Missed Call Help AI
Sign in Get started
Menu

Privacy Policy

Effective date: 1 May 2026 ¡ Last updated: 1 May 2026

This Privacy Policy explains how Missed Call Help AI Ltd ("Missed Call Help AI", "we", "us", "our") collects, uses, shares, and protects personal data when you use our website missedcallhelpai.com, our dashboard at app.missedcallhelpai.com, our mobile apps, and the AI receptionist services we provide (together, "the Services").

1. Who we are

Missed Call Help AI Ltd is the data controller for personal data we collect about you when you use our website or are a customer of our Services. When we process personal data on behalf of our business customers (e.g. transcripts of calls our customers' end-users make), we act as a data processor.

Contact: privacy@missedcallhelpai.com
Postal address: available on request via email.

2. Data we collect

We collect the following categories of personal data:

  • Account data: name, email, business name, billing address, phone number.
  • Usage data: pages visited, features used, login times, IP address, device/browser type.
  • Voice recordings: recordings of phone calls handled by our AI on your behalf, retained for the period you configure (default: 90 days).
  • Transcripts: machine-generated transcripts of calls and SMS handled by our AI.
  • Payment data: last 4 digits of card, expiry, billing address. Full card data is held by our payment processor (Stripe), not us.
  • Cookies & analytics: see our Cookie Policy.
  • Marketing preferences: consent to receive emails, channel preferences.

3. Why we collect it (legal basis)

We process your personal data on the following lawful bases under UK GDPR Article 6:

  • Contract (Art. 6(1)(b)): to provide the Services you've signed up for, take payment, and provide support.
  • Legitimate interests (Art. 6(1)(f)): to keep the Services secure, prevent fraud, and improve product quality.
  • Consent (Art. 6(1)(a)): for marketing emails, optional analytics cookies, and certain feature opt-ins (e.g. voice cloning).
  • Legal obligation (Art. 6(1)(c)): to comply with tax, accounting, and AML requirements.

4. Sub-processors we share data with

We use trusted sub-processors to deliver the Services. Each is contractually bound by data protection terms equivalent to UK GDPR.

  • VAPI — voice AI infrastructure (US, SCC). Privacy.
  • Twilio — telephony and SMS (US, SCC). Privacy.
  • Stripe — payments (US/UK). Privacy.
  • OpenAI — language model inference (US, SCC). Privacy.
  • ElevenLabs — voice synthesis & cloning (US, SCC). Privacy.
  • Postmark — transactional email (US, SCC). Privacy.
  • Vercel — web hosting (US/EU). Privacy.
  • Railway — application hosting (US/EU). Privacy.
  • Google Cloud — calendar & cloud storage (EU/US, SCC). Privacy.

5. International transfers

Some of our sub-processors are located in the United States. Where data is transferred outside the UK or EEA, we rely on the UK International Data Transfer Agreement (IDTA) or the EU Standard Contractual Clauses (SCCs), supplemented by appropriate technical and organisational measures (encryption in transit and at rest). For US transfers we additionally rely on the UK Extension to the EU-US Data Privacy Framework where applicable.

6. How long we keep data

  • Account data: for as long as your account is active, plus 6 years for tax/accounting compliance.
  • Voice recordings: default 90 days, configurable from 1 day to 7 years (HIPAA mode allows zero retention).
  • Transcripts: default 12 months, configurable.
  • Payment records: 7 years (UK statutory retention).
  • Cookie data: per the durations stated in our Cookie Policy.
  • Marketing data: until you unsubscribe, then deleted within 30 days.

7. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate data.
  • Erase your data ("right to be forgotten") subject to our legal retention obligations.
  • Restrict processing in certain circumstances.
  • Port your data to another provider (machine-readable export).
  • Object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent at any time, where processing is based on consent.
  • Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any right, email privacy@missedcallhelpai.com. We respond within 30 days.

8. Cookies

See our separate Cookie Policy for the full list of cookies we use, their purpose, and how to manage them.

9. Children's data

Our Services are intended for businesses and we do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Security

We protect your data with encryption in transit (TLS 1.2+) and at rest (AES-256), role-based access control, audit logging, regular penetration testing, and an incident response process. We will notify you of any data breach affecting your personal data without undue delay and within 72 hours of becoming aware, in line with UK GDPR Article 33.

11. Changes to this policy

We may update this policy from time to time. Material changes will be notified by email and a notice in the dashboard at least 30 days before they take effect. The "Last updated" date at the top reflects the most recent change.

12. Contact / Data Protection

For privacy questions, requests, or complaints: privacy@missedcallhelpai.com (subject line: "Privacy").