Privacy Policy
Last updated:
At DeskCaller, we take your privacy and data protection seriously. This policy explains what personal information we collect when you use our AI phone agent service, how we use it, who we share it with, and your rights regarding your data.
DeskCaller is operated by Conovo Ltd, a company registered in England and Wales at 268 Bath Road, Slough, SL1 4DX, United Kingdom. While we are launching initially in the UK, our service will expand globally.
Important: Legal Role & UK GDPR Compliance
Under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018:
- The Client is the Data Controller: As our client, you hold ultimate legal authority and responsibility for all customer data, call recordings, audio streams, and conversation transcripts processed through the DeskCaller platform. You decide what information is collected, how it is used, and how long it is kept.
- DeskCaller is strictly the Data Processor: DeskCaller acts solely on the instructions of the Client (Data Controller) when processing call logs, audio files, transcripts, and metadata. We do not own, control, or make independent decisions about this data, except as strictly instructed by you to deliver the service.
1. What Information We Collect
When you use DeskCaller, we collect the following types of personal data:
Call Data
- Caller phone numbers – the number of the person calling your business
- Caller names – names provided during the conversation
- Call recordings – full audio recordings of conversations with our AI agents
- Call transcripts – written records of what was said during the call
- Call metadata – date, time, duration, and outcome of each call
- Conversation content – any information shared during the call, such as appointment requests, service inquiries, or customer questions
Account and Business Information
- Your business details – company name, address, phone number
- Contact information – your email address and phone number
- Payment information – billing details processed through our payment provider
- CRM data – information synced to and from your CRM system
Website Usage Data
- Cookies – small files stored on your device (see our Cookie Policy below)
- Analytics data – how you use our website, pages visited, time spent
- Device information – browser type, IP address, operating system
2. How We Use Your Information & Customer Warranties
We use the information we collect for the following purposes:
- To provide our service – answering calls, qualifying leads, booking appointments, and updating your CRM.
- To improve our AI agents – analyzing call performance to make our agents more accurate and helpful.
- To communicate with you – sending service updates, responding to inquiries, and providing customer support.
- To process payments – billing you for our services.
- To comply with legal obligations – meeting our regulatory and legal requirements.
- To analyze and improve our website – understanding how visitors use our site.
Total Shift of Consent Liability (Mandatory Client Warranty)
Client Consent Warranty & Indemnity: Because DeskCaller operates strictly as a Data Processor under your direction, the Client guarantees and warrants that it has obtained all necessary legal consents, disclosures, and authorizations from its callers before routing them through the DeskCaller platform. This includes implementing appropriate Interactive Voice Response (IVR) notices (e.g., "This call is recorded for quality and training purposes") and maintaining comprehensive privacy updates on the Client's own website. The Client agrees to fully indemnify, defend, and hold harmless DeskCaller against any and all privacy, wiretapping, class action, or data protection claims, lawsuits, fines, or damages brought by end-users, callers, or regulatory bodies relating to call recording, audio transcription, or data collection.
QA, Troubleshooting, and Optimization Access
To maintain the premium quality of our service, DeskCaller personnel and authorized system administrators reserve the right to access, review, and analyze call logs, audio snippets, conversation scripts, and transcripts. This access is exercised strictly for Quality Assurance (QA), prompt optimization, fixing conversational bottlenecks, and diagnosing/troubleshooting technical issues on behalf of the client.
Legal basis for processing (UK GDPR):
- Contract performance – processing data necessary to deliver our service to you.
- Legitimate interests – improving our service, troubleshooting, and maintaining high platform reliability.
- Legal obligation – complying with applicable telecommunications and financial regulations.
- Consent – where explicit permission has been obtained by the Client from callers.
3. Who We Share Your Information With
We work with trusted third-party service providers to deliver our service. These companies process data on our behalf and are contractually required to protect it. Here's who we share data with:
ElevenLabs
Purpose: AI voice processing and text-to-speech
Location: United States
Data shared: Call audio, transcripts, and conversation content
Telnyx
Purpose: Telephony services and call routing
Location: United States
Data shared: Phone numbers, call metadata, and routing information
Your CRM Provider
Purpose: Syncing call data to your customer relationship management system
Location: Varies depending on your chosen CRM
Data shared: Caller information, call outcomes, and lead details as configured by you
We do not sell your personal data to anyone. We only share data with the service providers listed above who are necessary to deliver our service.
4. International Data Transfers
Some of our service providers, including ElevenLabs and Telnyx, are based in the United States. This means your data may be transferred to and processed in the US.
When we transfer data outside the UK, we ensure it is protected by using Standard Contractual Clauses (SCCs) approved by the UK government. These are legally binding agreements that require our US-based partners to protect your data to the same standard as required under UK law.
We have Data Processing Agreements in place with ElevenLabs and Telnyx that include these protections.
