1. Who We Are
iamadroid (“iamadroid”, “we”, “us” or “our”) provides AI website agents, AI Phone, Business Phone, telephony, analytics, dashboards, plugins, integrations and related business software services.
For our own website, account management, billing, marketing, support and legal administration, iamadroid is usually the controller of personal information. For personal information processed through customer-configured AI Agents, AI Phone or Business Phone services, our customer is usually the controller or business, and iamadroid acts as processor, service provider or sub-processor, depending on the law that applies.
2. Scope of this Policy
This Privacy Policy applies to:
- visitors to iamadroid.com and related pages;
- people who create or use an iamadroid account;
- customers, trial users, administrators and billing contacts;
- website visitors who interact with an AI Agent deployed by an iamadroid customer;
- callers who interact with AI Phone, Business Phone, AI Voice Agent, IVR, voicemail, routing or related phone features;
- people whose information is included in chats, calls, logs, recordings, transcripts, summaries, uploads, knowledge sources or customer configuration.
If you interact with an AI Agent or phone number operated by one of our customers, that customer’s own privacy notice may also apply. You should contact that customer directly for questions about how they use your information.
3. Information We Collect
Depending on how you use the Service, we may collect or process the following categories of information:
- Account information: name, email address, business name, role, login details, account settings, administrator details and authentication information.
- Billing and payment information: billing address, tax details, payment status, invoices, subscription details, plan choice, currency, payment references and transaction metadata. Full card details are normally handled by our payment provider.
- AI Agent data: chat messages, prompts, responses, session IDs, timestamps, widget configuration, agent settings, handoff settings, lead details, booking details, support-ticket details, knowledge sources and uploaded business content.
- AI Phone and Business Phone data: phone numbers, caller ID, called number, call time, call duration, routing data, call metadata, voicemail, call logs, recordings, transcripts, summaries, IVR choices, call outcomes, escalation details and caller-provided information.
- Usage and analytics data: conversation counts, token usage, call minutes, number usage, admin actions, logs, performance information, errors, diagnostic information and feature usage.
- Technical data: IP address, browser type, device type, operating system, approximate location derived from IP address, referring pages, pages visited, cookie identifiers, security logs and access logs.
- Support and communications: messages sent to support, contact forms, sales enquiries, call notes, email communications, attachments and feedback.
- Compliance and verification information: business identity, service address, tax status, KYC/KYB information, phone-number eligibility information, regulatory verification details and fraud-prevention checks where required.
- Marketing preferences: consent records, communication preferences and unsubscribe history.
4. Information We Receive from Customers and Third Parties
Customers may upload or configure information inside iamadroid, including FAQs, documents, web pages, prompts, agent instructions, call flows, routing rules, contact details, business hours, product information, customer information and other business data. We may also receive information from third-party providers needed to operate the Service, such as payment processors, hosting providers, telecom providers, analytics providers, email providers, AI model providers and integration partners.
5. How We Use Information
We use personal information to:
- provide, operate, maintain and improve the Service;
- create and manage accounts, trials, subscriptions, billing and customer support;
- deploy and operate AI Agents, AI Phone and Business Phone features;
- process chats, calls, recordings, transcripts, summaries, routing, notifications and handoffs;
- authenticate users and protect accounts;
- measure usage, apply plan limits, calculate overage and prevent abuse;
- send service messages, billing notices, security alerts, usage alerts and product updates;
- respond to enquiries, support requests and legal requests;
- detect, prevent and investigate fraud, misuse, spam, security incidents and prohibited activity;
- meet tax, accounting, telecoms, regulatory, legal and compliance obligations;
- generate aggregated or de-identified analytics to understand and improve the Service;
- send marketing communications where permitted by law and your preferences.
6. Legal Bases for UK and EU Processing
Where UK GDPR or EU GDPR applies, we rely on one or more of the following lawful bases:
- Contract: to provide the Service, manage accounts, process subscriptions, deliver support and fulfil customer requests.
- Legitimate interests: to secure, maintain, improve and protect the Service, prevent fraud, analyse usage, support customers and operate our business, where those interests are not overridden by your rights.
