Terms & Privacy

Last updated: July 6, 2026

Terms of Service & Privacy Policy

Operated by [COMPANY LEGAL NAME] ("Vienna", "we", "us", "our").


Part A — Terms of Service

1. Agreement to terms

By creating an account, accessing, or using the Vienna application and related services (the "Service"), you agree to these Terms of Service ("Terms"). If you use the Service on behalf of an organization, you represent that you have authority to bind that organization, and "you" refers to both you and that organization. If you do not agree to these Terms, do not use the Service.

2. Eligibility

You must be at least 18 years old (or the age of majority in your jurisdiction) and capable of forming a binding contract. The Service is intended for business and professional use, not for consumers.

3. Accounts and security

  • You register with an email address and password. You are responsible for keeping your credentials confidential and for all activity under your account.
  • You must provide accurate information and keep it up to date.
  • Notify us promptly at avsupport@calloneonline.com of any unauthorized access.

4. Organizations, members, seats, and contractors

The Service supports two membership models:

  • Organizations purchase a subscription and allocate seats to their members. An organization owner/administrator manages billing, seats, and member roles.
  • Independent contractors may hold their own subscription and may belong to one or more organizations, subject to their plan's organization limit.

Organization administrators can invite, assign seats to, remove, and manage members. If you join an organization, that organization's administrators may control your access to, and content within, that organization's workspace, and may be able to view information about your activity in that workspace. Data you create within an organization's workspace generally belongs to and is controlled by that organization.

5. Subscriptions, billing, trials, and cancellation

  • Plans and pricing are presented in-app. Paid plans renew automatically each billing period until cancelled.
  • Payments are processed by our payment processor, Stripe. We do not store full card numbers; Stripe handles card data. Your use of payment features is also subject to Stripe's terms.
  • Trials. If a free trial is offered, we will begin charging the applicable fee when the trial ends unless you cancel before then.
  • Seats. Adding seats mid-cycle is prorated and charged immediately; reducing seats takes effect at the next renewal (you keep the seats you've paid for until then). Plan changes may be prorated.
  • Cancellation. You may cancel at any time; cancellation takes effect at the end of the current paid period unless stated otherwise. You retain access until then.
  • Failed payments. If a payment fails, we may retain your access for a short grace period before suspending it.
  • Refunds. Except where required by law, fees are non-refundable.
  • Taxes. Fees exclude taxes; you are responsible for applicable taxes other than taxes on our income.

6. Acceptable use

You agree not to:

  • use the Service unlawfully or in violation of third-party rights;
  • upload malware, attempt to breach security, or probe/scan the Service without authorization;
  • reverse engineer, scrape, or resell the Service except as permitted by law;
  • misuse the Service to store or transmit infringing, harmful, or unlawful content;
  • interfere with other users' use of the Service.

We may suspend or limit access to protect the Service or other users.

7. Customer content and intellectual property

  • Your content. You and your organization retain ownership of the data, designs, project information, documents, and other materials you submit ("Customer Content"). You grant us a limited license to host, process, and display Customer Content solely to provide and improve the Service.
  • Our IP. We and our licensors own the Service, software, and all related intellectual property. These Terms grant you a limited, non-exclusive, non-transferable right to use the Service during your subscription.
  • Feedback. If you give us suggestions, we may use them without restriction.

8. Third-party services

The Service integrates third-party providers (e.g. Stripe for payments, and the infrastructure and email providers listed in the Privacy Policy). We are not responsible for third-party services, and your use of them may be subject to their terms.

9. Confidentiality

Each party may receive confidential information from the other. The receiving party will protect it and use it only to fulfill these Terms, except where disclosure is required by law.

10. Disclaimers

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE DO NOT WARRANT THAT THE SERVICE WILL BE UNINTERRUPTED, ERROR-FREE, OR SECURE.

11. Limitation of liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, NEITHER PARTY WILL BE LIABLE FOR INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR FOR LOST PROFITS OR DATA. OUR TOTAL AGGREGATE LIABILITY ARISING OUT OF OR RELATING TO THE SERVICE WILL NOT EXCEED THE GREATER OF (A) THE AMOUNTS YOU PAID US IN THE [12] MONTHS BEFORE THE EVENT GIVING RISE TO THE CLAIM, OR (B) [USD $100].

12. Indemnification

You will defend and indemnify us against third-party claims arising from your Customer Content, your use of the Service, or your breach of these Terms, except to the extent caused by us.

13. Term and termination

These Terms apply while you use the Service. We may suspend or terminate your access for breach, non-payment, or as required by law. You may stop using the Service and cancel at any time. On termination, your right to use the Service ends; we will handle your data as described in the Privacy Policy. Sections that by their nature should survive (e.g. IP, disclaimers, liability, indemnity) survive termination.

14. Changes to the Service or Terms

We may modify the Service or these Terms. For material changes to the Terms, we will provide reasonable notice (e.g. in-app or by email). Continued use after changes take effect constitutes acceptance.

15. Governing law and disputes

These Terms are governed by the laws of [STATE/COUNTRY], without regard to conflict-of-laws rules. The parties submit to the exclusive jurisdiction of the courts located in [VENUE].

