Customer FAQ — Missed Lead / Follow-up Gap Audit

This is the agency-facing FAQ for the Service. It is read together with the Privacy Policy, the Terms of Service, the Scope of Access, and the Onboarding guide.

What the audit does

What does this app actually do?

It is a read-only diagnostic audit utility. It scans across the client accounts you select inside the supported CRM platform and flags four patterns:

contact has had no outbound reply within the configured threshold.

update timestamp has not moved within the configured threshold.

cancellation with no outbound follow-up before the cut-off.

no appointment booked yet.

Findings appear in the Service's own dashboard. You review them internally, then decide whether and how to act inside your CRM.

Is this a messaging tool?

No. It is read-only by construction. It cannot send SMS, voice calls, email, or in-app messages on your behalf. Messaging is the agency's job; the Service surfaces what looks wrong.

Will this update my CRM data?

No. Doptar is read-only for your CRM business data: there is no CRM-data write scope or write code path anywhere in the Service. It does not change pipeline stages, contacts, appointments, calendars, or any other field inside your connected CRM platform. (It requests two OAuth control-plane scopes — oauth.readonly to list your installed client accounts via GET /oauth/installedLocations, and oauth.write to mint per-location tokens via POST /oauth/locationToken; neither writes CRM data.)

Does this estimate "lost revenue" or assign a dollar value to a missed lead?

No. Findings are diagnostic indicators, not financial estimates. The Service does not read the opportunity monetaryValue field, does not aggregate revenue, and does not produce financial impact figures of any kind. See the Scope Justification §7 for the three-layer enforcement (detector code, AI system prompt, AI post-check).

How is the AI summary used?

The AI summary is an agency-review draft. It runs over the rule-based detector output (counts, severity distributions, masked identifiers, neutral metadata only — no message bodies, no contact PII). You edit the draft before sharing it with a client. The rule-based findings underneath are the source of truth; the AI never decides whether a finding is legitimate.

Data and privacy

What data do you collect?

The Service stores SHA-256 hashes of agency and entity identifiers, neutral metadata aggregates (timestamps, severity, confidence, reason codes), encrypted OAuth tokens, your own True / False / Ignore feedback per finding, optional free-text feedback comments you typed yourself (max 500 characters), and aggregate beta-usage metrics. The full list is in Privacy §3.

Do you read the content of my messages?

No. The detectors read direction enums (inbound / outbound) and timestamps from conversation metadata. Message bodies, recordings, and transcripts are never read into application memory and never persisted. The OAuth scope set does not include any recording-or-transcription scope. Full statement: Privacy §4 and Scope Justification §4.

Is my data shared with third parties?

The Service uses a small set of subprocessors strictly necessary to operate the product:

only.

opaque checkout reference.

notifications only.

We do not sell agency data, and we do not share data outside the subprocessor list except under a legal requirement (court order, subpoena, regulatory request). Full table: Privacy §7.

Are you GDPR / CCPA / HIPAA / TCPA / SOC 2 compliant?

We describe our own data-handling posture precisely rather than asserting a certification:

TCPA / HIPAA surface (no message bodies, no recordings, no contact PII).

correction, objection) usually associated with GDPR / CCPA. See Privacy §10.

we do not claim one. Security is implemented as reasonable industry practice (AES-256-GCM at rest, HMAC-signed sessions, PII redaction in logs, PII-key allowlist in the persistence layer).

take on findings, remain your responsibility under whatever regulations apply to your operations.

What happens when I uninstall?

Your session cookie is cleared, the Service stops calling the platform on your behalf, and your agency record is retained as an audit log entry. OAuth tokens stay encrypted at rest until the operator rotates the encryption key on your written request. Reinstall at any time from the marketplace or from the /install page; your history comes back. Full detail: Privacy §9 and Onboarding §10.

Install and setup

How long does the install take?

Typically under five minutes. You authorize the eight OAuth scopes once (six read-only for your CRM data, plus two OAuth control-plane scopes that list your installed client accounts and mint per-location tokens — never used to write CRM data), then land on the dashboard. From there you can preview the audit with sample data today. A connected account audit across the client accounts you select is not yet available in-app (see "Can I run a connected account audit now?" below).

Can I install at the client-account level?

The full multi-client audit needs an agency-level (bulk) install — that is what lets the Service audit every client account you select. A single client-account direct install is accepted as a limited single-account fallback (it audits that one account only) and is not the agency-wide path. See Scope Justification §9 for the install policy.

What CRM platforms do you support?

The supported integration is listed on the marketplace listing where the Service is published. See the listing for the canonical answer.

Can I run a connected account audit now?

Not yet. Today the in-app dashboard runs a sample audit on illustrative data so you can preview exactly what a finding looks like — it does not read your connected accounts. A connected account audit across the client accounts you select is not yet available in-app; before it is enabled, Doptar must clear the remaining owner-controlled technical gates. The product stays read-only for your CRM business data and never sends messages in either case.

How long does a scan take?

The sample audit completes in seconds. Once connected account audits are enabled, a connected scan is expected to complete in well under a minute per selected client account; accounts with very high inbound activity, very large open opportunity counts, or very long appointment histories may take a few minutes, and the per-account timing is reported on the scan detail page. The verification target is time-to-value under 10 minutes from install to first finding seen.

