Privacy Policy

Cue processes caller voice input solely to match music preferences during hold time. Voice data is not stored, recorded, or used for any purpose beyond the active call session.

Call metadata (genre requested, track matched, resolution type) is logged to provide operators with aggregate performance insights. No personally identifiable caller information is retained beyond the masked phone number suffix.

Tenant data isolation

Each business operates as an isolated tenant. Call logs, settings, and analytics are scoped to the tenant that owns the integration. One tenant cannot access another tenant's data. API keys are unique per tenant and can be regenerated at any time.

Authentication and security

Webhook endpoints authenticate requests using tenant-scoped API keys. All communication between browsers, Twilio, and Cue servers is encrypted via HTTPS. Incoming Twilio webhook requests are validated using HMAC signature verification to prevent spoofing.

Music is sourced from Jamendo under their licensing terms. In preview mode, a built-in sample catalog is used with no external API calls.

For questions about data handling, contact the team operating this Cue instance.