Privacy Policy
Last updated: 17 June 2026
1. About this policy
This Privacy Policy explains how Inteligencia Artificial Limited, which operates ai-agent-calls.com ("we", "us", "our"), collects and uses personal data where we act as the data Controller.
We are the Controller for:
- the personal data of our business customers' account holders, administrators, and Authorised Users;
- personal data of visitors to our website;
- personal data of prospects and people we market to;
- personal data of people who request a demo call through our website (see section 8).
1.1 What this policy does NOT cover — important
This policy does not cover personal data contained in a Customer's campaigns, contact lists, or Call Recipient records that a Customer uploads to or processes through the Platform. For that personal data, the Customer is the Controller and Inteligencia Artificial Limited is the Processor, acting on the Customer's documented instructions. That processing is governed by our Data Processing Agreement (DPA), not by this Privacy Policy. If you are a Contact or Call Recipient who has received (or expects to receive) a call from an AI voice agent operated through the Platform, the business that contacted you is the Controller of your data — please contact that business, or see the DPA, for information about that processing.
2. Who we are and how to contact us
- Legal entity: Inteligencia Artificial Limited, a company registered in England & Wales (company no. 15667932).
- Registered office: Highdown House, 11 Highdown Road, Leamington Spa, Warwickshire, CV31 1XT.
- Service / website: ai-agent-calls.com.
- General contact: hello@ai-agent-calls.com.
- Data protection / privacy contact: privacy@inteligencia-artificial.co.uk.
We are registered with the UK Information Commissioner's Office (ICO), registration number ZC160001.
3. The personal data we collect, and where it comes from
We collect the following categories of personal data in our role as Controller.
3.1 Customer account and Authorised User data
Collected when a Customer registers for, administers, or uses the Services.
- Identity & contact: name, business email, telephone number, job title, employer/organisation name.
- Account & authentication: username, hashed password, account settings, role/permissions, and (where enabled) multi-factor authentication details.
- Billing: billing contact, billing address, subscription/order details, and payment-status information. Card/payment details are handled by our payment provider; we do not store full card numbers.
- Source: directly from you when you sign up, configure your account, or contact us; from your colleagues who administer your organisation's account.
3.2 Usage, device and technical data
- Usage: log-in events, features used, actions taken in the Platform, and support interactions.
- Technical: IP address, browser type and version, device and operating-system information, and similar diagnostic data.
- Cookies and similar technologies: see section 9 and our Cookie Policy.
- Source: automatically when you use our website or the Platform.
3.3 Website visitor and prospect/marketing data
- Enquiry data: name, business email, telephone number, company, and the content of messages you send us via contact forms, chat, email, or phone.
- Marketing data: marketing preferences, communications we have sent you and your responses, and (for prospects) limited business-contact information obtained from you or from legitimate sources.
- Source: directly from you; from your interactions with our marketing; and, for prospects, from publicly available or lawfully obtained business sources.
3.4 Demo-call requester data
See section 8 for full detail.
- Data: the telephone number you submit, any name or business details you provide, the date/time of the request, and a record of the resulting demo call (including, where applicable, a recording and/or transcript of that one-off call for quality and compliance).
- Source: directly from you when you submit your number on our website to receive a demo call.
We do not intend to collect special category personal data through these channels. Please do not submit special category data (e.g. about health, race, religion, or political views) unless we specifically ask for it.
4. How we use your data, and our lawful bases (UK GDPR Article 6)
- Create and administer Customer accounts; authenticate Authorised Users; provide the Services. Lawful basis: Contract (Art. 6(1)(b)) — performance of our contract with the Customer / steps prior to entering it.
- Take payment, manage billing, and keep accounting records. Lawful basis: Contract (Art. 6(1)(b)); Legal obligation (Art. 6(1)(c)) for tax/accounting records.
- Operate, secure, monitor, debug, and improve our website and Platform. Lawful basis: Legitimate interests (Art. 6(1)(f)) — running and securing our business and Service.
- Respond to enquiries and provide customer support. Lawful basis: Legitimate interests (Art. 6(1)(f)); Contract (Art. 6(1)(b)) where you are a Customer.
- Send service / administrative messages (e.g. security, billing, material changes). Lawful basis: Contract (Art. 6(1)(b)); Legitimate interests (Art. 6(1)(f)).
- Marketing to existing Customers and business prospects about our Services. Lawful basis: Legitimate interests (Art. 6(1)(f)) for B2B marketing, subject to PECR; Consent (Art. 6(1)(a)) where required.
- Provide a requested one-off demo call and follow up about it. Lawful basis: Consent (Art. 6(1)(a)) — you ask us to call you — and/or Legitimate interests (Art. 6(1)(f)); see section 8.
- Comply with legal and regulatory obligations and respond to lawful requests. Lawful basis: Legal obligation (Art. 6(1)(c)); Legitimate interests (Art. 6(1)(f)).
- Establish, exercise, or defend legal claims; protect our rights and prevent fraud/misuse. Lawful basis: Legitimate interests (Art. 6(1)(f)); Legal obligation (Art. 6(1)(c)).
Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms; you can ask us about that assessment using the contact details in section 2. Where we rely on consent, you can withdraw it at any time (this does not affect processing already carried out).
5. Who we share your data with
We do not sell your personal data. We share it only as follows, and only with appropriate safeguards in place:
- Service providers (sub-processors). We use third-party providers to deliver our Services and run our business. We describe them by category, not by brand:
- telephony provider(s) — to place the demo and other calls;
- speech provider(s) — speech synthesis (text-to-speech) and speech recognition (speech-to-text);
- AI model provider(s) — the language model that powers the AI voice agent;
- cloud hosting provider(s) — to host the Platform, website, and data;
- email and communications provider(s) — to send service and (where permitted) marketing messages.
