Plain English Summary: We collect only the data we need to operate VoxiQa. We never sell your data. You can request deletion of your data at any time by emailing privacy@voxiqa.com.
1. Overview & Scope
VoxiQa, a service operated by Oleksiy Tazov, an individual based in Poland (“VoxiQa,” “we,” “us,” or “our”), operates an AI-powered voice receptionist platform designed for US-based businesses, including salons, spas, home-services companies, and other local service businesses. This Privacy Policy applies to:
- Our website at voxiqa.com and any associated subdomains
- The VoxiQa platform and dashboard
- The VoxiQa AI receptionist service (inbound call handling, appointment booking, follow-up messaging)
- Any communications between you and VoxiQa, including email and support interactions
By using our services, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please discontinue use of our services and contact us at privacy@voxiqa.com.
2. Information We Collect
2.1 Information You Provide Directly
When you create an account or contact us, we may collect:
- Account information: name, business name, work email address, phone number, business address, and business type
- Configuration data: business hours, service lists, FAQ content, staff information, and booking rules you enter into the VoxiQa platform
- Payment information: billing address and payment method details (processed securely via our payment processor; we do not store full card numbers)
- Communications: emails, support tickets, feedback forms, and any other messages you send to us
2.2 Call Data & Transcripts
When VoxiQa handles calls on behalf of your business, we process and may retain:
- Call recordings (subject to applicable state wiretapping and consent laws)
- Automated transcripts of conversations
- AI-generated summaries and extracted data (caller name, requested appointment, callback number, etc.)
- Call metadata (timestamp, duration, caller ID where available, outcome)
Call recordings and transcripts are stored in your account dashboard. You control the retention period for this data within platform settings.
2.3 Automatically Collected Information
When you visit voxiqa.com or use the platform, we automatically collect:
- IP address, browser type, operating system, and device type
- Pages visited, time spent, and clickstream data
- Referring URLs and search terms
- Session identifiers and usage patterns
2.4 Third-Party Integrations
If you connect third-party services (such as your calendar or CRM provider), we access the minimum data necessary to provide the integration functionality — typically calendar availability and appointment records. We do not store more data from these services than is required for operation.
2.5 Google User Data (Google Calendar Integration)
If you connect a Google account to enable calendar booking, VoxiQa requests the narrowest Google Calendar permissions needed to manage your appointments. With your authorization, we:
- Access: read your calendar availability (free/busy times) and the event details relevant to scheduling
- Use: check open time slots and create, reschedule, or cancel appointments on your behalf when your AI receptionist books a caller
- Store: only the minimum data required to operate bookings (such as event identifiers, times, and booking status); we do not copy your full calendar history
- Share: we do not transfer Google user data to any third party, except a limited set of subprocessors strictly necessary to provide the calendar-booking feature, and only as permitted by the Google API Services User Data Policy (including the Limited Use requirements)
We use Google user data solely to provide and improve the calendar-booking features you have requested — reading your availability and creating, rescheduling, or cancelling appointments on your behalf — and for no other purpose. The broader information-use practices described in Section 3 (including product analytics, platform improvement, and marketing) do not apply to Google user data.
We do not use Google user data for advertising, we do not sell or transfer it to third parties for their own purposes, and we do not use it to develop, improve, or train any artificial intelligence or machine-learning models — including the AI models that power VoxiQa. You can disconnect Google access at any time from your dashboard or via your Google Account permissions, after which we stop accessing your Google data.
Limited Use: VoxiQa’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. If any provision of this Privacy Policy conflicts with the Limited Use requirements, the Limited Use requirements govern with respect to Google user data.
3. How We Use Your Information
We use the information we collect to:
- Provide our services: operate the AI receptionist, book appointments, send follow-up messages, and generate call summaries
- Maintain your account: manage your subscription, process payments, and provide customer support
- Improve our platform: analyze usage patterns to improve voice model accuracy, booking conversion rates, and product features (using anonymized, aggregated data only)
- Communicate with you: send transactional emails (confirmations, invoices, security alerts), product updates, and — where you have opted in — marketing communications
- Ensure security and compliance: detect fraud, prevent abuse, enforce our Terms of Service, and comply with legal obligations
- Legal basis (where applicable): performance of a contract (providing the service), legitimate interests (improving the platform), legal obligation (compliance), and consent (marketing emails)
We do not use call recordings or transcripts to train general AI models without your explicit consent. Voice model improvements are based on anonymized, aggregated performance metrics only.
4. Healthcare & Sensitive Data
Important: VoxiQa is a general-purpose AI receptionist for local businesses. It is not a HIPAA Business Associate, and we do not offer a Business Associate Agreement (BAA). You should not use VoxiQa to collect, store, or transmit Protected Health Information (PHI) or other regulated health data.
If your business handles sensitive personal information, you are responsible for ensuring that your use of VoxiQa complies with the laws and regulations that apply to you. We protect all data we process using the security measures described in Section 6 below.
5. Information Sharing & Disclosure
We do not sell, rent, or trade your personal information or your customers’ data to any third party. Ever.