16. Miscellaneous

These Terms are the entire agreement between you and us regarding the Service. If any provision is unenforceable, the rest remains in effect. You may not assign these Terms without our consent; we may assign them in connection with a merger or sale. Our failure to enforce a provision is not a waiver.


Part B — Privacy Policy

This Privacy Policy explains what personal data Vienna collects, why, how we use it, and your rights.

Roles. For data you submit as part of an organization's workspace (Customer Content), the organization is generally the data controller and Vienna acts as a processor on its behalf. For account, billing, and product-analytics data, Vienna is the controller.

1. Data we collect

a. Account data — email address, display name, hashed password, profile details you provide, organization memberships, roles, and seat assignments.

b. Billing data — subscription, plan, seat count, invoices, and payment status. Payments are processed by Stripe. We receive limited billing metadata but do not store full card numbers — Stripe does.

c. Customer Content — the projects, designs, devices, bills of materials, notes, annotations, and other data you and your organization create in the Service.

d. Usage / product-analytics data ("Journeys"). We operate a first-party, self-hosted analytics feature to understand how the Service is used, identify pain points, and assist support. It is not a screen or session recorder. Specifically:

  • We capture page views, clicks, and "rage-click" signals — that a labelled element (such as a button) was interacted with, on which page, and when.
  • We capture a per-session identifier (stored in your browser's session storage), your user identifier when you are logged in, your route/URL path, and your browser's user-agent string.
  • We do not capture the contents of form fields, text you type, passwords, or input values. We do not record your screen or the page's content.
  • Our support team may review your captured journey to help diagnose issues you report.
  • We do not sell this data or share it with third-party advertising networks.

e. Cookies and local storage — authentication session cookies (required to keep you signed in), a theme preference, and an analytics session id stored in your browser. See "Cookies & consent" below.

f. Technical/log data — standard server logs (IP address, timestamps, request metadata) for security, debugging, and abuse prevention.

2. How we use data

  • Provide, operate, secure, and improve the Service.
  • Process subscriptions and payments.
  • Provide customer support (including reviewing journeys for issues you report).
  • Understand usage and prioritize features (product analytics).
  • Detect, prevent, and address fraud, abuse, and security issues.
  • Comply with legal obligations.

3. Legal bases (EU/UK GDPR)

Where GDPR/UK GDPR applies, we rely on:

  • Contract — to provide the Service you or your organization signed up for.
  • Legitimate interests — to secure and improve the Service and run first-party product analytics, balanced against your rights.
  • Consent — where required, e.g. for non-essential cookies/local storage used for analytics in the EU/UK.
  • Legal obligation — e.g. tax and accounting records.

4. Cookies & consent

  • Strictly necessary storage (authentication) is used without consent because the Service cannot function without it.
  • Analytics storage (the journey session id) is not strictly necessary. Where required by law (notably the EU/UK ePrivacy rules), we will obtain your consent before initializing analytics capture, and you may withdraw consent at any time.
  • You can also use your browser settings to clear or block storage.

5. Sharing and sub-processors

We share data with service providers ("sub-processors") who process it on our behalf, under contract and only as needed to run the service.

We do not sell your personal data. We may disclose data if required by law, to enforce our Terms, or in connection with a merger or acquisition (with notice where required).

6. International transfers

The Service is hosted in the United States. If you are located outside the US, your data will be transferred to and processed in the US and other countries. Where required, we use appropriate safeguards (e.g. Standard Contractual Clauses).

7. Data retention

  • Account & Customer Content: retained while your account/organization is active and as needed to provide the Service, then deleted or anonymized within a reasonable period, subject to legal/accounting requirements.
  • Billing records: retained as required by tax/accounting law.
  • Product-analytics (Journeys): automatically pruned after [120] days.
  • Logs: retained for a limited period for security and debugging.

8. Your rights

Depending on your location (e.g. EU/UK GDPR, California CCPA/CPRA, and similar laws), you may have the right to access, correct, or delete your personal data; object to or restrict certain processing; data portability; withdraw consent; opt out of "sale"/"sharing" (we do not sell/share for cross-context advertising); and not be discriminated against for exercising these rights.

To exercise these rights, contact avsupport@calloneonline.com. If your data is controlled by an organization (your employer or a client), please also contact them; we may refer your request to that organization as the controller. On a verified deletion request, we will delete or irreversibly anonymize your personal data, including your analytics journey records, except where we must retain limited data for legal reasons.

9. Security

We use technical and organizational measures to protect data, including hashed passwords, access controls, encryption in transit, and restricted internal access to analytics. No system is perfectly secure; we cannot guarantee absolute security.

10. Children

The Service is not directed to children under 16, and we do not knowingly collect data from them. If you believe a child has provided us data, contact us and we will delete it.

11. Changes to this Policy

We may update this Policy. We will post the new version with an updated "Last updated" date and, for material changes, provide additional notice (e.g. in-app or by email).

12. Contact

Privacy questions or requests: avsupport@calloneonline.com · Call One, Inc.