Privacy Policy

Effective date: 2026-05-19.

Fortelk Inc. is an AI workforce platform for repetitive revenue conversations. Businesses use Fortelk to run AI employees for outreach, intake, follow-up, customer reactivation, inbox triage, voice calling, messaging, and CRM operations with human supervision.

Fortelk Inc. is located at 207-755 Queensway East, Mississauga, Ontario, Canada.

For direct customers, Fortelk acts as a data controller for account, billing, support, marketing, and website data. For lead, contact, conversation, WhatsApp, SMS, voice, email, CRM, and channel data processed on behalf of a business customer, Fortelk acts as a processor or service provider for that customer.

Privacy contact: Osama Katanani, ok@fortelk.com.

This policy covers Fortelk websites and services at fortelk.com, app.fortelk.com, customer tenant subdomains such as remaxsuccess.fortelk.com, and related Fortelk forms, demos, AI call requests, messaging workflows, and CRM workflows.

This policy does not cover a customer's own website, CRM, advertising account, phone carrier, email provider, or third-party tools that the customer connects to Fortelk. Those services are governed by their own terms and privacy policies.

Account and customer information: names, business names, email addresses, phone numbers, roles, login information, billing and order-form information, support requests, and communication preferences.

WhatsApp data: WhatsApp Business Account connection data, business-token data scoped to the customer's WABA, phone numbers, phone_number_ids, WABA business profile metadata, profile picture metadata, conversation IDs, inbound and outbound message content, delivery status, opt-out or consent status, and Click-to-WhatsApp ad referral metadata such as ad ID, campaign name, headline, and body.

Voice calling data: phone numbers, call metadata, call outcomes, AI employee configuration, real-time call audio processed by ElevenLabs, transcripts, summaries, recordings where enabled, call attempts, call timing, and compliance status.

SMS data: inbound and outbound SMS phone numbers, message content, delivery status, opt-out status, consent status, and conversation history.

Email data: sender and recipient addresses, subject lines, body content, classification labels, reply content, follow-up content, and notification metadata. If a customer connects Gmail, Fortelk processes the connected Google account data needed to provide the requested workflow.

Web form and CRM data: leads, contacts, companies, deals, notes, tasks, fields, statuses, source information, form answers, campaign attribution, workflow interest, CRM/system identifiers, and bidirectional sync data from connected systems such as HubSpot, Salesforce, GoHighLevel, LinkedIn, Mailchimp, and Apollo.io when enabled by the customer.

Cookies and analytics: page views, device and browser information, referrer, campaign parameters, event data, CTA clicks, demo interactions, form submissions, widget activity, and similar website analytics.

We use information to provide the Fortelk service, operate AI employees, respond to leads, qualify contacts, route conversations, book appointments, send approved follow-ups, update CRM records, prepare summaries, provide support, debug issues, monitor performance, prevent abuse, comply with law, and improve product reliability.

We use conversation and workflow data to power AI reasoning, approved-script execution, routing decisions, call handling, message drafting, CRM updates, reporting, and human handoff.

We use website and demo interaction data to understand funnel performance, measure marketing campaigns, route leads to the right workflow, and improve conversion paths.

Fortelk acts as a technology provider for customer WhatsApp Business Accounts connected to Fortelk. Customers connect their WhatsApp Business Account through Meta's Embedded Signup flow, powered by Facebook Login for Business.

When a customer completes Embedded Signup, Fortelk receives a business-token scoped to the customer's WABA. Fortelk stores that token encrypted at rest and separated by tenant.

Inbound WhatsApp messages sent to the customer's WhatsApp number are received through Fortelk webhooks, including https://app.fortelk.com/api/webhooks/whatsapp, and stored as part of the customer's tenant conversation history.

For Click-to-WhatsApp ads, Fortelk captures the referral payload and stores ad context such as ad ID, campaign name, headline, and body on the related lead or contact record.

Fortelk sends outbound WhatsApp messages on behalf of the customer when the lead initiated contact within WhatsApp's 24-hour customer service window or when the customer uses a pre-approved WhatsApp message template.

Fortelk reads WABA business profile metadata, including display name, about text, address, and website, to populate the customer's inbox and channel configuration.

Fortelk stores WhatsApp phone numbers, phone_number_ids, profile picture metadata, conversation IDs, message content, and delivery information for the duration of the customer's configured retention period or, if no shorter setting applies, for the duration of the customer relationship and up to 24 months after last activity unless legal, security, backup, or contractual requirements require a different period.

