Privacy Policy

Last updated:

At DeskCaller, we take your privacy and data protection seriously. This policy explains what personal information we collect when you use our AI phone agent service, how we use it, who we share it with, and your rights regarding your data.

DeskCaller is operated by Conovo Ltd, a company registered in England and Wales at 268 Bath Road, Slough, SL1 4DX, United Kingdom. While we are launching initially in the UK, our service will expand globally.

Important: Legal Role & UK GDPR Compliance

Under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018:

  • The Client is the Data Controller: As our client, you hold ultimate legal authority and responsibility for all customer data, call recordings, audio streams, and conversation transcripts processed through the DeskCaller platform. You decide what information is collected, how it is used, and how long it is kept.
  • DeskCaller is strictly the Data Processor: DeskCaller acts solely on the instructions of the Client (Data Controller) when processing call logs, audio files, transcripts, and metadata. We do not own, control, or make independent decisions about this data, except as strictly instructed by you to deliver the service.

1. What Information We Collect

When you use DeskCaller, we collect the following types of personal data:

Call Data

  • Caller phone numbers – the number of the person calling your business
  • Caller names – names provided during the conversation
  • Call recordings – full audio recordings of conversations with our AI agents
  • Call transcripts – written records of what was said during the call
  • Call metadata – date, time, duration, and outcome of each call
  • Conversation content – any information shared during the call, such as appointment requests, service inquiries, or customer questions

Account and Business Information

  • Your business details – company name, address, phone number
  • Contact information – your email address and phone number
  • Payment information – billing details processed through our payment provider
  • CRM data – information synced to and from your CRM system

Website Usage Data

  • Cookies – small files stored on your device (see our Cookie Policy below)
  • Analytics data – how you use our website, pages visited, time spent
  • Device information – browser type, IP address, operating system

2. How We Use Your Information & Customer Warranties

We use the information we collect for the following purposes:

  • To provide our service – answering calls, qualifying leads, booking appointments, and updating your CRM.
  • To improve our AI agents – analyzing call performance to make our agents more accurate and helpful.
  • To communicate with you – sending service updates, responding to inquiries, and providing customer support.
  • To process payments – billing you for our services.
  • To comply with legal obligations – meeting our regulatory and legal requirements.
  • To analyze and improve our website – understanding how visitors use our site.

Total Shift of Consent Liability (Mandatory Client Warranty)

Client Consent Warranty & Indemnity: Because DeskCaller operates strictly as a Data Processor under your direction, the Client guarantees and warrants that it has obtained all necessary legal consents, disclosures, and authorizations from its callers before routing them through the DeskCaller platform. This includes implementing appropriate Interactive Voice Response (IVR) notices (e.g., "This call is recorded for quality and training purposes") and maintaining comprehensive privacy updates on the Client's own website. The Client agrees to fully indemnify, defend, and hold harmless DeskCaller against any and all privacy, wiretapping, class action, or data protection claims, lawsuits, fines, or damages brought by end-users, callers, or regulatory bodies relating to call recording, audio transcription, or data collection.

QA, Troubleshooting, and Optimization Access

To maintain the premium quality of our service, DeskCaller personnel and authorized system administrators reserve the right to access, review, and analyze call logs, audio snippets, conversation scripts, and transcripts. This access is exercised strictly for Quality Assurance (QA), prompt optimization, fixing conversational bottlenecks, and diagnosing/troubleshooting technical issues on behalf of the client.

Legal basis for processing (UK GDPR):

  • Contract performance – processing data necessary to deliver our service to you.
  • Legitimate interests – improving our service, troubleshooting, and maintaining high platform reliability.
  • Legal obligation – complying with applicable telecommunications and financial regulations.
  • Consent – where explicit permission has been obtained by the Client from callers.

3. Who We Share Your Information With

We work with trusted third-party service providers to deliver our service. These companies process data on our behalf and are contractually required to protect it. Here's who we share data with:

ElevenLabs

Purpose: AI voice processing and text-to-speech

Location: United States

Data shared: Call audio, transcripts, and conversation content

Telnyx

Purpose: Telephony services and call routing

Location: United States

Data shared: Phone numbers, call metadata, and routing information

Your CRM Provider

Purpose: Syncing call data to your customer relationship management system

Location: Varies depending on your chosen CRM

Data shared: Caller information, call outcomes, and lead details as configured by you

We do not sell your personal data to anyone. We only share data with the service providers listed above who are necessary to deliver our service.

4. International Data Transfers

Some of our service providers, including ElevenLabs and Telnyx, are based in the United States. This means your data may be transferred to and processed in the US.

When we transfer data outside the UK, we ensure it is protected by using Standard Contractual Clauses (SCCs) approved by the UK government. These are legally binding agreements that require our US-based partners to protect your data to the same standard as required under UK law.

