiding use of any feature or integration that is not approved for their regulated use case.

If no BAA is in place where one is required, healthcare customers should not submit PHI through the Services.

8. Cookies and Similar Technologies

We may use cookies, pixels, local storage, SDKs, and similar technologies to:

operate the Site and Application;

remember user preferences;

maintain sessions;

analyze traffic and usage;

improve performance;

support security and fraud prevention; and

measure engagement with our Site and communications.

You can manage cookie preferences through your browser or device settings, though disabling certain technologies may limit functionality.

9. How We Disclose Information

We may disclose personal information as follows:

A. To Subscribers

If you interact with a KEHi-powered AI Receptionist or workflow, the information you provide may be shared with the Subscriber on whose behalf the Services are being used.

B. To service providers and subprocessors

We may disclose information to vendors and service providers that help us operate the Services, such as providers of:

hosting and cloud infrastructure

telephony and messaging

analytics

payment processing

email delivery

customer support

data storage

monitoring and security

transcription, AI, and communications infrastructure

C. To integrations authorized by the Subscriber

If a Subscriber connects third-party systems, we may disclose information as necessary to operate those integrations.

D. For legal and protection purposes

We may disclose information where reasonably necessary to:

comply with law, regulation, subpoena, court order, or lawful request;

enforce our agreements and policies;

investigate fraud, abuse, or security incidents; or

protect KEHi, our users, Subscribers, or others.

E. Business transfers

Information may be disclosed as part of an actual or proposed merger, financing, acquisition, sale of assets, restructuring, or similar transaction.

F. With consent

We may disclose information for other purposes with consent or at your direction.

We may also disclose deidentified or aggregated information that cannot reasonably be used to identify an individual.

10. Retention of Information

We retain personal information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

provide the Services;

maintain account history and business records;

support Subscribers;

comply with legal obligations;

resolve disputes;

enforce agreements; and

preserve security, backup, and audit records.

Retention periods vary depending on the type of information, contractual requirements, customer settings, legal obligations, and operational needs.

Where required or appropriate, KEHi may delete, deidentify, anonymize, or securely isolate information when it is no longer needed.

11. Security

KEHi uses administrative, technical, and organizational safeguards designed to protect personal information. These may include:

access controls

authentication measures

role-based permissions

encryption in transit and, where applicable, at rest

logging and monitoring

vendor controls

backup and recovery measures

security testing and incident response processes

No method of transmission or storage is completely secure, and KEHi cannot guarantee absolute security.

Subscribers are also responsible for securing their own systems, users, credentials, devices, and configurations.

12. Children’s Privacy

The Services are not directed to children under 13, and KEHi does not knowingly collect personal information from children under 13 for its own purposes. If you believe a child has provided personal information through the Services, contact us at support@kehi.ai.

13. Your Choices and Rights

Depending on your location and relationship to KEHi, you may have rights to:

know what personal information we collect, use, disclose, sell, or share;

access certain personal information;

correct inaccurate information;

request deletion of certain information;

request a portable copy of certain information;

limit certain uses of sensitive personal information where applicable; and

not be discriminated against for exercising applicable privacy rights.

If you are a caller, patient, lead, or customer interacting with a Subscriber through KEHi’s Services, you should direct your request to that Subscriber first, because the Subscriber is generally the party deciding how your information is collected and used.

If KEHi collected your information for its own business purposes, you may contact us using the information below.

14. California Privacy Notice

If you are a California resident, California law may provide additional rights regarding your personal information.

Subject to applicable exceptions, California residents may have the right to:

know the categories of personal information collected;

know the categories of sources from which personal information is collected;

know the business or commercial purposes for collecting, using, or disclosing personal information;

know the categories of third parties to whom personal information is disclosed;

request deletion of certain personal information;

request correction of inaccurate personal information; and

not receive discriminatory treatment for exercising applicable rights.

KEHi may collect the categories of personal information described in Section 2 of this Privacy Policy for the purposes described in Section 3 and may disclose them as described in Section 9.

KEHi does not sell personal information for monetary consideration. If KEHi ever engages in activities that qualify as “selling” or “sharing” under California law, KEHi will provide any rights and notices required by applicable law.

California residents may submit privacy requests by emailing support@kehi.ai.

We may take reasonable steps to verify your identity before processing a request.

15. International Use

KEHi is based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored in, and processed in the United States and other jurisdictions where our service providers operate. By using the Services, you acknowledge those transfers, subject to applicable law.

16. Third-Party Services

The Services may link to or interoperate with third-party websites, calendars, CRMs, payment processors, telephony providers, communication tools, and other services. KEHi is not responsible for the privacy or security practices of third parties. Their practices are governed by their own terms and privacy policies.

17. Contact Information

If you have questions about this Privacy Policy or KEHi’s privacy practices, contact:

KEHi LLC

3137 South Barrington Ave

Los Angeles, CA 90066

support@kehi.ai

+1 (754) 269-3744

https://kehi.ai