5. How Long We Keep Your Data & Anonymization Rights
We keep your data only for as long as necessary to provide our service and meet our legal obligations:
- Call recordings and transcripts: Stored for 12 months, then automatically deleted unless you request earlier deletion.
- Account information: Kept for the duration of your subscription plus 6 years for tax and accounting purposes.
- Payment records: Retained for 6 years as required by UK law.
- Website analytics: Anonymized after this period (26 months).
Aggregated & De-Identified Data Retention
Notwithstanding anything to the contrary, DeskCaller reserves the right to anonymize, aggregate, and permanently de-identify system telemetry and conversational data (including but not limited to call durations, latency patterns, connection metadata, conversation flows, and generalized vocabulary frequencies). You agree that DeskCaller has the absolute right to retain and use this fully anonymized dataset perpetually to train internal machine learning models, optimize AI prompts, benchmark latency, and improve overall service delivery, without owing any compensation, royalty, or intellectual property rights to you or your callers.
You can request deletion of your personal data at any time by contacting us (see "Your Rights" below).
6. Your Rights Under UK GDPR
Under UK data protection law, you have the following rights:
Right to Access
You can request a copy of all the personal data we hold about you.
Right to Rectification
You can ask us to correct any inaccurate or incomplete data.
Right to Erasure (Right to be Forgotten)
You can request that we delete your personal data, subject to certain legal exceptions.
Right to Restrict Processing
You can ask us to pause processing your data in certain circumstances.
Right to Data Portability
You can request your data in a machine-readable format to transfer to another provider.
Right to Object
You can object to processing based on legitimate interests or for marketing purposes.
To exercise any of these rights, email us at: contact@deskcaller.com
We will respond within 30 days of receiving your request.
7. How to Request Data Deletion
If you want us to delete your personal data, follow these steps:
- Send an email to contact@deskcaller.com
- Include "Data Deletion Request" in the subject line
- Provide your account email address and phone number to help us identify your data
- Specify what data you want deleted (e.g., all call recordings, your entire account)
We will confirm receipt within 2 working days and complete the deletion within 30 days, unless we are legally required to retain certain data (e.g., for tax purposes).
Note: Deleting your data may affect our ability to provide the service to you.
8. Cookie Policy
Our website uses cookies – small text files stored on your device that help us provide and improve our service.
What Cookies We Use
Essential Cookies (Always Active)
These cookies are necessary for the website to function. They enable core features like security, network management, and accessibility.
Examples: Session management, cookie consent preferences, security tokens
Analytics Cookies (Optional)
These cookies help us understand how visitors use our website so we can improve it. They collect anonymous information about pages visited, time spent, and clicks.
Examples: Google Analytics, page view tracking, bounce rate measurement
Functional Cookies (Optional)
These cookies enable enhanced functionality and personalization, such as remembering your preferences or pre-filling forms.
Examples: Language preference, theme selection, form auto-fill
Managing Your Cookie Preferences
When you first visit our website, you'll see a cookie consent banner. You can choose to accept or reject optional cookies. Essential cookies cannot be disabled as they are necessary for the site to work.
You can change your cookie preferences at any time by clearing your browser cookies and revisiting our site, or by using your browser's cookie settings.
9. How We Protect Your Data
We take data security seriously and use industry-standard measures to protect your information:
- Encryption: All data is encrypted in transit (using TLS/SSL) and at rest
- Access controls: Only authorized personnel can access your data, and only when necessary
- Secure infrastructure: Our systems are hosted on secure, regularly audited cloud platforms
- Regular security reviews: We conduct ongoing security assessments and vulnerability testing
- Data Processing Agreements: All our third-party providers are contractually bound to protect your data
While we implement strong security measures, no system is 100% secure. If you believe there has been a security breach, please contact us immediately at contact@deskcaller.com.
10. Children's Privacy
Our service is not intended for children under 16. We do not knowingly collect personal data from children. If you believe we have accidentally collected data from a child, please contact us immediately and we will delete it.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will:
- Update the "Last updated" date at the top of this page
- Notify you by email if you are an existing customer
- Display a notice on our website
We encourage you to review this policy periodically to stay informed about how we protect your data.
12. Contact Us
If you have any questions about this Privacy Policy or how we handle your data, please get in touch:
Email: contact@deskcaller.com
Phone: +44 (0) 208 163 2142
Postal Address:
Conovo Ltd
268 Bath Road
Slough, SL1 4DX
United Kingdom
Data Protection Officer: contact@deskcaller.com
Complaints and Regulatory Authority
If you are not satisfied with how we have handled your data, you have the right to lodge a complaint with the UK's data protection regulator:
Information Commissioner's Office (ICO)
Website: ico.org.uk
Telephone: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
This policy was last updated in May 2026 and is written in plain English to ensure you understand your rights and our responsibilities.