OnCallClerk Logo

Privacy Policy

Your privacy is fundamental to how OnCallClerk operates. This policy explains how we process, secure, and protect personal data on behalf of our customers.

Last updated: September 12, 2025

Who We Are & Roles Under GDPR

OnCallClerk as Data Processor

OnCallClerk provides AI-powered phone answering and call management services. In relation to customer call data, we act as a Data Processor under the General Data Protection Regulation (GDPR). We process personal data only on documented instructions from our customers, who act as the Data Controllers.

Customer Responsibilities

As a Data Controller, you are responsible for determining the lawful basis for processing call data (such as consent or legitimate interests) and for providing any required notices to callers under applicable data protection laws.

What Data We Process

Account Information

When you sign up, we collect basic account details such as your name, company name, email address, phone number, billing information, and login credentials.

Call Data

We process call recordings, transcripts, caller ID, call duration, time of call, and related metadata. This data is processed solely to provide our AI phone agent service on your behalf.

Service Usage Information

We log how you interact with the dashboard, features, and APIs to ensure reliability, maintain performance, and improve the service.

Technical Data

We automatically collect IP addresses, device/browser information, and diagnostic logs for security and troubleshooting.

How We Use Data

Service Provision

We process account and call data to deliver, maintain, and improve the OnCallClerk service.

AI Processing

Calls and transcripts are processed by AI models to generate responses. We do not sell or share identifiable call data with third parties. Any use for model evaluation or improvement is performed only with anonymized and aggregated data.

Customer Support

We use your account information and service data to provide support and resolve issues.

Legal Obligations

We may process or disclose data as required to comply with applicable laws or enforce our Terms of Service.

Data Sharing & Transfers

Subprocessors

We use trusted third-party providers to operate our service, including cloud infrastructure providers (for hosting and storage) and payment processors (for billing). A full list of subprocessors is available upon request.

International Transfers

Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or other lawful mechanisms under GDPR.

Business Transactions

If OnCallClerk undergoes a merger, acquisition, or asset sale, customer data may transfer as part of the transaction, subject to safeguards.

No Sale of Data

We never sell, rent, or trade customer or end-user personal data.

Data Security

Encryption

All personal data, including call recordings and transcripts, is encrypted in transit (TLS 1.3) and at rest (AES-256).

Access Controls

Access to data is restricted by role-based controls, authentication mechanisms, and logging of administrative access.

Monitoring & Testing

We conduct regular audits, monitoring, and penetration testing to identify and mitigate vulnerabilities.

Compliance

Our practices are aligned with GDPR, CCPA, and industry best standards for cloud security.

Data Retention

Call Recordings & Transcripts

By default, call recordings and transcripts are retained for 90 days. Customers can configure custom retention periods or request deletion earlier.

Account Information

Account data is retained while your account remains active, and for a limited period thereafter as required by law (e.g., financial recordkeeping).

Analytics

Aggregated and anonymized analytics may be stored indefinitely to improve our service.

Deletion Requests

Customers may request deletion of data at any time. We will comply within 30 days unless longer retention is required by law.

Your Rights

GDPR Rights

As a data subject, you may request access to your data, correction of inaccuracies, deletion, restriction of processing, data portability, or object to processing. Requests should be submitted via the contact details below.

CCPA Rights

For California residents, you have the right to know what personal information we process, request deletion, opt out of data sales (we do not sell data), and exercise your rights without discrimination.

Exercising Rights

To exercise these rights, please contact us using the details provided below. We will respond within 30 days as required by law.

Contact Us About Privacy

If you have any questions or would like to exercise your rights, please contact us:

Email: privacy@oncallclerk.com
Mail: OnCallClerk Privacy Team
123 AI Street, Suite 100
London, UK
Supervisory Authority: If you are based in the UK or EU, you may also lodge a complaint with your local data protection authority.

This Privacy Policy may be updated from time to time. We will notify customers of material changes by email or via the dashboard.