VoiceAI Connect← Back to Home

Privacy Policy

Last Updated: February 19, 2026

VoiceAI Connect (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our white-label AI receptionist platform and related services (collectively, the “Service”).

By accessing or using our Service, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

1. Who This Policy Applies To

This Privacy Policy applies to:

  • Agency Users: Businesses and individuals who subscribe to VoiceAI Connect to create and manage AI receptionist services under their own brand.
  • End Clients: The customers of our Agency Users who use the AI receptionist services.
  • Callers: Individuals who interact with AI receptionists powered by our platform.
  • Website Visitors: Anyone who visits our website.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily provide when you:

  • Create an account: Name, email address, company name, phone number, and password.
  • Subscribe to our Service: Billing address, payment method details (processed securely by Stripe), and business information.
  • Configure your AI receptionist: Business name, greeting scripts, frequently asked questions, business hours, and service descriptions.
  • Contact support: Any information you provide in support requests or communications.

2.2 Information from Third-Party Authentication Providers

We offer the option to create an account or sign in using third-party authentication providers. When you choose to authenticate using these services, we receive certain information from them:

Google Sign-In

When you sign up or log in using Google, we receive the following information from your Google account:

  • Email address: Used as your account identifier and for communications
  • Name: Your first and last name from your Google profile
  • Profile picture: Your Google profile photo (optional, used for account display)

We only request basic profile information (email and profile scopes) during sign-in. We do not access your Google contacts, drive, or any other Google services through sign-in. You can revoke our access at any time through yourGoogle Account permissions.

2.3 Information from Google Calendar Integration

Google Calendar Data

End Clients may choose to connect their Google Calendar to enable the AI receptionist to check appointment availability and book appointments on their behalf. This integration is entirely optional and requires explicit authorization through Google's OAuth consent process. When connected, we access the following Google Calendar data:

  • Calendar events (read): We read existing event start and end times on your primary calendar to determine your availability and prevent double-booking. We do not read event descriptions, attendee lists, or other event details beyond what is necessary to check time-slot availability.
  • Calendar events (write): When a caller requests an appointment and a time slot is available, we create a new calendar event on your primary calendar containing the appointment date, time, duration, and the caller's name and contact information as provided during the call.

How We Use Google Calendar Data

  • • To check real-time calendar availability when callers request appointments
  • • To create new appointment events on your calendar when bookings are confirmed
  • • To prevent double-booking by verifying time slots are open before scheduling

We do not use Google Calendar data for advertising, marketing, or any purpose unrelated to providing the AI receptionist appointment booking functionality. We do not sell, share, or transfer Google Calendar data to any third party except as necessary to provide and improve the Service.

How We Store Google Calendar Data

  • OAuth tokens: We securely store encrypted Google OAuth access and refresh tokens to maintain your calendar connection. These tokens are stored in our encrypted database and are used solely to authenticate with Google Calendar on your behalf.
  • Calendar event data: We do not persistently store copies of your existing calendar events. Event data is retrieved in real time during each availability check and is not cached or retained after the check is complete.
  • Appointment records: When a new appointment is booked, a record of the appointment (date, time, caller name, and contact information) is stored in our system for your call history and dashboard. The event itself is created directly on your Google Calendar.

How to Disconnect and Revoke Access

You can disconnect Google Calendar at any time from your dashboard settings. Disconnecting will immediately delete your stored OAuth tokens from our system and stop all calendar access. You can also revoke VoiceAI Connect's access to your Google account at any time by visiting yourGoogle Account permissions page and removing VoiceAI Connect from the list of connected apps.

Google API Services User Data Policy Compliance

VoiceAI Connect's use and transfer of information received from Google APIs adheres to theGoogle API Services User Data Policy, including the Limited Use requirements. We limit our use of Google user data to providing and improving the AI receptionist appointment scheduling functionality. We do not use Google data for serving advertisements. We do not allow humans to read Google user data unless we have your affirmative agreement, it is necessary for security purposes, it is necessary to comply with applicable law, or our use is limited to internal operations and the data has been aggregated and anonymized.

