Privacy Policy

Last Updated: October 24, 2025 | Effective Date: October 24, 2025

Your Privacy Matters. This Privacy Policy explains how Call Center Automation Platform collects, uses, protects, and shares information when you use our AI-powered call center automation services.

Table of Contents

1. Information We Collect

1.1 Account Information

When you register for the Service, we collect:

  • Company name and contact information
  • User names and email addresses
  • Billing information and payment details
  • Phone numbers for telephony integration

1.2 Usage Data

We automatically collect information about how you use the Service:

  • Dashboard interactions and feature usage
  • API calls and integration activity
  • Login timestamps and IP addresses
  • Browser type and device information

1.3 Call Center Data

Through your use of the Service, we process:

  • Call metadata (timestamps, duration, outcomes)
  • Call recordings and transcripts (when enabled)
  • Caller phone numbers and ANI data
  • AI conversation logs and confidence scores

2. Voice Data & Call Recordings

Special Notice About Voice Data

Voice data is particularly sensitive personal information. We take extra precautions to protect it.

2.1 What Voice Data We Process

Data Type Purpose Retention
Call Audio AI processing, quality assurance 90 days default
Transcripts Analytics, search, compliance 1 year
AI Confidence Scores Performance monitoring 1 year
Voicemail Recordings Message delivery, transcription 60 days

2.2 How Voice Data is Processed

Your callers' voice data is processed by:

  • Telephony Providers: Twilio, Cisco Webex, or your SIP/VoIP provider handles call routing and initial audio capture
  • Speech Recognition: Audio is converted to text using AI speech-to-text technology
  • AI Processing: Transcripts are analyzed by OpenAI GPT models to understand intent and generate responses
  • Storage: Recordings and transcripts are stored in encrypted cloud storage

2.3 Customer Consent

Important: You are responsible for obtaining consent from callers before their voice is recorded or processed by AI. We provide configurable greeting messages that you can use to disclose AI usage.

3. How We Use Your Information

We use collected information for the following purposes:

Purpose Legal Basis (GDPR)
Providing the Service (call routing, AI responses) Contract performance
Account management and billing Contract performance
Analytics dashboard and reporting Contract performance
Security monitoring and fraud prevention Legitimate interest
Service improvements and AI model enhancement Legitimate interest / Consent
Customer support Contract performance
Legal compliance Legal obligation

4. Data Sharing & Third Parties

4.1 Service Providers (Subprocessors)

We share data with trusted third parties who help us provide the Service:

  • OpenAI: AI language processing for voice agents
  • Twilio: Telephony infrastructure and call handling
  • Cloud Providers: Secure data storage and computing
  • Payment Processors: Subscription billing

4.2 We Do NOT:

  • Sell your personal data or call recordings to third parties
  • Share your data for third-party advertising
  • Use your identifiable call data to train AI models without explicit consent

4.3 Legal Requirements

We may disclose data when required by law, court order, or government request, or to protect our rights, safety, or property.

5. Data Retention

We retain different types of data for different periods:

Data Type Retention Period Notes
Account Information Duration of account + 2 years For legal/tax purposes
Call Recordings 90 days (default) Configurable per company
Transcripts 1 year For analytics
Call Metadata 2 years For reporting
Voicemails 60 days Auto-deleted after
System Logs 90 days For security

You can request earlier deletion of your data at any time (see Your Rights section).

6. Data Security

Our Security Measures

We implement industry-standard security measures to protect your data.

6.1 Technical Safeguards

  • Encryption: Data encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access with multi-factor authentication
  • Tenant Isolation: Strict data separation between customer accounts
  • Audit Logging: Comprehensive logs of data access and modifications

6.2 Organizational Safeguards

  • Employee background checks and security training
  • Principle of least privilege for data access
  • Regular security assessments and penetration testing
  • Incident response procedures

6.3 Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours in accordance with applicable law.

7. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a portable format
  • Restriction: Request limited processing of your data
  • Objection: Object to certain processing activities
  • Withdraw Consent: Withdraw previously given consent

To exercise these rights, contact us at privacy@callcenterai.com. We will respond within 30 days.

8. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to lodge a complaint with a supervisory authority
  • Right to receive information about automated decision-making
  • Right to object to profiling

For EU customers processing personal data of EU residents, we offer a Data Processing Agreement (DPA) that includes Standard Contractual Clauses for international data transfers.

9. CCPA Compliance (California Users)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect and how we use it
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

California residents can exercise these rights by contacting privacy@callcenterai.com or calling our toll-free number.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) for EU data transfers
  • Data Processing Agreements with all subprocessors
  • Compliance with applicable data localization requirements

11. Children's Privacy

The Service is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last Updated" date at the top of this policy indicates when it was last revised.

13. Contact Us

For questions about this Privacy Policy or to exercise your privacy rights:

  • Email: privacy@callcenterai.com
  • Data Protection Officer: dpo@callcenterai.com
  • Address: Call Center Automation Platform, Inc.

For EU residents, you may also contact your local data protection authority.

This Privacy Policy is effective as of October 24, 2025.

Terms of Service Back to Home