Privacy Policy
Effective date: July 9, 2026 · HotSpot Estates, LLC
This Privacy Policy describes how HotSpot Estates, LLC ("we," "us," or "our") collects, uses, and protects information in connection with the AgentResponder service. By using the service, you agree to the practices described in this policy.
1. Information We Collect
We collect the following types of information:
- Account Information: Your name, email address, and billing information when you sign up for the service.
- Google Account Access: With your explicit consent, we access your Gmail account to read real estate inquiry emails from Zillow and StreetEasy and to send automated replies on your behalf. We use Google OAuth 2.0 and store only the necessary tokens to operate the service.
- Quo / OpenPhone Credentials: Your Quo API key, used solely to send SMS messages and create contacts for leads on your behalf.
- Listing Data: The property listings, email templates, and SMS templates you create within the dashboard.
- Lead Data: Names, email addresses, and phone numbers of renters extracted from inquiry emails processed through the system.
- Usage Data: Log data, timestamps, and records of emails processed to support the service and prevent duplicate replies.
2. How We Use Your Information
We use your information solely to operate and improve the service:
- • To process your Gmail inbox and automatically respond to rental inquiries
- • To send SMS messages via your Quo account on your behalf
- • To create contacts in your Quo account for incoming leads
- • To manage your subscription and process payments via Stripe
- • To send you account-related notifications (trial reminders, billing updates)
3. Google User Data
Our use of Google user data is limited to the following:
- • Reading emails from Zillow and StreetEasy in your Gmail account
- • Sending reply emails on your behalf through your Gmail account
- • We do not read, store, or share any other emails in your inbox
- • We do not use Google user data to train any AI or machine learning models
- • We do not sell or share Google user data with any third parties
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
4. Data Sharing
We do not sell your personal information. We share information only with the following service providers as necessary to operate the service:
- • Stripe — for payment processing
- • Google — for Gmail API access (authorized by you)
- • Secure cloud infrastructure providers — for database storage and application hosting
- • Your connected SMS provider — for sending messages on your behalf (authorized by you)
We may also disclose information if required to do so by law or in response to a valid legal request.
5. Lead Data & Compliance
Lead information (names, emails, phone numbers) extracted from inquiry emails is used only to send automated replies on your behalf. You, the Client, are responsible for ensuring that your use of automated messaging complies with applicable laws, including the Telephone Consumer Protection Act (TCPA) and CAN-SPAM Act. We are not liable for how you use lead data or the content of messages sent through the service.
6. Data Security
We take reasonable technical and organizational measures to protect your information. OAuth tokens and API keys are stored securely in an encrypted database. We do not store your Google account password. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.
7. Data Retention
We retain your account data for as long as your subscription is active. When you cancel, your data is retained for up to 30 days, after which it is deleted. You may request deletion of your data at any time by contacting us.
8. Revoking Access
You can revoke AgentResponder's access to your Google account at any time through your Google Account permissions page. Revoking access will stop the service from processing your emails until you reconnect.
9. Confidentiality
We treat your account information, listing data, and lead data as confidential. We will not share this information with any third party except as described in this policy. We expect clients to maintain the confidentiality of their account credentials and not share access with unauthorized users.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email at least 14 days before they take effect. Continued use of the service after that period constitutes acceptance of the updated policy.
Questions? Contact us at inquiryautoresponse@gmail.com