- Consent: for optional marketing, certain cookies, call recording or other processing where consent is required.
- Legal obligation: to meet tax, accounting, telecoms, regulatory, law-enforcement, consumer-protection and data-protection obligations.
- Vital interests: only in rare cases where processing is necessary to protect someone’s life or safety.
7. Data Roles and Customer Responsibilities
- For AI Agents, AI Phone and Business Phone services configured by a customer, the customer is usually responsible for deciding what information is collected, why it is collected and how long it is retained.
- iamadroid processes that information according to the customer’s instructions, our Terms, this Privacy Policy and any applicable data processing agreement.
- Customers must provide their own privacy notices, cookie notices, AI disclosures, call-recording notices and consent mechanisms where required.
- Customers must not use the Service to collect sensitive information unless they have a lawful basis and the selected plan, configuration and safeguards are appropriate.
- Customers are responsible for complying with laws that apply to their own users, callers, employees, customers and website visitors.
8. AI, Automated Processing and Human Review
AI Agents and AI Phone features may generate responses, classify intent, summarise conversations, produce transcripts, route calls, suggest actions or trigger configured workflows. These outputs may be inaccurate, incomplete or inappropriate.
- Customers are responsible for reviewing and testing their AI Agent and AI Phone configuration.
- Customers should use human review for high-impact, regulated, sensitive or important decisions.
- iamadroid does not authorise customers to use AI outputs as a sole source of medical, legal, financial, safety, emergency or other professional advice.
- Where the law requires notice of automated decision-making or meaningful information about logic involved, customers must provide the required notice to their own end users.
9. Call Recording, Transcription and Monitoring
AI Phone and Business Phone features may create call logs, recordings, transcripts, summaries, voicemail, routing history and metadata depending on plan and configuration.
- Customers are responsible for obtaining any required consent before recording, transcribing, monitoring or analysing calls.
- Customers must give callers required notices, including that they may be interacting with AI or that calls may be recorded or summarised.
- Transcripts and summaries may be inaccurate and should be reviewed before being relied on.
- Call data may be processed by telecom providers, AI model providers, hosting providers and other sub-processors needed to provide the Service.
10. Cookies and Similar Technologies
We use necessary cookies and similar technologies for authentication, session management, security, fraud prevention, preferences and service operation. We may use analytics or marketing cookies where permitted by law and subject to consent where required.
See our Cookie Policy for more information.
11. How We Share Information
We do not sell personal information. We may share or disclose information with:
- Customers: where information relates to an AI Agent, phone number, dashboard or workflow controlled by that customer.
- Service providers and sub-processors: hosting, database, telecoms, AI model, payment, email, analytics, monitoring, support, security and integration providers.
- Telecom providers and carriers: where needed for phone numbers, call routing, number verification, call completion, caller ID, regulatory compliance and fraud prevention.
- Payment processors: to process payments, subscriptions, invoices, refunds, chargebacks and fraud checks.
- Professional advisers: lawyers, accountants, auditors, insurers and compliance advisers.
- Authorities and regulators: where required by law, court order, telecoms rules, tax rules, lawful request or to protect rights and safety.
- Business transfers: in connection with a merger, acquisition, financing, restructuring or sale of assets, subject to appropriate safeguards.
The full, current list of sub-processors may be provided on our Sub-processors page or upon request.
12. International Transfers
We may process and store information in the United Kingdom, European Economic Area, United States, Canada and other countries where we or our providers operate. Where personal information is transferred outside the UK or EEA, we use appropriate safeguards where required, such as adequacy decisions, Standard Contractual Clauses, UK international data transfer terms, contractual safeguards or other lawful transfer mechanisms.
13. Data Retention
We keep personal information only for as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law.
| Data type | Typical retention approach |
|---|---|
| Account, billing and subscription records | Kept while the account is active and then as needed for tax, accounting, dispute, fraud-prevention and legal purposes. |
| AI Agent chats, leads, tickets and summaries | Kept according to plan settings, customer configuration and operational retention rules, then deleted or anonymised where appropriate. |
| Call logs, recordings, transcripts and phone metadata | Kept according to plan, customer configuration, telecom requirements, billing needs and legal obligations. |
| Security, audit and access logs | Kept as needed for security, fraud prevention, troubleshooting, compliance and platform integrity. |
| Marketing preferences | Kept until you unsubscribe or object, and then retained as needed to respect your preference. |
Backup copies may persist for a limited period before deletion. We may retain de-identified, aggregated or anonymised information where it no longer identifies an individual.