What if I manage 100+ client accounts?

The alpha and early-beta cohorts are tuned for agencies managing 5–50 client accounts. Larger cohorts are the target of the planned Scale tier; until that tier is active, please reach out before running the first scan so we can confirm the scan duration and rate- limit posture for your tenant.

Findings and feedback

What do the severity levels mean?

Each detector has configurable severity thresholds:

DetectorHighMediumLow
Unanswered Inbound≥ 24 h≥ 8 h≥ 2 h
Stale Opportunity≥ 14 days≥ 7 days≥ 3 days
No-show Follow-up Gap≥ 24 h≥ 8 h≥ 2 h
Booking Gap≥ 14 days≥ 7 days≥ 3 days

These are defaults. We tune them on aggregate feedback rather than bespoke per-agency rules.

What does the confidence score mean?

It is a 0–1 value attached to every finding. Detectors that run a primary metadata path emit 0.9. Detectors that fall back to a metadata inference path (when a primary signal was unavailable) emit 0.7. A lower confidence does not mean the finding is wrong; it means the detector took a fallback route to produce it.

What if a finding is a false positive?

Open it and mark it Not an issue with a short comment (optional, capped at 500 characters). When you have rated at least 10 findings in a detector, the scan detail page shows the false-positive rate. If the Booking Gap detector crosses 30 % false-positive across at least 10 rated findings, the dashboard flags the Booking Gap defer trigger and we revisit the threshold. If high-severity findings cross 20 % false-positive across at least 10 ratings, the dashboard flags the high-severity false-positive target for tuning.

Can I share the findings with my client?

Yes, after your own review. The CSV export is the intended sharing artifact; the AI draft is intended as a starting point for your own client report. We never auto-share with your clients on your behalf.

How do I export findings?

Click Download CSV on the scan detail page. The file is RFC 4180 CSV (UTF-8 with BOM, CRLF line terminator) with 16 columns covering scan id, agency id, location hash, finding id, finding type, severity, confidence, entity type, entity hash, status, first-detected timestamp, last-seen timestamp, reason codes, feedback value, feedback timestamp, and your feedback comment. Excel, Numbers, LibreOffice, and Google Sheets all open it without prompting. Full column list: Onboarding §7.

Pricing and billing

Paid plans are not open yet. Payment is not enabled during the current phase, and the prices below are exploratory and subject to validation — they describe the intended direction, not a charge you can make today.

How much will it cost?

month per agency.

Starter USD 49 / month (up to 10 client accounts), Growth USD 99 / month (up to 30 client accounts), Scale USD 199 / month (up to 100 client accounts).

When paid plans open, billing is intended to be monthly, with no setup fee.

Is there a free trial?

When the beta opens, the first scan is intended to be free — so you can confirm the Service surfaces useful findings before any payment is ever requested. The beta is not open yet.

Can I cancel any time?

That is the intended model: when paid plans open, you would be able to cancel any time and stop being charged the following month, with no annual lock-in. No charging happens today.

How will payment be processed?

Payment is not enabled yet. When it opens, the intended flow is checkout on the payment provider's hosted page (Stripe Payment Link); a staff operator then reconciles the checkout against your agency record and marks the account paid. We would never see card data — the payment provider holds the payment instrument record. Intended flow: Onboarding §9.

Support and reliability

Support is partially ready. You can reach us by email at support@doptar.com — this inbox is live and receives messages sent to it. The rest of the support model below (in-product chat and the response window) is still being finalized and is not a live service-level commitment today.

Do you offer phone or video support?

No — the Service is text-only. The intended support model is asynchronous with a target 24-hour response window, answered in a daily batch.

How do I provide feedback or feature requests?

We track every request. We do not commit timelines during beta; feedback feeds the next detector-threshold tuning round.

What happens if the connected access expires?

If the OAuth access token expires or is revoked on the CRM side, the dashboard surfaces a clear prompt. Disconnect and run /install again to refresh access. Your agency record, scan history, and feedback are preserved across reinstalls. Refresh tokens are rotated on every successful refresh.

What is your uptime target?

We monitor process health, database availability, and rate-limit breach internally. We do not publish a specific uptime SLA at this stage of the product. If a sustained outage affects your agency, support would respond within the same intended 24-hour window with the status; refunds of the affected month are at the operator's discretion per Terms §4.

Roadmap

What is on the roadmap?

CRM data + two OAuth control-plane scopes for installed-location listing and per-location token minting), CSV export, AI-assistive draft summary, and a planned (not-yet-enabled) Stripe Payment Link.

six to four after Live verification, Crisp in-product chat rollout, support pattern review.

remain read-only and metadata-only by construction. Capabilities outside the read-only diagnostic surface (automatic messaging, pipeline mutation, revenue estimation) are explicitly out of scope.

Will you ever send messages on my behalf?

No. The Service is read-only by design. A future product surface that involved outbound messaging would be a separate offering with a separate compliance posture, not an expansion of this one.

Will you support client-account installs?

A single client-account direct install is accepted as a limited single-account fallback, but the Service's value is cross-account aggregation across the client accounts you select, which needs the agency-level (bulk) install. The single-account fallback audits one account only — it is not the agency-wide path.