If a customer connects a Google account, Fortelk uses Google user data only to provide the specific connected workflow requested by that customer, such as Gmail classification, email follow-up, calendar routing, or related workflow automation.

Fortelk's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Fortelk does not use Google user data for advertising. Fortelk does not sell Google user data. Fortelk does not allow humans to read Google user data unless required to provide support, investigate security or abuse issues, comply with law, or when the customer has given permission.

Anthropic: LLM inference and AI employee reasoning for conversation handling and workflow execution.

ElevenLabs: conversational AI voice synthesis and live AI call handling.

Twilio: SMS delivery, voice telephony, phone number routing, and call/SMS metadata.

Meta / WhatsApp: WhatsApp Business Account connection, WhatsApp message delivery, WABA metadata, and Click-to-WhatsApp referral data.

Supabase: Postgres database, authentication, file storage, and related backend services hosted on AWS infrastructure.

Vercel: Next.js hosting, edge delivery, and application runtime for Fortelk websites and services.

Inngest: background job orchestration and workflow execution for AI employee tasks.

Resend: transactional and workflow email delivery.

Google: Gmail and Calendar integrations for customers who connect their Google account.

Microsoft: Outlook and Calendar integrations for customers who connect Microsoft 365.

HubSpot, Salesforce, GoHighLevel, LinkedIn, Mailchimp, and Apollo.io: customer-requested CRM, marketing, contact, and data sync integrations.

Fortelk updates this sub-processor list when service providers materially change. Data primarily resides in Canada and the United States, including Supabase, Vercel, and connected provider infrastructure.

Fortelk shares information with service providers and sub-processors only to operate the service, deliver messages, run calls, host data, process AI workflows, provide support, maintain security, and comply with law.

Fortelk shares customer-controlled data with connected systems when the customer enables that integration, such as a CRM, calendar, email account, WhatsApp Business Account, or advertising platform.

Fortelk does not sell personal information.

Fortelk does not disclose lead or conversation data to another customer. Customer tenant data is separated by tenant.

Fortelk uses encryption in transit, encryption at rest where supported by the service provider, encrypted storage for sensitive channel tokens, access controls, role-based permissions, audit-oriented operational practices, and per-tenant isolation.

No system is perfectly secure. Fortelk works to protect customer and lead data, but customers remain responsible for the lawfulness, quality, and permissions associated with the leads, contact lists, and connected accounts they provide.

Fortelk retains customer account information for the duration of the customer relationship and as needed for billing, legal, security, and support purposes.

Lead, contact, conversation, WhatsApp, SMS, email, voice transcript, CRM, ad context, and workflow records are retained according to the customer's retention settings. If no shorter setting applies, Fortelk retains those records for the duration of the customer relationship and up to 24 months after last activity.

Voice recordings, transcripts, call outcomes, message logs, and ad referral context may be retained for compliance, quality review, support, reporting, and customer workflow history. Backup copies may persist for a limited period after deletion until backup rotation completes.

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information.

If you are a Fortelk customer, contact Fortelk at ok@fortelk.com to exercise these rights.

If you are a lead, prospect, customer, or contact of a Fortelk business customer, Fortelk usually processes your data on behalf of that business customer. You can contact that business directly, or email Fortelk and we will route the request as appropriate.

You can opt out of SMS by replying STOP where supported. WhatsApp opt-out and message controls depend on WhatsApp and the customer workflow. Email messages include unsubscribe or reply-based preference options where required.

Fortelk is based in Canada and uses service providers that operate in Canada, the United States, and other jurisdictions. If data from the European Economic Area, United Kingdom, or other regions is processed, it may be transferred to Canada, the United States, and the locations of Fortelk's sub-processors.

Fortelk uses contractual and operational safeguards appropriate to the service and customer relationship.

Fortelk is a business-to-business service and is not intended for children under 18. Fortelk does not knowingly collect personal information from children under 18.

Fortelk updates this policy when its services, providers, data practices, or legal requirements change. The updated policy will be posted on this page with a new effective date. Material changes may also be communicated by email or in-product notice when appropriate.

Fortelk Inc.

207-755 Queensway East, Mississauga, Ontario, Canada

Privacy contact: Osama Katanani

Email: ok@fortelk.com