CompassAiEffective July 15, 2026

Privacy Policy

This policy explains how CompassAi handles information when authorized users transcribe recordings, perform quality assurance reviews, manage scorecards, match MirrorCXT leads, and create reports.

Plain-language summary

CompassAi stores its working data primarily in your browser. Recordings and transcript content are sent through CompassAi's secure web relay to OpenAI using the API key you provide. Microsoft Entra ID authenticates approved users.

1. Scope and operator

This Privacy Policy applies to the CompassAi web application and its related pages. CompassAi is designed and operated by Adam Stephens. Questions or privacy requests may be sent to astephens@convertros.com.

2. Information CompassAi processes

  • Account information: your name, business email address, and authentication/session information supplied through Microsoft Entra ID.
  • Call content: audio or video recordings you select, generated transcripts, timestamps, detected client, agent and customer details, QA evidence, scores, reviewer notes, overrides, and report content.
  • Business context: scorecards, client detection rules, MirrorCXT exports, lead details, phone numbers, dispositions, and Clover links you import.
  • Preferences and credentials: your selected models, display theme, locally saved OpenAI API key, and other workspace preferences.
  • Technical information: hosting, authentication, and AI service providers may process routine request metadata such as IP address, browser/device information, timestamps, authentication events, usage information, and error details under their own policies.

3. How information is used

Information is used only to provide, secure, maintain, and troubleshoot CompassAi; authenticate authorized users; transcribe and analyze calls; select and apply scorecards; support human QA review; match imported leads; generate reports; and prevent misuse. CompassAi does not sell personal information or use call content for advertising.

4. Browser-local storage

CompassAi currently stores the OpenAI API key, jobs, transcripts, QA results, scorecard changes, reports, model selections, and appearance preferences in the local storage of the browser profile you use. This information may remain there until you clear it through CompassAi, clear browser/site data, or remove the browser profile. Other users or software with access to that browser profile may be able to access locally stored information.

5. Cloud processing and service providers

CompassAi relies on the following providers to deliver the service:

  • Microsoft Entra ID authenticates users and returns identity information needed to establish an authorized session.
  • Vercel hosts the web application and temporarily relays authorized transcription and QA requests.
  • OpenAI receives recordings, transcript text, prompts, scorecard context, and your API key as needed to provide transcription and QA results.

CompassAi's relay responses use no-store cache controls and CompassAi does not maintain a separate application database for call content. Providers may nevertheless process and retain information according to their own terms, security logs, and legal obligations. OpenAI states that API data is not used to train its models by default unless the API customer opts in, and that default abuse-monitoring logs may be retained for up to 30 days. Your OpenAI organization's settings and eligibility for additional retention controls may change that treatment.

Review the OpenAI Privacy Policy, OpenAI API data controls, Microsoft Privacy Statement, and Vercel Privacy Policy for provider-specific details.

6. Retention and deletion

Browser-stored CompassAi data remains until it is cleared by the user or browser. Use Settings to clear the API key and local jobs, or clear the site's browser data to remove all locally saved CompassAi information. Downloaded reports are controlled by whoever downloaded them. Microsoft, Vercel, and OpenAI may retain provider-side information under their own policies and account settings. Requests concerning CompassAi-controlled information may be sent to the contact address above.

7. Security

CompassAi uses Microsoft authentication, an approved-domain allowlist, HTTPS transport, same-origin relay endpoints, and browser-local storage to reduce unnecessary server-side persistence. No system is completely secure. Users must protect their Microsoft account, browser profile, device, OpenAI API key, exported reports, and downloaded files, and must promptly report suspected unauthorized access.

8. Recording and data responsibilities

You must have lawful authority, required notices, and any necessary consent before uploading or processing a recording or personal information. Do not submit content you are not authorized to use. CompassAi is not intended for highly sensitive data requiring specialized legal or regulatory safeguards unless your organization has independently determined that its configuration and provider agreements satisfy those requirements.

9. Children

CompassAi is a business application intended for authorized adult users and is not directed to children under 18. Do not use the service to intentionally collect information directly from children.

10. International processing

Information may be processed in the United States or other locations where the service providers operate. Your organization is responsible for determining whether its use of CompassAi and any cross-border transfer complies with applicable requirements.

11. Changes to this policy

This policy may be updated as CompassAi's features, providers, or legal obligations change. The effective date at the top of this page identifies the current version. Continued use after an update means you acknowledge the revised policy.

This policy is intended to accurately describe the current application. It is not legal advice, and organizations should obtain their own legal review for their recording, privacy, employment, and customer-data obligations.
CompassAiDesigned and developed by Adam Stephens with development assistance from OpenAI Codex.
Privacy PolicyFair Use Policy