Privacy Policy

Last updated: February 1, 2026

1. Introduction

AIOneDesk ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI voice agent platform, website, and related services (collectively, the "Service").

2. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, company name, and payment information when you create an account.
  • Usage Data: Information about how you interact with the Service, including pages visited, features used, and session duration.
  • Call Data: Call recordings, transcripts, and analytics data generated by your AI voice agents. This data is stored according to your plan's retention policy.
  • Provider Credentials: API keys you provide for third-party services (e.g., OpenAI, Twilio). These are encrypted at rest and in transit.
  • Device Information: Browser type, operating system, IP address, and device identifiers.

3. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process transactions and send related information
  • To send administrative communications, updates, and security alerts
  • To respond to your inquiries and support requests
  • To monitor and analyze usage trends for product improvement
  • To detect, prevent, and address technical issues and fraud

4. BYOK Data Handling

When using Bring Your Own Key (BYOK), your API requests are forwarded directly to your chosen providers using your credentials. We do not store or log the content of API calls made through BYOK connections, except as necessary for billing and debugging purposes. Your API keys are encrypted using AES-256 encryption.

5. Call Recording & Data Retention

Call recordings and transcripts are stored securely and retained according to your subscription plan's retention policy (7 to 365 days). You may delete recordings at any time through the dashboard. When retention expires or you delete data, it is permanently removed within 30 days.

6. HIPAA Compliance

For customers on Pro and Enterprise plans with HIPAA compliance mode enabled, we implement additional safeguards including encrypted data storage, access controls, audit logging, and Business Associate Agreement (BAA) availability. Contact us at privacy@aionedesk.com for BAA requests.

7. Data Sharing

We do not sell your personal information. We may share information with:

  • Service providers: Companies that help us operate the Service (hosting, payment processing, analytics).
  • Your chosen AI providers: When processing calls, data is sent to the providers you've configured (via your own API keys).
  • Legal compliance: When required by law, subpoena, or similar legal process.

8. Data Security

We implement industry-standard security measures including TLS 1.3 encryption in transit, AES-256 encryption at rest, SOC 2 Type II compliance controls, regular security audits, and access controls with multi-factor authentication.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict processing of your data
  • Data portability
  • Withdraw consent at any time

10. Cookies

We use essential cookies required for the Service to function, and optional analytics cookies to understand usage patterns. You may disable non-essential cookies through your browser settings.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@aionedesk.com or write to us at AIOneDesk, Privacy Team.