Privacy Policy

When you register for an account or use our services, we may collect:

• Name, email address, and contact information
• Company name and business information
• Billing and payment information
• Account credentials and authentication data
• Profile information and preferences

Our AI voice agent platform processes voice communications, which may include:

• Voice recordings and transcriptions of calls
• Call metadata (duration, timestamp, phone numbers)
• Conversation analytics and sentiment data
• Voice biometric data (when enabled)
• Call quality metrics and performance data

We automatically collect information about how you use our platform:

• IP address, browser type, and device information
• Pages visited, features used, and time spent
• API calls and integration usage
• Error logs and diagnostic data
• Cookies and similar tracking technologies

• End-to-end encryption for voice data in transit (TLS 1.3)
• Encryption at rest using AES-256 for stored data
• SOC 2 Type II certified infrastructure
• Regular security audits and penetration testing
• Multi-factor authentication (MFA) for account access
• Role-based access controls (RBAC)
• Automated threat detection and monitoring
• Regular security training for employees

Your data is stored in secure data centers located in the United States. We use industry-leading cloud infrastructure providers with certifications including SOC 2, ISO 27001, and HIPAA compliance.

For customers requiring data residency in specific regions, we offer regional deployment options. Contact our sales team for more information.

We enter into Business Associate Agreements with healthcare customers as required by HIPAA. The BAA outlines our responsibilities for safeguarding PHI and our obligations under HIPAA regulations.

To request a BAA, please contact us at compliance@vaniagent.com

• Dedicated HIPAA-compliant infrastructure for healthcare customers
• Encrypted storage and transmission of all PHI
• Access controls and audit logging for PHI access
• Regular risk assessments and security updates
• Breach notification procedures in compliance with HIPAA
• Employee training on HIPAA requirements
• Secure disposal of PHI when no longer needed

We process your personal data based on the following legal grounds:

• Contract performance: To provide services you've requested
• Legitimate interests: To improve our services and prevent fraud
• Consent: When you've given explicit permission
• Legal obligation: To comply with applicable laws

Under GDPR, you have the following rights:

• Right to access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data ("right to be forgotten")
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a structured format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@vaniagent.com

California residents have the right to:

• Know what personal information we collect, use, and disclose
• Request deletion of personal information
• Opt-out of the sale of personal information (we do not sell your data)
• Non-discrimination for exercising CCPA rights

In the past 12 months, we have collected the following categories of personal information:

• Identifiers (name, email, IP address)
• Commercial information (transaction history)
• Internet activity (browsing behavior, usage data)
• Audio and voice data (call recordings)
• Professional information (company, job title)
• Inferences (preferences, characteristics)

We do not sell your personal information.

• Essential cookies: Required for basic site functionality
• Analytics cookies: Help us understand how you use our platform (Google Analytics)
• Preference cookies: Remember your settings and preferences
• Security cookies: Authenticate users and prevent fraud

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our platform. Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block cookies from specific sites
• Block all cookies
• Delete all cookies when closing the browser

We use Google Analytics to analyze platform usage. Google Analytics uses cookies to collect information about how visitors use our site. This information is used to compile reports and improve our services.

You can opt-out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

• Cloud infrastructure providers (AWS, Google Cloud)
• Payment processors (Stripe)
• Analytics services (Google Analytics)
• Customer support tools (Intercom, Zendesk)
• Email service providers (SendGrid)
• Communication services (Twilio)
• AI and machine learning services

These service providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your data in accordance with this Privacy Policy.

Our platform integrates with 8,000+ third-party applications. When you connect these integrations, you authorize us to share data with those services according to their privacy policies. We recommend reviewing the privacy policies of any third-party services you connect.

• Account information: Retained while your account is active
• Voice recordings: Retained according to your plan settings (default 90 days)
• Call metadata: Retained for 2 years for analytics and compliance
• Billing records: Retained for 7 years for tax and accounting purposes
• Support tickets: Retained for 3 years
• Audit logs: Retained for 1 year (HIPAA customers: 6 years)

When you close your account or request data deletion, we will:

1. Delete your personal information within 30 days
2. Anonymize voice recordings and call data
3. Retain only what is required by law or for legitimate business purposes
4. Provide confirmation of deletion upon request

Note that some data may remain in backup systems for up to 90 days before permanent deletion.

• Access your data: View and download your information from your account dashboard
• Update your data: Modify your profile and account settings at any time
• Delete your data: Request deletion through your account settings or by contacting us
• Export your data: Download your data in machine-readable formats
• Opt-out of marketing: Unsubscribe from promotional emails via the link in each email

To exercise any of these rights, you can:

1. Log in to your account and use the settings dashboard
2. Email us at privacy@vaniagent.com
3. Submit a request through our support portal
4. Contact our Data Protection Officer (contact details below)

We will respond to your request within 30 days (or as required by applicable law).

When we transfer data internationally, we implement appropriate safeguards:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data Processing Agreements with all service providers
• Adequacy decisions where applicable
• Binding Corporate Rules for intra-group transfers
• Encryption and security measures during transfer

For transfers from the EU to the US, we rely on Standard Contractual Clauses and implement additional technical and organizational measures to ensure data protection equivalent to EU standards.

When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this page
• Send you an email notification (if you have an account)
• Display a prominent notice on our platform
• Request your consent if required by law

We encourage you to review this Privacy Policy periodically. Your continued use of our services after changes are posted constitutes your acceptance of the updated Privacy Policy.

If you do not agree with any changes, you may close your account by contacting us.