1. Introduction
This Privacy Policy describes how Agent IA Vocal (hereinafter "we", "our", or "the Platform") collects, uses, discloses, and protects the personal information of users of our website and services in the United States. By using our Platform, you consent to the practices described in this policy. We comply with applicable US federal and state privacy laws, including the California Consumer Privacy Act (CCPA/CPRA), the Health Insurance Portability and Accountability Act (HIPAA), and the Telephone Consumer Protection Act (TCPA).
2. Information We Collect
We collect the following categories of personal information:
- ●Identification information: first name, last name, email address, phone number.
- ●Business information: company name, website, industry, voice agent usage goals.
- ●Payment information: credit card data is processed by Stripe and is never stored on our servers.
- ●Usage data: call logs, transcripts, voice recordings, call duration, Platform navigation data.
- ●Technical data: IP address, browser type, operating system, connection data.
3. How We Use Your Information
We use your personal information to:
- ●Provide, maintain, and improve our AI voice agent services.
- ●Process your payments and manage your subscription.
- ●Configure and customize your voice agent according to your needs.
- ●Send you communications related to your account and our services.
- ●Analyze Platform usage to improve our products.
- ●Comply with our legal and regulatory obligations.
4. Voice Recordings and Transcripts
Our AI voice agent service may record and transcribe telephone conversations. Callers are informed at the beginning of each call that the conversation may be recorded. Recordings and transcripts are:
- ●Encrypted in transit (TLS 1.3) and at rest (AES-256).
- ●Accessible only to authorized users of your organization through the secure dashboard.
- ●Retained for a maximum of 90 days, unless configured differently by the user.
- ●Used solely for service delivery and quality improvement.
5. Information Sharing
We never sell your personal information. We may share your data with:
- ●Stripe: for payment processing.
- ●ElevenLabs: for AI voice processing (anonymized voice data).
- ●Calendar and CRM providers (Google Calendar, HubSpot, Salesforce, etc.) when you connect them to your account.
- ●Hosting providers: our servers are hosted on SOC 2 Type II certified infrastructure in the United States.
- ●Legal authorities: when required by law, subpoena, or court order.
6. HIPAA Compliance
For healthcare customers who have signed a Business Associate Agreement (BAA) with us, we comply with the Health Insurance Portability and Accountability Act (HIPAA). Protected Health Information (PHI) is handled according to HIPAA's Privacy and Security Rules. BAAs are available on our Growth and Scale plans.
7. CCPA Rights for California Residents
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- ●Right to know: request disclosure of the personal information we collect about you.
- ●Right to delete: request deletion of your personal information.
- ●Right to correct: request correction of inaccurate personal information.
- ●Right to opt out: opt out of the sale or sharing of personal information (we do not sell personal information).
- ●Right to non-discrimination: we will not discriminate against you for exercising your rights.
8. TCPA Compliance
All outbound calls made by Agent IA Vocal comply with the Telephone Consumer Protection Act (TCPA). We maintain do-not-call lists, honor opt-out requests within 30 days, and obtain appropriate consent before initiating outbound AI calls. You are responsible for ensuring that your use of outbound calling features complies with the TCPA in your jurisdiction.
9. Data Security
We implement appropriate technical and organizational security measures to protect your personal information, including:
- ●End-to-end encryption for all communications (TLS 1.3 in transit, AES-256 at rest).
- ●SOC 2 Type II certified infrastructure hosted in the United States.
- ●Secure authentication through recognized identity providers, with optional multi-factor authentication.
- ●Continuous monitoring of access and suspicious activity, with audit logs.
- ●Role-based access controls limiting personal data access to authorized personnel with a business need.
10. Data Retention
We retain your personal information for as long as necessary to provide our services and meet our legal obligations. Account data is retained during your subscription and up to 30 days after termination. Voice recordings are retained according to the period configured in your account (default: 90 days). You may request earlier deletion at any time.
11. Cookies and Similar Technologies
We use essential cookies for Platform operation (authentication, language and theme preferences). We do not use advertising cookies or third-party trackers for marketing purposes.
12. Children's Privacy
Agent IA Vocal is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will promptly delete it.
13. Changes to This Policy
We reserve the right to modify this Privacy Policy at any time. Any changes will be posted on this page with the updated date. Your continued use of the Platform after any changes constitutes your acceptance of the updated policy.
14. Contact
For any questions regarding this Privacy Policy or to exercise your rights, please contact us at: demo@agentiavocal.ca