Your use of third-party authentication and integrations is also subject to that provider's privacy policy. We encourage you to reviewGoogle's Privacy Policy for information about their data practices.

2.4 Voice and Call Data

Important: Our Service processes telephone calls using AI technology. When calls are made to phone numbers connected to our Service, we collect and process:

  • Call recordings: Audio recordings of conversations between callers and the AI receptionist.
  • Call transcripts: Text transcriptions of call audio.
  • Call metadata: Phone numbers (caller and recipient), call duration, timestamps, and call disposition.
  • Caller information: Any information voluntarily provided by callers during the conversation (e.g., name, contact details, appointment requests).

Call Recording Notice

Our AI receptionists are configured to inform callers that they are speaking with an AI assistant and that the call may be recorded. This disclosure complies with FCC regulations and state call recording laws. Agency Users are responsible for ensuring their use of call recordings complies with applicable laws in their jurisdiction.

2.5 Information Collected Automatically

When you access our Service, we automatically collect:

  • Device information: IP address, browser type, operating system, and device identifiers.
  • Usage data: Pages viewed, features used, time spent on the Service, and navigation patterns.
  • Cookies and similar technologies: We use cookies, pixels, and similar technologies to enhance your experience and collect analytics data.

2.6 Information from Third Parties

We may receive information from:

  • Authentication providers: Google provides basic profile information when you use Google Sign-In (see Section 2.2).
  • Calendar providers: Google Calendar provides event availability data when you connect the calendar integration (see Section 2.3).
  • Payment processors: Stripe provides us with limited transaction information (we do not store full payment card details).
  • Integration partners: If you connect third-party services (e.g., CRM systems), we receive data necessary to provide the integration.
  • Telephony providers: Our telephony partners provide call routing and metadata.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our Service
  • Create and authenticate user accounts
  • Process transactions and send related information (confirmations, invoices)
  • Power AI receptionist conversations and generate call transcripts
  • Check calendar availability and book appointments on behalf of End Clients (when Google Calendar is connected)
  • Send notifications about calls, appointments, and service updates
  • Respond to customer service requests and support needs
  • Improve and personalize the Service
  • Analyze usage patterns and optimize performance
  • Detect, prevent, and address technical issues, fraud, or security concerns
  • Comply with legal obligations
  • Send marketing communications (with your consent, where required)

3.1 AI Training and Improvement

We may use aggregated and de-identified call data to improve our AI models and Service quality. This data is stripped of personally identifiable information and cannot be used to identify individual callers or businesses. Agency Users can opt out of having their data used for AI improvement by contacting us at privacy@myvoiceaiconnect.com. Google Calendar data is never used for AI training or model improvement.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and United Kingdom, we process personal data based on:

  • Contract performance: Processing necessary to provide our Service to you.
  • Legitimate interests: Processing for our legitimate business interests, such as improving our Service, preventing fraud, and marketing (where not overridden by your rights).
  • Consent: Where you have given explicit consent (e.g., for marketing emails, using third-party sign-in, or connecting Google Calendar).
  • Legal obligation: Processing necessary to comply with applicable laws.

5. How We Share Your Information

We may share your information with:

5.1 Service Providers

Third-party vendors who perform services on our behalf, including:

  • Cloud hosting: Vercel, DigitalOcean, AWS
  • Authentication & integrations: Google (for Google Sign-In and Google Calendar integration)
  • Payment processing: Stripe
  • Telephony services: VAPI, Twilio
  • Email delivery: Resend
  • Database: Supabase

These providers are contractually obligated to protect your data and use it only for the services they provide to us.

5.2 Agency Users and Their Clients

If you are a caller, your call data (recordings, transcripts, information you provide) is shared with the Agency User whose AI receptionist you interacted with, and may be shared with their end client (the business the AI receptionist represents).

5.3 Business Transfers

In connection with a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

5.4 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of VoiceAI Connect, our users, or others.

5.5 With Your Consent

We may share your information for other purposes with your explicit consent.

