Skip to content
Back to SonderVoiceSonderVoice

Privacy Policy

Last updated: January 16, 2026

1. Introduction

SonderVoice Ltd. (“SonderVoice”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered voice receptionist platform (“Service”).

This policy applies to:

  • Business Users: Organizations and individuals who subscribe to SonderVoice
  • End Users (Callers): People who call businesses using our AI receptionist
  • Website Visitors: Anyone who visits our website

By using the Service, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information from Business Users

When you register and use SonderVoice, we collect:

  • Account Information: Name, email address, phone number, business name, and address
  • Payment Information: Credit card details (processed and stored by Stripe, our payment processor)
  • Business Configuration: Operating hours, services offered, AI personality settings, and greeting scripts
  • Integration Data: Calendar information when you connect Google Calendar
  • Usage Data: Call logs, appointment records, messages, and analytics

2.2 Information from Callers

When someone calls a business using our Service, we may collect:

  • Call Data: Phone number, call duration, call recordings (if enabled), and transcripts
  • Conversation Content: Information shared during the call such as name, appointment requests, and messages
  • Technical Data: Call quality metrics and telephony data

2.3 Automatically Collected Information

We automatically collect certain information when you interact with our Service:

  • Device Information: Browser type, operating system, and device identifiers
  • Log Data: IP address, access times, pages viewed, and referring URL
  • Cookies and Tracking: We use cookies and similar technologies (see Section 7)

3. How We Use Your Information

We use the collected information to:

3.1 Provide the Service

  • Operate the AI voice receptionist
  • Process and manage appointments
  • Deliver messages and notifications
  • Maintain call history and analytics

3.2 Improve and Develop

  • Analyze usage patterns to improve features
  • Train and improve our AI models (using anonymized data)
  • Debug and fix technical issues
  • Develop new features and services

3.3 Communicate

  • Send service-related notifications
  • Provide customer support
  • Send marketing communications (with your consent)

3.4 Legal and Safety

  • Comply with legal obligations
  • Protect against fraud and abuse
  • Enforce our Terms of Service

4. How We Share Your Information

We may share your information with:

4.1 Service Providers

We use trusted third-party services to operate our platform:

  • Retell AI: Voice synthesis and AI conversation processing
  • Stripe: Payment processing
  • Google: Calendar integration (when authorized by you)
  • Telephony Providers: Call routing and delivery
  • Cloud Hosting: Data storage and computing infrastructure
  • Analytics Services: Usage analytics and error monitoring

4.2 Business Users

Caller information is shared with the Business User whose AI receptionist handled the call. Business Users are responsible for their own use of this data.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4.5 With Your Consent

We may share information with third parties when you explicitly consent.

5. Data Retention

We retain your information for as long as necessary to:

  • Provide the Service
  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements

Specific retention periods:

  • Account Data: Retained while your account is active, plus 90 days after deletion
  • Call Recordings: Retained according to your plan settings (default: 90 days)
  • Call Transcripts: Retained for 1 year
  • Analytics Data: Aggregated and anonymized data may be retained indefinitely
  • Payment Records: Retained as required by tax and financial regulations

6. Data Security

We implement robust security measures including:

  • Encryption: Data encrypted in transit (TLS) and at rest (AES-256)
  • Access Controls: Role-based access with multi-factor authentication
  • Infrastructure: Secure cloud hosting with regular security audits
  • Monitoring: Continuous monitoring for unauthorized access
  • Incident Response: Procedures for detecting and responding to security incidents

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Analytics Cookies: Help us understand how the Service is used
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Note that disabling certain cookies may affect Service functionality.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

8.1 Access and Portability

Request a copy of your personal information in a portable format.

8.2 Correction

Request correction of inaccurate personal information.

8.3 Deletion

Request deletion of your personal information, subject to legal retention requirements. Note: We cannot delete data that Business Users have independently stored.

8.4 Opt-Out

  • Marketing: Unsubscribe from marketing emails via the link in each email
  • Cookies: Adjust browser settings to refuse cookies

8.5 Do Not Track

We currently do not respond to Do Not Track browser signals. We may update this practice as industry standards evolve.

To exercise your rights, contact us at privacy@sondervoice.com.

9. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA:

  • Right to Know: What personal information we collect, use, and disclose
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt out of the “sale” of personal information (we do not sell personal information)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To submit a CCPA request, email privacy@sondervoice.com with “CCPA Request” in the subject line.

10. International Data Transfers

SonderVoice is based in the United Kingdom. If you access the Service from outside the UK, your information may be transferred to and processed in the United Kingdom or other jurisdictions where our service providers operate. Data protection laws may differ from your country.

For users in the European Economic Area (EEA), UK, or Switzerland, we rely on Standard Contractual Clauses and other appropriate safeguards for international data transfers.

11. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately so we can delete it.

12. AI and Automated Processing

Our Service uses artificial intelligence to:

  • Conduct voice conversations with callers
  • Transcribe and analyze call content
  • Determine appropriate responses and actions
  • Generate analytics and insights

AI-generated transcripts and summaries may contain errors. Important business decisions should be verified with original call recordings when available.

13. Call Recording Notice

Calls handled by the AI receptionist may be recorded. Business Users are responsible for:

  • Complying with all applicable call recording laws
  • Obtaining necessary consent from callers
  • Configuring appropriate disclosure messages

Recording laws vary by jurisdiction. Many states require two-party consent. Consult legal counsel to ensure compliance.

14. Industry-Specific Compliance

14.1 Healthcare (HIPAA)

If you use SonderVoice for healthcare-related communications, you are responsible for HIPAA compliance. Contact us to execute a Business Associate Agreement (BAA) if required.

14.2 Financial Services

Users in financial services must ensure their use complies with applicable regulations including GLBA, PCI-DSS (for payment card data), and other industry requirements.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending an email to Business Users
  • Displaying a notice in the dashboard

Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

16. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

SonderVoice Ltd.
Privacy Team
Email: privacy@sondervoice.com
Address: United Kingdom

For GDPR-related inquiries, you may also contact your local data protection authority.