CleverDesk Privacy Policy

This Privacy Policy explains how CleverDesk collects, uses, discloses, and retains information when we provide our AI receptionist, calling, and booking services. By using the Service, you agree to this Policy.

Call metadata such as phone numbers, timestamps, duration, call outcomes, and routing events.

Call audio and transcripts only if you enable recording or transcription.

Calendar data such as availability, event details, and attendee names/emails to schedule and update bookings.

Account and billing details you provide, plus usage and technical logs (e.g., device/browser, IP, diagnostics).

Derived data we generate to summarize or classify interactions (e.g., call summaries, intents).

To place and receive calls, route conversations, and produce AI-generated responses and summaries.

To schedule, modify, and confirm bookings based on your calendars and rules.

To operate, secure, troubleshoot, and improve the Service; to detect fraud or abuse; and to meet legal obligations.

To provide support and communicate about Service updates.

We use subprocessors to deliver the Service: telephony/voice automation (e.g., Vapi), LLM providers for transcription/summarization/response generation (e.g., OpenAI-like LLMs), and backend/database services (e.g., Convex). We also use infrastructure, monitoring, and analytics providers. They process data on our behalf under their terms.

We may share information if required by law or to protect rights, safety, or the integrity of the Service.

Recording or transcription is optional. If you enable it, you are responsible for obtaining any legally required notice or consent from callers under applicable call-recording and privacy laws.

The Service is not intended for protected health information (PHI) or emergency use. Do not submit PHI unless we have executed a separate BAA with appropriate controls (none is provided by default). Do not rely on the Service for emergency response.

We keep operational data while your account is active. Call audio/transcripts and calendar data are retained as needed to provide the Service or until you delete them. Backups and logs follow rolling retention windows (for example, 30–90 days) before automated purge. We delete data after verified account closure unless a longer period is required by law or to resolve disputes.

We apply industry-standard safeguards, including encryption in transit and at rest where supported by providers, least-privilege access, monitoring, and backups. No system can be guaranteed secure; please use strong access controls on your end.

You can disable recording, disconnect calendars, request deletion of call data or transcripts, or close your account to trigger deletion workflows (subject to legal holds).

If you use the Service from outside the hosting region, your data may be transferred to and processed in other jurisdictions, which may have different data protection laws.

We may update this Policy. Material changes will be communicated, and continued use after notice signifies acceptance.

For privacy questions or requests, email contact@usecleverdesk.com.