We Do Not Sell Your Personal Information

VoiceAI Connect does not sell, rent, or trade your personal information to third parties for their marketing purposes. We do not “sell” or “share” personal information as defined under the California Consumer Privacy Act (CCPA/CPRA). This includes data received from Google APIs, which is never sold, shared for advertising, or transferred to third parties for purposes unrelated to providing the Service.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide our Service to you
  • Comply with legal obligations (e.g., tax records, legal holds)
  • Resolve disputes and enforce agreements

Specific retention periods:

  • Account data: Retained while your account is active and for 30 days after deletion request.
  • Call recordings and transcripts: Retained for 90 days by default. Agency Users can configure shorter retention periods or request immediate deletion.
  • Google Calendar OAuth tokens: Retained while the integration is active. Immediately deleted when you disconnect Google Calendar from your dashboard or revoke access through your Google Account.
  • Google Calendar event data: Not persistently stored. Retrieved in real time for availability checks and not cached after use.
  • Billing records: Retained for 7 years to comply with tax and accounting requirements.
  • Analytics data: Aggregated analytics retained indefinitely; individual-level analytics retained for 26 months.

7. Your Privacy Rights

7.1 All Users

Regardless of your location, you have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Delete your account and associated data
  • Opt out of marketing communications
  • Request a copy of your data in a portable format
  • Disconnect third-party authentication providers (like Google) from your account
  • Disconnect Google Calendar and revoke calendar data access at any time

7.2 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Correct: Request correction of inaccurate personal information.
  • Right to Opt-Out: Opt out of the sale or sharing of personal information (note: we do not sell personal information).
  • Right to Limit Use of Sensitive Personal Information: Limit our use of sensitive personal information to what is necessary to provide the Service.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at privacy@myvoiceaiconnect.com or use the “Privacy Requests” section in your account settings. We will respond to verified requests within 45 days.

7.3 European Economic Area and UK Residents (GDPR)

If you are in the EEA or UK, you have rights under the General Data Protection Regulation (GDPR):

  • Right of Access: Obtain confirmation of whether we process your data and request a copy.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data in certain circumstances.
  • Right to Restriction: Request restriction of processing in certain circumstances.
  • Right to Data Portability: Receive your data in a structured, machine-readable format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent, including consent for Google Calendar access.
  • Right to Lodge a Complaint: Lodge a complaint with a supervisory authority.

Contact us at privacy@myvoiceaiconnect.com for data protection inquiries. For international data transfers from the EEA/UK, we use Standard Contractual Clauses approved by the European Commission.

7.4 Other State Privacy Laws

We comply with applicable state privacy laws including the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and other emerging state regulations. Residents of these states may exercise similar rights by contacting us.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit (TLS 1.3) and at rest (AES-256)
  • Secure cloud infrastructure with SOC 2 certified providers
  • OAuth 2.0 for secure third-party authentication and Google Calendar integration
  • Encrypted storage of all OAuth tokens and API credentials
  • Access controls and authentication requirements
  • Regular security assessments and monitoring
  • Employee training on data protection
  • Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

9. International Data Transfers

VoiceAI Connect is based in the United States. If you access our Service from outside the United States, your information will be transferred to, stored, and processed in the United States. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses for transfers from the EEA/UK.

10. Children's Privacy

Our Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected personal information from a child under 18, we will delete that information promptly. If you believe we have information from a child, please contact us at privacy@myvoiceaiconnect.com.

11. Third-Party Links and Services

Our Service may contain links to third-party websites or services, and we integrate with third-party providers for authentication (Google), calendar scheduling (Google Calendar), payments (Stripe), and other functionality. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites and services you use:

12. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential cookies: Required for the Service to function (authentication, security, session management).
  • Analytics cookies: Help us understand how visitors use our Service.
  • Preference cookies: Remember your settings and preferences.

You can control cookies through your browser settings. Disabling certain cookies may affect Service functionality. We honor Global Privacy Control (GPC) signals where required by law.

13. Do Not Track

Some browsers have a “Do Not Track” feature that signals to websites that you do not want your online activity tracked. Our Service does not currently respond to DNT signals, but we do honor Global Privacy Control (GPC) signals in jurisdictions where required.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new “Last Updated” date, and for significant changes, by email to Agency Users. Your continued use of the Service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

We aim to respond to all privacy inquiries within 30 days.