VoxBot

Privacy Policy

Effective Date: 30/11/2025

1. Information We Collect

VoxBot ("we", "our", or "us") collects information you provide directly to us, such as when you:

  • Create an account or use our services
  • Make phone calls through our platform
  • Contact us for support
  • Subscribe to our services

Types of information collected:

  • Account Information: Name, email address, phone numbers, and billing information
  • Call Data: Phone numbers involved in calls, call duration, timestamps, and call recordings (where applicable)
  • Usage Data: Information about how you use our services, including call flow configurations and settings
  • Technical Data: IP addresses, browser type, device information, and cookies
  • Payment Information: Processed securely through Stripe (we do not store full payment card details)

2. Legal Basis for Processing (GDPR)

We process your personal data under the following legal bases as required by the General Data Protection Regulation (GDPR):

  • Contract Performance: Processing necessary to provide our services and fulfil our contract with you
  • Legitimate Interests: To improve our services, prevent fraud, and ensure security
  • Legal Obligation: To comply with applicable laws and regulations
  • Consent: Where you have provided explicit consent for specific processing activities

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our call bot services
  • Process transactions and send related information
  • Send technical notices and support messages
  • Respond to your comments and questions
  • Monitor and analyse usage patterns to improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our terms

4. Call Recording and Processing

VoxBot's services may process and record telephone calls as part of providing call automation services. When calls are recorded:

  • You (the service user) are responsible for obtaining necessary consent from call participants
  • You must comply with call recording laws in your jurisdiction and the jurisdiction of your callers
  • Call recordings are stored securely and processed in accordance with this policy
  • Call data may be processed by our telephony provider, Twilio, in accordance with their privacy policy

5. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy.

We may share information with trusted service providers who assist us in operating our services:

  • Twilio: For telephony services and call processing, subject to Twilio's privacy policy and compliance standards
  • Stripe: For payment processing (payment card data is handled directly by Stripe)
  • Auth0: For authentication services and secure access management
  • Heroku: For hosting infrastructure (owned by Salesforce)
  • Sentry: For error tracking and application monitoring

We may also disclose your information when required by law, to protect our rights, or in connection with a business transfer or acquisition.

6. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this policy and applicable laws.

7. Data Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Secure authentication mechanisms
  • Regular security assessments and updates
  • Access controls and monitoring
  • Employee training on data protection

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. When you request account deletion, we will delete or anonymise your personal data within 30 days, except where retention is required by law.

9. Your Rights Under GDPR

If you are located in the European Economic Area (EEA) or UK, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of Access: You can request a copy of the personal data we hold about you
  • Right to Rectification: You can request correction of inaccurate or incomplete personal data
  • Right to Erasure ("Right to be Forgotten"): You can request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: You can request that we limit how we use your personal data
  • Right to Data Portability: You can request a copy of your data in a machine-readable format
  • Right to Object: You can object to our processing of your personal data based on legitimate interests
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time
  • Right to Lodge a Complaint: You can complain to your local data protection authority

To exercise any of these rights, please contact us at support@voxbot.io. We will respond to your request within 30 days as required by GDPR.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyse usage, and provide personalised content. You can control cookie preferences through your browser settings. For more information, please see our Cookie Policy.

11. Children's Privacy

Our services are not intended for children under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice on our service. Your continued use of the service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us and Data Protection Officer

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how we handle your personal information, please contact us at:

Email: support@voxbot.io

For GDPR-related enquiries, you may also contact us at the email address above with "GDPR Request" in the subject line.

If you are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority (e.g., the Information Commissioner's Office in the UK).