14. Security
We use technical and organisational safeguards designed to protect personal information, including HTTPS/TLS, access controls, role-based permissions, logging, monitoring, least-privilege practices, secure keys and provider safeguards. No system is completely secure, and we cannot guarantee that unauthorised access, loss, misuse or disclosure will never occur.
See our Security page for more information, where available.
15. Your Privacy Rights: UK, EU and Similar Laws
Depending on where you live and the law that applies, you may have rights to:
- access personal information we hold about you;
- correct inaccurate or incomplete information;
- delete personal information;
- restrict or object to processing;
- receive a portable copy of certain information;
- withdraw consent where processing is based on consent;
- object to direct marketing;
- complain to a supervisory authority.
If your information was processed by an AI Agent or phone service controlled by one of our customers, we may refer your request to that customer or act on their instructions.
16. Canadian Privacy Rights
If Canadian privacy law applies, you may have rights to access your personal information, challenge its accuracy, withdraw consent in some circumstances, and ask questions or make complaints about our privacy practices. We will handle Canadian requests in accordance with applicable Canadian privacy laws, including PIPEDA where it applies.
17. US State Privacy Rights
Depending on your state of residence and whether the relevant law applies to us or to our customer, you may have rights to request access, deletion, correction, portability, opt-out of certain disclosures, limit certain uses of sensitive personal information, or appeal a decision about your request.
We do not sell personal information. We also do not knowingly share personal information for cross-context behavioural advertising in a way that would require an opt-out unless stated in a separate notice.
If you are a California resident, this Privacy Policy is intended to provide notice of the categories of personal information we collect, the purposes for which we use it, the categories of recipients to whom it may be disclosed, and the rights that may be available under California law.
18. How to Exercise Your Rights
To exercise privacy rights, please contact us through Contact Us or email compliance@iamadroid.com.
We may need to verify your identity and account relationship before responding. If your request relates to a customer-controlled AI Agent, phone number, chat, call, recording or transcript, we may direct you to the relevant customer or process the request on that customer’s instructions.
19. Marketing Communications
We may send service-related communications that are necessary for account, billing, security or operational reasons. We may also send marketing communications where permitted by law. You can opt out of marketing emails using the unsubscribe link or by contacting us. Even if you opt out of marketing, we may still send important service, billing, security and legal notices.
20. Children’s Privacy
The Service is designed for businesses and is not directed at children. We do not knowingly collect personal information from children under 16 through our own website or account services. Customers must not configure the Service to knowingly collect children’s personal information unless they have all required legal authority, parental consent and safeguards.
21. Sensitive Information
The Service is not intended for unnecessary collection of sensitive personal information. Customers must not collect or upload sensitive categories of information, health information, payment card numbers, government identifiers, biometric information, children’s data or other regulated data unless they have a lawful basis, required consents and appropriate safeguards, and the relevant iamadroid plan and configuration are suitable for that use.
22. Data Breach and Incident Response
If we become aware of a personal data breach or security incident affecting personal information, we will investigate and take appropriate steps. Where required by law, we will notify affected customers, regulators or individuals. Customers are responsible for notifying their own end users where they are the controller and the law requires them to do so.
23. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page or otherwise communicated where appropriate. The effective date below shows the latest revision.
24. Contact and Complaints
For privacy questions, requests or complaints, contact us through Contact Us or email compliance@iamadroid.com.
If you are in the UK, you may also complain to the Information Commissioner’s Office. If you are in the EEA, you may complain to your local data protection authority. If you are in Canada, you may contact the Office of the Privacy Commissioner of Canada where applicable. If you are in the United States, your state privacy regulator or attorney general may provide additional information about your rights.
Effective date: 1 May 2026