1. Who We Are
VTregen is a service of RMLZ LLC ("we," "us," or "our"), a veteran-owned limited liability company registered in Minnesota. We provide automated SMS communication services — including missed-call text-back and review request sequences — to local service businesses ("Clients").
This Privacy Policy explains how we collect, use, and protect information from two groups: (1) our Clients (businesses who purchase VTregen services) and (2) the end customers of those businesses ("End Customers") who receive SMS messages on behalf of our Clients.
2. Information We Collect
From Clients (business owners):
- Business name, address, and phone number(s)
- Contact email address
- Twilio phone number assigned to the account
- Business hours and timezone preferences
- Google Review page URL
- Billing information (processed via GoCardless; we do not store ACH account numbers)
From End Customers (callers who receive SMS):
- Phone number (received from Twilio when a call is placed to a Client's line)
- Email address (only if voluntarily provided to the Client for review request sequences)
- SMS message content when the End Customer replies to a VTregen-sent message
- Timestamp and delivery status of SMS messages
- Opt-out status (if the End Customer sends STOP, ALTO, or UNSUBSCRIBE)
Automatically collected data:
- Server logs (IP addresses, request paths, timestamps) — retained for 30 days for security monitoring
- Error logs from our application infrastructure
3. How We Use Information
Client information is used to:
- Provision and configure VTregen services for the Client's account
- Route Twilio SMS messages to the correct client and phone number
- Process monthly billing via ACH (GoCardless)
- Send operational communications (service updates, billing receipts)
End Customer information is used to:
- Send a single missed-call text-back SMS on behalf of the Client within 30 seconds of a missed call
- Send a Google review request SMS (and optional email) when the Client marks a job complete
- Send follow-up review request messages at 3 days and 7 days (only if no response or opt-out)
- Log events in our system for Client audit and reporting purposes
We do not use End Customer data for advertising, profiling, or any purpose beyond delivering the specific communication service requested by the Client.
4. SMS Communications and A2P 10DLC Compliance
VTregen sends SMS messages via Twilio using an A2P (Application-to-Person) 10DLC registered number. All SMS communications are sent on behalf of the Client's business for customer care purposes.
Message frequency: End Customers may receive up to 3 messages per service interaction: one missed-call text-back and up to two review request follow-ups. Message frequency varies based on call volume and Client job completions.
Opt-out: End Customers can stop receiving messages at any time by replying STOP (English) or ALTO (Spanish) to any VTregen-sent SMS. Opt-out requests are processed immediately and no further messages will be sent to that number from that Client's account. To re-subscribe, reply START.
Help: End Customers can reply HELP to any message for assistance. For questions, contact hello@vtregen.com.
Carriers: Message and data rates may apply depending on the recipient's wireless carrier plan.
5. How We Share Information
We do not sell, rent, or trade personal information. We share information only with the following service providers who help us operate VTregen:
- Twilio Inc. — SMS delivery infrastructure. End Customer phone numbers and message content are transmitted to Twilio to deliver SMS. Twilio's privacy policy: twilio.com/legal/privacy
- Supabase Inc. — Database storage for event logs, job scheduling, and Client configuration. Data is stored in the US.
- SendGrid (Twilio). — Email delivery for review request sequences (when email is provided by Client for an End Customer).
- GoCardless Ltd. — ACH payment processing for Client billing. We share billing contact information with GoCardless; GoCardless handles all payment data directly.
- Railway Technologies Inc. — Cloud hosting infrastructure. Our application code and server logs reside on Railway servers in the US.
We may disclose information if required by law, court order, or to protect the rights and safety of our users, Clients, or the public.
6. Data Retention
- Client account data: Retained for the duration of the service agreement and 2 years after cancellation, or as required by applicable law.
- End Customer SMS event logs: Retained for 12 months from the date of the event, then deleted.
- Opt-out records: Retained indefinitely to ensure we honor opt-out requests.
- Server logs: Retained for 30 days.
7. Data Security
We implement industry-standard technical safeguards including encrypted connections (TLS), environment-variable-based secret management (no credentials in code), role-based Supabase access (service-role key only, server-side), and regular dependency audits. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.
8. Your Rights
Depending on your location, you may have rights to access, correct, or delete personal information we hold about you. To exercise these rights, contact us at hello@vtregen.com. We will respond within 30 days.
End Customers who have received SMS from a VTregen Client may request deletion of their phone number from our system by emailing us with the phone number and the business name. We will remove the number from our database and cancel any pending scheduled messages within 5 business days.
9. Children's Privacy
VTregen services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. Continued use of VTregen services after changes constitutes acceptance of the updated policy. We will notify active Clients of material changes by email.
11. Contact Us
For privacy questions, opt-out requests, or data deletion requests:
- Email: hello@vtregen.com
- Company: RMLZ LLC
- Location: Paramount, CA