Privacy Policy

Who We Are

VoiceAnswers("we," "us," "our") operates the AI phone answering platform at voiceanswers.ai and app.voiceanswers.ai. This policy explains how we collect, use, store, and protect data from callers and business customers.

We are subject to Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and comply with applicable U.S. state privacy laws including the California Consumer Privacy Act (CCPA/CPRA).

Privacy Officer

We have designated a Privacy Officer responsible for overseeing compliance with this policy and applicable privacy laws. The Privacy Officer responds to inquiries and complaints regarding our privacy practices.

Email: privacy@voiceanswers.ai

What Data We Collect

When someone calls a business that uses VoiceAnswers, we collect:

• Caller phone number (encrypted before storage)
• Call recording and transcript (when recording disclosure is active)
• Structured call results (orders, appointments, lead details)
• Call duration and timestamp

From business customers, we collect account information (name, email, business details) and payment information processed through our payment provider.

On this marketing website, we use Umami analytics (self-hosted, no cookies, GDPR-compliant) to track page views and button clicks. No personal data is collected from website visitors.

How We Use Data

• To provide the AI phone answering service to our business customers
• To deliver call results (summaries, orders, appointments) to the business
• To send SMS confirmations to callers when configured by the business
• To analyze aggregate call patterns and improve service reliability
• To detect and prevent spam and abuse

We never sell caller data. We never use caller data for advertising. The AI never accepts credit card numbers.

AI Model Training

We do not use your call recordings, transcripts, or structured call data to train AI models. Our AI services are provided through third-party APIs that process your data only to handle the call in real time. Our provider agreements restrict the use of your data beyond service delivery.

Anonymized Data for Service Improvement

We use anonymized, de-identified call interaction data to analyze and improve the AI agent's conversation quality across the platform. Before any analysis, we strip the following categories of information:

• Names (caller names, business owner names, staff names)
• Phone numbers
• Addresses and locations
• Dates of birth and appointment dates
• Email addresses
• Health information (symptoms, conditions, procedures, insurance details)
• Any other personally identifiable information (PII)

For businesses in sensitive verticals (dental, medical, veterinary), additional scrubbing removes health-related information — including symptoms, procedures, conditions, and insurance details — before any analysis occurs.

This anonymized data is used solely to identify conversation quality issues and improve the AI agent's responses. No raw call recordings, transcripts, or personal data are shared with third parties for this purpose.

Opt out: Business customers can opt out of having their anonymized data included in the service improvement pipeline at any time from their dashboard settings. When you opt out, your call data (even in anonymized form) will not be included in quality analysis. Opting out does not affect the quality of service you receive.

Automated Decision-Making and AI Transparency

VoiceAnswers uses artificial intelligence to handle phone calls in real time. The AI makes the following automated decisions during and after each call:

• Spam classification: Incoming calls are scored based on telephony signals, call patterns, and community blocklist data. Calls exceeding a configurable threshold are blocked before reaching the AI agent.
• Intent classification:The AI determines the caller's intent (order, appointment, FAQ, lead capture) and routes the conversation accordingly.
• Call handling: The AI extracts structured data (orders, appointments, messages) and delivers results to the business.
• Loop detection: If the conversation becomes repetitive, the AI may end the call and offer to take a message instead.

These automated decisions do not produce legal effects or similarly significant effects on callers. They determine how a phone call is handled, not whether a caller receives a service from the business.

Business customer oversight: Business customers can review all AI-generated call results in their dashboard, unblock incorrectly flagged phone numbers, and manage their call handling preferences. All AI decisions are visible and reviewable after the fact.

Recording and AI Disclosure

In states that require two-party recording consent (California, Florida, Illinois, Connecticut, Massachusetts, Maryland, Montana, New Hampshire, Pennsylvania, Washington, Oregon, Hawaii), a brief disclosure is played at the start of each call informing the caller that the call is being recorded and that they are speaking with an AI system. This disclosure cannot be disabled by the business.