- Payment provider — to process subscription payments and billing.
- Professional advisers — lawyers, accountants, auditors, and insurers, where reasonably necessary.
- Authorities and other parties — where required by law, regulation, or legal process, or to protect our rights, safety, or property, or those of others.
- Corporate transactions — a buyer or successor in the event of a merger, acquisition, reorganisation, or sale of assets, subject to confidentiality.
A maintained list of the categories of sub-processors we use is available on request. Our providers act under written terms requiring appropriate security and limiting their use of personal data to providing the relevant service to us.
6. International transfers
Some of our service providers are located, or process data, outside the United Kingdom. Where we transfer personal data outside the UK, we put in place an appropriate safeguard recognised under UK data protection law, which may include:
- transfers to a country covered by UK adequacy regulations; or
- the International Data Transfer Agreement (IDTA), or the EU Standard Contractual Clauses (SCCs) together with the UK Addendum, plus any additional measures needed following a transfer risk assessment.
You can request more information, or a copy of the relevant safeguard, using the contact details in section 2.
7. How long we keep your data (retention)
We keep personal data only for as long as we need it for the purposes set out above, then delete or anonymise it. Our general approach:
- Customer account & Authorised User data: for the life of the account and then for up to 7 years after closure to handle queries, disputes, and legal/accounting obligations.
- Billing & accounting records: for the period required by tax and company law (typically 6–7 years).
- Website / enquiry data: for up to 24 months from your last interaction, unless a longer period is justified.
- Marketing data: until you opt out or we determine the data is no longer needed, reviewed periodically.
- Demo-call data: see section 8.
Detailed retention rules are recorded in our internal retention schedule.
8. How we use demo-call telephone numbers
If you submit your telephone number on our website to receive a demo call, the following applies. We act as Controller for this data.
- Why we collect it. We use the number you provide to place a one-off demonstration call from an AI voice agent, so you can experience the Services. You are asking us to call you.
- Lawful basis. We rely on your consent / request (Art. 6(1)(a)) and/or our legitimate interests (Art. 6(1)(f)) in demonstrating our Services to interested business contacts.
- One-off purpose. We use your number to make the requested demonstration call (and, if it does not connect, a small number of reasonable retry attempts). We do not add your number to ongoing marketing-call campaigns on the basis of a demo request.
- Recording / transcript. The demo call may be recorded and/or transcribed for quality, training, and compliance purposes. The AI nature of the call is disclosed during the call.
- Follow-up. We may contact you once to follow up about your demo and our Services on the basis of legitimate interests; you can opt out at any time.
- Retention. We keep your demo-call request and any recording/transcript for up to 6–12 months, then delete or anonymise it, unless we need to keep it longer to comply with a legal obligation or to handle a dispute.
- Opt out / withdraw. You can ask us not to call, or to delete your number and any recording, at any time using the contact details in section 2; if you withdraw consent before the call, we will not place it.
Demo calls are made to demonstrate the Services to the person who requested them. This is separate from the calling that Customers run through the Platform to their own contacts, where the Customer is the Controller (see section 1.1 and the DPA).
9. Cookies and similar technologies
Our website uses cookies and similar technologies. For details of the cookies we use, their purposes, and how to manage or withdraw your consent, please see our Cookie Policy.
10. Your rights
Under UK data protection law you have the right, in certain circumstances, to:
- be informed about how we use your data (this policy);
- access a copy of your data;
- request rectification of inaccurate or incomplete data;
- request erasure ("right to be forgotten");
- restrict our processing;
- object to processing based on legitimate interests, and to direct marketing at any time;
- data portability (for data you provided, processed by automated means on the basis of consent or contract);
- withdraw consent where we rely on it (without affecting prior processing).
We do not make solely automated decisions that produce legal or similarly significant effects about you within the meaning of UK GDPR Article 22 in our Controller role; if this changes we will update this policy.
To exercise any right, contact us using the details in section 2. We will respond within the statutory time limit (generally one month). We may need to verify your identity. These rights are not absolute and some have conditions or exemptions.
11. Security
We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or alteration. These include encryption in transit, access controls, least-privilege, logging and monitoring, and vendor due diligence. No system is completely secure; we cannot guarantee absolute security, but we work to protect your data and to meet our legal obligations, including notifying you and/or the ICO of a personal data breach where required.
12. Complaints and the ICO
If you have a concern about how we handle your personal data, please contact us first (section 2) so we can try to resolve it. You also have the right to lodge a complaint with the UK Information Commissioner's Office:
- Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom.
- Helpline: 0303 123 1113 · Website: ico.org.uk.
13. EU representative
We are established in the United Kingdom, so a representative under Article 27 of the UK GDPR is not required. Because we may offer services to, or monitor, individuals in the European Economic Area, we have appointed a representative in the EU under Article 27 of the EU GDPR. Our EU representative's contact details are available on request — please email privacy@inteligencia-artificial.co.uk.
14. Children
Our website and Services are intended for business users and are not directed at children. We do not knowingly collect personal data from children.
15. Changes to this policy
We may update this policy from time to time. The "Last updated" date at the top shows the latest version. Where changes are material, we will take reasonable steps to notify you. Please review this policy periodically.
16. Contact
Questions about this policy or our use of your personal data: privacy@inteligencia-artificial.co.uk.