Read the official telefonie.ai Privacy Policy, detailing how we process Client and End-Customer data in compliance with GDPR for our AI Voice Agent platform.
Last Updated: [Insert Date of Policy Update, e.g., November 6, 2025]
### 1. Introduction
telefonie.ai (referred to as "we", "us", or "our") provides an AI Voice Agent platform for automated in- and outbound calling (the "Service"). We are committed to protecting the privacy and security of your personal data. This policy explains our data processing practices as they relate to our Clients (users of our SaaS platform) and their End-Customers (individuals contacted by the AI Voice Agents).
Our Data Protection Officer (DPO) or the responsible contact can be reached at:
Email: info@telefonie.ai
Location: Utrecht, Netherlands
### 2. Personal Data We Collect and Process
We process data in two capacities:
#### A. Data Collected from Clients (Data Controller)
When you, as a client, sign up for or use our Service, we act as a Data Controller for the following data:
* Identity Data: Name, job title, company name (for account setup and management).
* Contact Data: Email address, phone number, physical address (for communications and invoicing).
* Financial Data: Billing address, payment details (processed via a secure third-party processor).
* Usage/Technical Data: IP address, browser type, pages visited (for improving the service and security).
#### B. Data Processed for Clients (Data Processor)
When our AI Voice Agents conduct calls on behalf of our Clients, we act as a Data Processor. The Client is the Data Controller. This data is provided by the Client and may include:
* End-Customer Contact Data: Names, phone numbers, email addresses.
* Voice Recordings/Transcripts: Audio recordings of calls and their text transcriptions.
* Conversation Metadata: Call duration, time, AI agent’s performance rating.
We process this data strictly according to the Client's instructions, as detailed in our separate Data Processing Agreement (DPA) with the Client.
### 3. Legal Basis for Processing
We rely on the following legal bases for processing your personal data:
1. Performance of a Contract (Art. 6(1)(b)): Necessary for providing the Service to our Clients.
2. Legitimate Interest (Art. 6(1)(f)): For security, fraud prevention, and service improvement (where our interests do not override your rights).
3. Consent (Art. 6(1)(a)): Where required (e.g., for optional marketing communications).
4. Legal Obligation (Art. 6(1)(c)): Necessary to comply with a legal or regulatory requirement.
### 4. How We Use the Personal Data
* To Provide the Service: To operate, maintain, and provide all features of the telefonie.ai platform.
* AI Agent Training and Improvement: We use anonymized or aggregated voice data and transcripts to train and improve our AI models. We only use End-Customer Personal Data for training when explicitly authorized by the Client/Data Controller.
* Customer Support: To respond to your inquiries.
* Marketing: To send you updates and promotions, provided you have opted in.
### 5. Sharing and Disclosure of Data
We do not sell your Personal Data. We may share data only with:
* Third-Party Service Providers: Trusted vendors (e.g., cloud hosting, payment processors) bound by contract to protect the data.
* Legal Requirements: If required by law, court order, or governmental authority.
### 6. Data Security
We implement appropriate technical and organizational measures, including encryption (in transit and at rest) and strict access control, to protect your data against unauthorized access, alteration, disclosure, or destruction.
### 7. Data Retention
We retain data only for as long as necessary to fulfill the purposes for which it was collected:
* Client Data: Retained for the duration of your contract and a reasonable period thereafter (typically 6-12 months) for legal compliance.
* End-Customer Data (Processed Data): Retained according to the instructions and retention policies of our Client (the Data Controller).
### 8. Your Data Protection Rights (GDPR)
Under the GDPR, you have the right to access, rectify, erase ('right to be forgotten'), restrict processing, object to processing, and the right to data portability. To exercise any of these rights, please contact us via the email address provided in Section 1.
### 9. International Data Transfers
We primarily store and process data within the European Economic Area (EEA). If data is transferred outside the EEA, we ensure protection through mechanisms such as Standard Contractual Clauses (SCCs).
### 10. Contact Information and Supervisory Authority
For questions or complaints, please contact us via info@telefonie.ai.
You also have the right to lodge a complaint with a supervisory authority, particularly in the European Union member state of your habitual residence, place of work, or the place of the alleged infringement. In the Netherlands, this is the Autoriteit Persoonsgegevens (AP).