By continuing the call after the disclosure, the caller consents to recording and AI processing. If you do not wish to be recorded, you may end the call and contact the business through alternative means (email, website, or in person).

Consent records for call recording disclosures are retained for a minimum of four years as required by applicable telecommunications law.

Voice Recordings and Biometric Data

We do not create voiceprints or use voice data for identification. Call recordings are used for transcription and service delivery only — no biometric templates are created or stored.

Data Security

• All data is encrypted at rest and in transit
• Caller phone numbers are encrypted before storage
• Dashboard access is role-gated — only authorized team members can view call data
• Infrastructure is hosted on secure cloud providers with industry-standard security practices
• Audit logs record all significant data access and deletion events

Data Breach Notification

In the event of a confirmed data breach that affects your personal information, we will notify affected business customers as soon as practicable, and in any event within 72 hours of confirming the breach affects your data. We will also notify relevant regulatory authorities as required by applicable law, including the Office of the Privacy Commissioner of Canada where required under PIPEDA.

Notifications will include: a description of the incident, what data was affected, steps we are taking to address it, and recommended actions for affected parties.

Data Retention

Default data retention for call recordings and transcripts is 90 days. Business customers may request shorter retention periods by contacting support. An automated process permanently deletes expired recordings and redacts associated personal information daily.

Consent records are retained for a minimum of four years (TCPA statute of limitations). Billing records and audit logs are retained as required by applicable tax and financial reporting law.

We support right-to-deletion requests — contact us at privacy@voiceanswers.ai. Business customers can also delete specific caller data directly via the platform API.

Account Termination and Data Deletion

When a business customer cancels their subscription:

• A 30-day grace period begins, during which the business can resubscribe to retain their data
• After 30 days, all call recordings and voicemail audio are permanently deleted
• All personal information (caller phone numbers, transcripts, summaries) is redacted
• Consent records are revoked (retained in redacted form for compliance)
• The business phone number is released
• A confirmation email is sent to the account owner confirming the purge

Business account records, billing history, and audit logs are retained for legal and tax compliance purposes.

Consent Withdrawal

Business customers: You may withdraw consent for data processing at any time by canceling your subscription. The account termination process described above will apply. Some data may be retained where required by law (billing records, audit logs, consent records).

Callers: You may opt out of SMS messages at any time by replying STOP. If you do not wish to be recorded on future calls, you may inform the business and request alternative contact methods. If you wish to have your existing call data deleted, contact the business you called (as the data controller) or email us at privacy@voiceanswers.ai.

Data Controller and Data Processor Roles

VoiceAnswers operates as a data processor on behalf of our business customers, who are the data controllers for caller information collected through our service.

Business customers (data controllers) are responsible for:

• Determining the purposes for collecting caller data through the service
• Ensuring they have appropriate legal basis to use an AI phone answering service
• Responding to caller requests for access to or deletion of their call data
• Complying with applicable privacy laws in their jurisdiction

VoiceAnswers (data processor) is responsible for:

• Processing caller data only as necessary to provide the service
• Implementing appropriate security measures to protect all data
• Deleting or redacting data upon account termination as described above
• Assisting business customers in responding to caller rights requests where technically feasible
• Notifying business customers of data breaches without unreasonable delay

If you are a caller: The business you called is the data controller for your call data. Contact them first to exercise your privacy rights. If the business is unresponsive within 30 days, you may contact us at privacy@voiceanswers.ai and we will assist in coordinating a response.

Data Location

All data is stored and processed in the United States. The Service is offered to businesses in the United States and Canada. Callers from any location may interact with the service when calling a business that uses VoiceAnswers.

For Canadian business customers: your data is transferred to and processed in the United States. By using the Service, you consent to this transfer. We protect your data using encryption in transit and at rest, role-based access controls, and data processing agreements with all service providers, consistent with the requirements of PIPEDA.

