Drupefruit™ LLC ("Drupefruit," "we," "us," or "our") operates payment-enabled software products and selective consulting practices. This Privacy Policy describes how we collect, use, and protect information across all Drupefruit-operated products and the drupefruit.com website.
1. Information We Collect
Account Information
When you create an account on a Drupefruit-operated product, we collect your email address and a display name. Some Drupefruit products collect additional optional profile details specific to that product — for example, business name, phone number, address, website, or industry/vertical for products oriented to small businesses.
Phone Numbers
Account holders: Phone numbers you provide are used for account verification, security alerts, and transactional notifications. You may opt out of SMS at any time without losing access to your account (email-based verification remains available).
Customers of merchants on Drupefruit-operated products: On Drupefruit products that connect end-customers with merchants — for example, products with public booking pages, masked contact routing, or transactional payments — your phone number is collected to facilitate that conversation and is shared only with the specific business owner you contacted.
Messages & Call Data
SMS messages, voicemail transcripts, and call metadata (duration, timestamp, routing decisions) sent through Drupefruit products are stored to enable conversation threading, AI-powered message analysis, and CRM features for business owners.
Catalog & Transaction Data
Profile data, item listings, sale events, bookings, and payment records are stored to operate Drupefruit's products.
Usage Data
We collect standard usage analytics including pages visited, features used, and device/browser information to improve our service.
2. How We Use Your Information
Service delivery: To operate our products — routing messages, processing payments, managing listings, generating AI analysis of customer intent.
Communication: To send transactional messages (account verification, booking confirmations, payment receipts, voicemail follow-ups) and account-related notifications.
Security: To detect fraud, validate identities, and enforce our terms of service.
Improvement: To analyze aggregate usage patterns and improve features. Individual message content is not used for general AI model training.
3. What We Do NOT Do
We do not sell, rent, lease, or trade your personal information, phone numbers, or message content to third parties for marketing or any other purpose.
We do not send unsolicited marketing messages or promotional SMS blasts.
We do not share your phone number with other Drupefruit users except as required for a specific feature you are using — for example, masked contact routing between a customer and a merchant on products that include that capability.
4. Information Sharing
We share your information only in these limited circumstances:
Service providers: We engage third-party service providers for infrastructure, payments, communications, voice and AI processing, and identity-related services. These providers process data on our behalf under their own privacy policies and data processing agreements. A list of categories of subprocessors is available on request to privacy@drupefruit.com.
Merchants on Drupefruit-operated products: On products that connect end-customers with merchants, customer phone numbers and message content are shared with the specific business owner whose booking page or masked contact routing you contacted. This is the core purpose of those products.
Legal requirements: We may disclose information when required by law, subpoena, or legal process, or to protect our rights and safety.
5. Affiliate Links
Drupefruit-operated platforms may include affiliate links — contextual editorial recommendations to third-party services (such as business banking, accounting tools, formation services, or insurance providers) shown inside logged-in customer dashboards. When you click an affiliate link, you may be redirected through a Drupefruit-operated tracking subdomain that records the click event and forwards you to the third party's own tracking URL.
What Drupefruit logs internally
The slug of the link clicked (e.g., found, mercury)
A SHA-256 hash of your IP address — raw IPs are never stored
Your user-agent string and the click timestamp
Your internal Drupefruit user ID, when you are signed in
This information is retained for our own click-through analytics. It is not shared with third parties beyond what is described in the next paragraph.
What the affiliate network sees
Once redirected to the third party's tracking URL, the affiliate network may set its own tracking cookie in your browser, governed by its own privacy policy. Drupefruit does not share your name, email, phone number, address, or other personally identifiable information with the affiliate network — only the click event itself. If you subsequently open an account with the third party, that relationship is established directly between you and the third party under their terms.
Your choices
You can decline affiliate-network cookies at the third party's destination, or use private / incognito browsing if you prefer not to be tracked. To request deletion of Drupefruit's internal click logs tied to your account, contact privacy@drupefruit.com.
6. Data Security
We implement industry-standard security measures including:
Encrypted data transmission (TLS/HTTPS)
Row-level security on customer-data tables
JWT-based authentication
Masked contact routing, where applicable to the product you are using, that prevents exposure of personal contact information
Signed URLs for private file access (voicemail recordings, documents)
7. Data Retention
Account data: Retained while your account is active and for 30 days after deletion.
Messages and call records: Retained for the business owner's use until they delete them or close their account.
Voicemail recordings: Voicemails on inactive or hibernated phone numbers are auto-deleted after 60 days. Voicemails on active phone numbers are retained until the user who owns the phone line deletes them.
Payment records: Retained as required by financial regulations (typically 7 years).
SMS opt-in records: Retained for the period required by applicable carrier messaging policies and law.
8. Your Rights
You have the right to:
Access your personal data by contacting us
Correct inaccurate information in your account settings
Delete your account and associated data
Opt out of SMS by replying STOP to any message
Export your data in a portable format
If you are a California resident, you have additional rights under the CCPA and CPRA, including the right to know, the right to delete, and the right to limit use of sensitive personal information. To exercise any of these rights, contact privacy@drupefruit.com.
9. Mobile Messaging (SMS) Program
Drupefruit operates SMS messaging programs through its products (including the FolioLive AI receptionist and transactional notifications). The following applies to all SMS sent through Drupefruit-operated phone numbers:
No sharing of mobile information: We do not sell, rent, lease, share, or otherwise disclose mobile phone numbers or SMS opt-in consent to third parties or affiliates for their own marketing or promotional purposes. Mobile information collected through the SMS consent process is used solely to deliver the transactional messages you opted into and is never shared with third parties for marketing.
Message frequency: Message frequency varies and depends on your interactions with us. Messages — such as booking confirmations, appointment reminders, verification codes, callback notifications, and customer-care replies — are sent only as needed in response to your activity, not on a recurring schedule.
Message and data rates: Message and data rates may apply. Your mobile carrier's standard messaging rates apply to messages you send and receive. Drupefruit does not charge you for SMS.
Help and opt-out: Reply HELP for help or STOP to opt out at any time. Replying STOP unsubscribes you from further messages from that number.
Drupefruit's products are not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify account holders of material changes via email. The "Effective date" at the top of this page indicates the latest revision.
12. Contact
Drupefruit LLC
2108 N St #14738
Sacramento, CA 95816
United States