Privacy Policy

DeskAgent ("we", "us", or "our") is an AI-powered voice assistant service provider incorporated in Ontario, Canada. We provide automated voice reception, appointment booking, and customer communication services to small and medium-sized businesses across North America.

This Privacy Policy applies to all personal information collected through our website, our platform, our AI voice assistant service, and any related communications. By using our services, you agree to the practices described in this policy.

For the purposes of applicable privacy legislation, DeskAgent acts as the data controller for information collected directly from you, and as a data processor for personal information collected on behalf of our business clients.

We collect information in three ways: information you provide directly, information collected automatically, and information provided by our business clients.

Information You Provide

• Contact details: Name, email address, phone number, and business name when you fill out a form or book a demo.
• Account information: Login credentials, billing details, and business configuration preferences for platform users.
• Communications: Messages, inquiries, and feedback you send to us via email, contact forms, or support channels.

Information Collected Automatically

• Usage data: Pages visited, features used, session duration, and interaction patterns on our platform.
• Device & technical data: IP address, browser type, operating system, and referring URLs.
• Cookies & tracking: Session cookies and analytics identifiers.

Information Collected Through Our Voice Service

• Call recordings & transcripts: Audio recordings and text transcriptions of calls handled by our AI assistant on behalf of our business clients.
• Caller information: Phone numbers, names, and appointment details provided by callers to our clients' AI assistants.
• Appointment data: Booking details, preferences, and follow-up information as directed by our business clients.

We use personal information only for the purposes for which it was collected, and only to the extent necessary to fulfil those purposes.

• Service delivery: To operate, maintain, and improve our AI voice assistant platform and related services.
• Account management: To create and manage your account, process payments, and provide customer support.
• Communication: To respond to your inquiries, send service updates, and provide onboarding assistance.
• AI model improvement: To improve the accuracy and performance of our voice AI using anonymised, aggregated data.
• Legal compliance: To meet our obligations under applicable laws and regulations.
• Security: To detect, prevent, and respond to fraud, abuse, or security incidents.

We process personal information only when we have a valid legal basis to do so. Depending on the context, we rely on one or more of the following:

• Consent: Where you have given us clear, informed consent.
• Contractual necessity: Where processing is required to fulfil our agreement with you or our business clients.
• Legitimate interests: Where we have a legitimate business interest that does not override your privacy rights.
• Legal obligation: Where we are required to process data to comply with applicable law.

You may withdraw consent at any time where consent is the basis for processing. This will not affect the lawfulness of processing carried out before withdrawal.

We do not sell, rent, or trade your personal information. We may share data only in limited circumstances.

• Service providers: Trusted sub-processors who assist us in operating our platform.
• Business clients: Call data and appointment information collected through a client's AI assistant is shared with that client.
• Legal requirements: Where required by law, court order, or governmental authority.
• Business transfers: In the event of a merger, acquisition, or sale of assets, subject to equivalent privacy protections.

All third-party service providers are carefully vetted and contractually required to maintain appropriate security standards.

Our core service involves AI-powered voice interactions. We take the handling of voice and call data especially seriously.

• Disclosure to callers: Our business clients are required to inform their callers that calls may be recorded or handled by an AI assistant.
• Recording storage: Call recordings and transcripts are stored securely and are accessible only to the relevant business client and authorised DeskAgent personnel.
• No cross-client sharing: Call data from one business client is never shared with or accessible to any other client.
• AI training: We do not use identifiable call recordings to train our AI models without explicit consent.
• Retention: Call recordings are retained for a maximum of 90 days by default, unless configured otherwise.

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

• Account data: Retained for the duration of your account and deleted within 30 days of account closure upon request.
• Call recordings & transcripts: Retained for up to 90 days by default.
• Billing records: Retained for 7 years as required by Canadian tax and financial regulations.
• Contact form submissions: Retained for up to 2 years for support and follow-up purposes.
• Analytics data: Aggregated and anonymised after 12 months.

When data is no longer required, it is securely deleted or anonymised using industry-standard methods.

Depending on your location, you may have the following rights regarding your personal information. We honour these rights for all users, regardless of jurisdiction.

To exercise any of these rights, please contact us and we will respond within 30 days. We may need to verify your identity before processing your request.

Our website uses cookies and similar technologies to ensure the site functions correctly and to understand how visitors use it.

• Essential cookies: Required for the website to function and cannot be disabled.
• Analytics cookies: Help us understand how visitors interact with our site.
• Preference cookies: Remember your settings and preferences for a better experience.

We do not use advertising or third-party tracking cookies. You can manage or disable non-essential cookies through your browser settings at any time.

We implement robust technical and organisational measures to protect your personal information against unauthorised access, loss, or disclosure.

• Encryption: All data is encrypted in transit and at rest.
• Access controls: Strict role-based access controls ensure only authorised personnel can access personal data.
• Infrastructure: Our platform is hosted on secure cloud infrastructure in Canada.
• Monitoring: Continuous security monitoring and regular vulnerability assessments are conducted.
• Breach response: In the event of a data breach affecting your rights, we will notify you and relevant authorities as required by law.

While we take every reasonable precaution, no system is completely immune to risk. We encourage you to use strong passwords and to contact us immediately if you suspect any unauthorised access to your account.

Our services are intended for use by businesses and adults aged 18 and over. We do not knowingly collect personal information from individuals under the age of 18.

If you believe we have inadvertently collected information from a minor, please contact us immediately and we will take prompt steps to delete that information.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page.
• Notify registered users via email at least 14 days before changes take effect.
• Display a prominent notice on our website for at least 30 days.

Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated policy. If you do not agree with the changes, you may close your account and request deletion of your data.

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please reach out to our Privacy team.