Third-Party Service Providers

We use third-party service providers in the following categories to operate the platform. These providers process data only as necessary to provide their services and are bound by data processing agreements.

• Telephony and voice routing
• Speech-to-text transcription
• Text-to-speech voice generation
• AI language processing
• Real-time communication infrastructure
• Cloud infrastructure and object storage
• Payment processing
• Email delivery
• SMS messaging

We do not sell, rent, or share personal information with third parties for their own marketing purposes. We will notify business customers of material changes to our service provider categories.

SMS and Text Messaging

When configured by the business, VoiceAnswers may send SMS messages to callers (such as appointment confirmations or order summaries). Your mobile phone number will only be used to send notifications related to the specific call interaction.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Text messaging opt-in data and consent will not be sold, shared, or transferred to any third parties. You may opt out of SMS messages at any time by replying STOP to any message.

Your Rights

Depending on your jurisdiction, you may have the right to access, correct, or delete your data. To exercise these rights, contact us at privacy@voiceanswers.ai. We respond within 30 days.

Business customers can access their call history and results through the dashboard and API. If you require a full data export, contact us at privacy@voiceanswers.ai and we will assist you.

If you are a caller (not a business customer), contact the business you called first — they are the data controller for that interaction. If the business is unresponsive within 30 days, contact us and we will coordinate a response.

Canadian Privacy Rights (PIPEDA)

If you are a Canadian resident or business, you have the following rights under the Personal Information Protection and Electronic Documents Act (PIPEDA):

• Right to access personal information we hold about you
• Right to correction of inaccurate information
• Right to withdraw consent for processing (subject to legal retention obligations)
• Right to know when automated decision-making systems are used
• Right to challenge our compliance by filing a complaint with our Privacy Officer

We respond to all PIPEDA requests within 30 days. The Service is currently provided in English.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to correct inaccurate personal information
• Right to opt out of the sale or sharing of personal information
• Right to limit the use of sensitive personal information
• Right to non-discrimination for exercising your privacy rights
• Right to appeal our decision regarding your privacy request

We do not sell or share personal information as defined under California law. We do not use sensitive personal information for purposes beyond what is necessary to provide the service.

To submit a request, email privacy@voiceanswers.ai with the subject line "California Privacy Request." We will verify your identity before processing the request and respond within 45 days (with a possible 45-day extension if reasonably necessary).

Other State Privacy Rights

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), and other states with consumer privacy laws may have similar rights to access, correct, delete, and opt out of certain data processing. To exercise these rights, contact us at privacy@voiceanswers.ai.

Do Not Track and Global Privacy Control

VoiceAnswersdoes not use tracking cookies on this website and does not track visitors across third-party websites. Our analytics are cookieless and privacy-first. Because we do not engage in cross-site tracking, your experience is the same regardless of your browser's Do Not Track (DNT) or Global Privacy Control (GPC) setting.

Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at privacy@voiceanswers.ai and we will delete it.

Business Transactions

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. The acquiring entity will be bound by equivalent privacy commitments, and we will notify affected business customers before their information becomes subject to a different privacy policy.

Complaints

If you have a complaint about how we handle personal information, contact our Privacy Officer at privacy@voiceanswers.ai. We take all complaints seriously and will investigate and respond within 30 days.

If your complaint is not resolved to your satisfaction, you may contact:

• Canada: Office of the Privacy Commissioner of Canada — priv.gc.ca or 1-800-282-1376
• California: California Attorney General — oag.ca.gov
• Other U.S. states: Your state attorney general

Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email to business customers at least 30 days before they take effect. Material changes to how we handle call recordings, transcripts, or voice data will be communicated directly to affected business customers before the changes take effect. The effective date at the top of this page reflects the latest revision.

Contact

For privacy-related questions, email privacy@voiceanswers.ai. For general inquiries, visit our contact page.