Privacy Policy

Your drawing PDFs are sent to Anthropic's AI for analysis and are not stored on Callout's servers. Anthropic does not use API inputs to train their models. Your review results and account data are stored in an encrypted database. Payments are handled by Stripe. We do not sell or share your data with third parties.

1. What We Collect

When you create an account, we collect your email address and a hashed password. When you run a review, we store your review results (comments, severity ratings, PE decisions), project metadata (project name, discipline, depth selection, file name, sheet count), and credit transaction history. We do not store your uploaded PDF drawing files.

2. How Your Drawings Are Processed

When you upload a PDF and run a review, the drawing is sent securely to Anthropic's AI for analysis. This happens in real time during the review. Once the analysis is complete, the drawing data is discarded. Your PDF files are never written to disk on Callout's servers, never stored in a database, and never retained after the review completes.

3. Anthropic's Data Practices

Callout uses Anthropic's commercial API, which has a zero-retention data policy. Anthropic does not store API inputs or outputs, and does not use data sent through the API to train or improve their models. For details, see Anthropic's API Data Usage Policy at anthropic.com/policies.

4. Data Storage and Hosting

Your account data and review results are stored in a managed database hosted in the United States. All data is encrypted at rest and in transit. All connections use HTTPS/TLS encryption.

5. Payment Processing

All payments are processed by Stripe. Callout never sees, stores, or has access to your full credit card number. Stripe handles all payment data in compliance with PCI DSS Level 1, the highest level of payment security certification.

6. Authentication and Access

Passwords are hashed and never stored in plain text. Session tokens are short-lived. Shared report links use cryptographically random tokens and provide read-only access only. No account credentials are required to view a shared report.

7. Third-Party Services

Callout uses third-party services to operate, including Anthropic (AI), Stripe (payments), and infrastructure providers for hosting and data storage. Each maintains its own privacy policy and security practices. We do not share your data with any other third parties, and we do not sell your data under any circumstances. For a full list of service providers, see our Security page.

8. Cookies and Tracking

Callout uses a session token stored in your browser to keep you logged in. We do not use advertising cookies, third-party tracking pixels, or behavioral analytics. We do not serve ads.

9. Data Retention

Your review history and account data are retained for as long as your account is active. You can delete individual reviews from the History tab at any time. Shared report links can be revoked at any time, which permanently removes public access to that report. If you wish to delete your entire account and all associated data, contact hello@callout.app.

10. Your Rights

You have the right to: access all data associated with your account, export your review results to CSV or Excel at any time, delete individual reviews or your entire review history, revoke shared report links, and request full account deletion. To exercise any of these rights, use the in-app controls or contact hello@callout.app.

11. Confidentiality of Drawings

We understand that construction drawings are often confidential, proprietary, and may be subject to NDAs between project stakeholders. Callout is designed with this in mind. Your drawings are processed in memory, never written to disk, and discarded immediately after analysis. We have no mechanism to view, browse, or access your uploaded drawings after a review completes. No Callout employee can see your drawings.

12. Security Practices

All data in transit and at rest is encrypted. Secrets are stored securely and never committed to source code. Dependencies are regularly updated to patch known vulnerabilities. For full details on our security practices, see callout.app/security. If you discover a security issue, please report it to hello@callout.app.

13. Changes to This Policy

We may update this policy from time to time. If we make material changes, we will notify users via email. Continued use of the Service after changes are posted constitutes acceptance of the updated policy.

14. Contact

Questions about privacy or security? Contact Callout Software LLC at hello@callout.app.