We have Data Processing Agreements in place with ElevenLabs and Telnyx that include these protections.

5. How Long We Keep Your Data & Anonymization Rights

We keep your data only for as long as necessary to provide our service and meet our legal obligations:

  • Call recordings and transcripts: Stored for 12 months, then automatically deleted unless you request earlier deletion.
  • Account information: Kept for the duration of your subscription plus 6 years for tax and accounting purposes.
  • Payment records: Retained for 6 years as required by UK law.
  • Website analytics: Anonymized after this period (26 months).

Aggregated & De-Identified Data Retention

Notwithstanding anything to the contrary, DeskCaller reserves the right to anonymize, aggregate, and permanently de-identify system telemetry and conversational data (including but not limited to call durations, latency patterns, connection metadata, conversation flows, and generalized vocabulary frequencies). You agree that DeskCaller has the absolute right to retain and use this fully anonymized dataset perpetually to train internal machine learning models, optimize AI prompts, benchmark latency, and improve overall service delivery, without owing any compensation, royalty, or intellectual property rights to you or your callers.

You can request deletion of your personal data at any time by contacting us (see "Your Rights" below).

6. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights:

Right to Access

You can request a copy of all the personal data we hold about you.

Right to Rectification

You can ask us to correct any inaccurate or incomplete data.

Right to Erasure (Right to be Forgotten)

You can request that we delete your personal data, subject to certain legal exceptions.

Right to Restrict Processing

You can ask us to pause processing your data in certain circumstances.

Right to Data Portability

You can request your data in a machine-readable format to transfer to another provider.

Right to Object

You can object to processing based on legitimate interests or for marketing purposes.

To exercise any of these rights, email us at: contact@deskcaller.com

We will respond within 30 days of receiving your request.

7. How to Request Data Deletion

If you want us to delete your personal data, follow these steps:

  1. Send an email to contact@deskcaller.com
  2. Include "Data Deletion Request" in the subject line
  3. Provide your account email address and phone number to help us identify your data
  4. Specify what data you want deleted (e.g., all call recordings, your entire account)

We will confirm receipt within 2 working days and complete the deletion within 30 days, unless we are legally required to retain certain data (e.g., for tax purposes).

Note: Deleting your data may affect our ability to provide the service to you.

8. Cookie Policy

Our website uses cookies – small text files stored on your device that help us provide and improve our service.

What Cookies We Use

Essential Cookies (Always Active)

These cookies are necessary for the website to function. They enable core features like security, network management, and accessibility.

Examples: Session management, cookie consent preferences, security tokens

Analytics Cookies (Optional)

These cookies help us understand how visitors use our website so we can improve it. They collect anonymous information about pages visited, time spent, and clicks.

Examples: Google Analytics, page view tracking, bounce rate measurement

Functional Cookies (Optional)

These cookies enable enhanced functionality and personalization, such as remembering your preferences or pre-filling forms.

Examples: Language preference, theme selection, form auto-fill

Managing Your Cookie Preferences

When you first visit our website, you'll see a cookie consent banner. You can choose to accept or reject optional cookies. Essential cookies cannot be disabled as they are necessary for the site to work.

You can change your cookie preferences at any time by clearing your browser cookies and revisiting our site, or by using your browser's cookie settings.

9. How We Protect Your Data

We take data security seriously and use industry-standard measures to protect your information:

  • Encryption: All data is encrypted in transit (using TLS/SSL) and at rest
  • Access controls: Only authorized personnel can access your data, and only when necessary
  • Secure infrastructure: Our systems are hosted on secure, regularly audited cloud platforms
  • Regular security reviews: We conduct ongoing security assessments and vulnerability testing
  • Data Processing Agreements: All our third-party providers are contractually bound to protect your data

While we implement strong security measures, no system is 100% secure. If you believe there has been a security breach, please contact us immediately at contact@deskcaller.com.

10. Children's Privacy

Our service is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have accidentally collected data from a child, please contact us immediately and we will delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this page
  • Notify you by email if you are an existing customer
  • Display a notice on our website

We encourage you to review this policy periodically to stay informed about how we protect your data.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please get in touch:

Email: contact@deskcaller.com

Phone: +44 (0) 208 163 2142

Postal Address:
Conovo Ltd
268 Bath Road
Slough, SL1 4DX
United Kingdom

Data Protection Officer: contact@deskcaller.com

Complaints and Regulatory Authority

If you are not satisfied with how we have handled your data, you have the right to lodge a complaint with the UK's data protection regulator:

Information Commissioner's Office (ICO)

Website: ico.org.uk

Telephone: 0303 123 1113

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

This policy was last updated in May 2026 and is written in plain English to ensure you understand your rights and our responsibilities.