We may share information only in the following limited circumstances:
- Service providers & subprocessors: trusted vendors who help us operate the platform — including cloud hosting, telephony and call-recording providers, voice-AI and speech-to-text / text-to-speech providers that process call audio and transcripts, payment processing, email delivery, and analytics. These vendors are contractually prohibited from using your data for any purpose other than providing services to VoxiQa
- Integrations you authorize: when you connect a third-party scheduling system, we share data with that system as necessary to complete the integration
- Legal requirements: if required by law, regulation, court order, or governmental authority — in which case we will notify you to the extent permitted by law
- Business transfers: in the event of a merger, acquisition, or sale of assets, your data may be transferred. You will be notified via email and/or a prominent notice on our website prior to the transfer
- With your consent: in any other circumstance, only with your explicit prior consent
6. Data Security
We implement industry-leading security measures to protect your information:
- Encryption at rest: AES-256 encryption for all stored data, including call recordings, transcripts, and personal information
- Encryption in transit: TLS 1.3 for all data transmitted between your browser/devices and our servers
- Infrastructure: SOC 2 Type II-compliant cloud infrastructure with multi-region redundancy
- Access controls: Role-based access control, multi-factor authentication for all internal systems, and principle of least privilege
- Penetration testing: Regular third-party security audits and penetration testing
- Employee training: All employees handling customer data receive data security and privacy training
While we implement extensive security measures, no system can be 100% secure. If you believe your account has been compromised, please contact us immediately at security@voxiqa.com.
7. Data Retention
We retain different types of data for different periods:
- Account data: retained for the duration of your account plus 3 years after termination, unless you request earlier deletion
- Call recordings & transcripts: retained according to your subscription plan; the current default retention period is 30 days. Recordings and transcripts are automatically deleted once the retention period for your plan expires
- Billing records: retained for 7 years as required by US tax and accounting regulations
- Security logs: retained for 12 months
- Marketing data: retained until you unsubscribe or request deletion
When data is deleted — either automatically upon retention expiration or upon your request — it is permanently removed from our systems within 30 days, including all backups.
8. Cookies & Tracking Technologies
Our website uses cookies and similar technologies for the following purposes:
- Strictly necessary: session management, authentication, and security. These cannot be disabled
- Functional: remembering your preferences (e.g., a business type selection on our forms). These are stored in sessionStorage and are not persisted across browser sessions
- Analytics: with your consent, we use Google Analytics (provided by Google) to understand how visitors use our website. Analytics cookies load only after you accept them via our cookie banner. Google Analytics sets cookies and may process your IP address and usage data; we enable IP anonymization where supported, and this information is processed by Google. You can decline at any time via our cookie banner, opt out with Google's opt-out browser add-on, or clear cookies in your browser. We do not use analytics data for advertising, and we never sell your data
You can control cookies through your browser settings. Disabling cookies may affect the functionality of certain features.
9. Your Rights
Regardless of your location, you have the following rights regarding your personal data:
- Access: request a copy of all personal data we hold about you
- Correction: request correction of inaccurate or incomplete data
- Deletion: request deletion of your personal data (subject to legal retention requirements)
- Portability: receive your data in a structured, machine-readable format
- Objection: object to processing based on legitimate interests
- Restriction: request that we restrict processing of your data in certain circumstances
- Withdrawal of consent: withdraw consent for marketing communications at any time by clicking “unsubscribe” in any email or contacting us
To exercise any of these rights, email privacy@voxiqa.com with “Privacy Request” in the subject line. We will respond within 30 days.
10. California Residents (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know: request disclosure of the categories and specific pieces of personal information we have collected about you over the past 12 months
- Right to Delete: request deletion of personal information we have collected, subject to certain exceptions
- Right to Opt-Out of Sale: we do not sell personal information. No opt-out is necessary, but we confirm this right is honored
- Right to Non-Discrimination: we will not discriminate against you for exercising your CCPA/CPRA rights
- Right to Correct: request correction of inaccurate personal information
- Right to Limit Sensitive Personal Information: limit the use of sensitive personal information to what is necessary to provide the service
To submit a CCPA/CPRA request, contact us at privacy@voxiqa.com. We will respond within 45 days.
California’s “Shine the Light” law (Civil Code §1798.83) permits California residents to request information about sharing personal information with third parties for their direct marketing purposes. VoxiQa does not share personal information with third parties for direct marketing purposes.
11. Children’s Privacy
VoxiQa’s services are designed for businesses and are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without parental consent, we will delete that information promptly.
If you believe we have inadvertently collected information from a child under 13, please contact us at privacy@voxiqa.com.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Post the updated policy on this page with a revised “Last Updated” date
- Send an email notification to the address associated with your account (for material changes)
- Display a prominent notice on our website for 30 days following material changes
Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you should discontinue use of our services.
13. Contact Us
If you have questions about this Privacy Policy, wish to exercise your data rights, or have a privacy-related concern, please contact our Privacy Team:
- Email: privacy@voxiqa.com
- Data protection: privacy@voxiqa.com
- Operator: VoxiQa is operated by Oleksiy Tazov, an individual based in Poland
For security-related concerns or to report a potential data breach, email security@voxiqa.com immediately.
Disclaimer: This Privacy Policy is provided for informational purposes. VoxiQa recommends that all businesses consult with qualified legal counsel to ensure their privacy practices comply with all applicable federal, state, and local laws.