Privacy Policy

Effective date: 5 April 2026

1. Introduction

This Privacy Policy explains how APPS 365 LTD ("we", "us", "our") collects, uses, stores and protects your personal data when you use autoreceptionist.ai (the "Service") - our AI-powered phone receptionist platform for UK small and medium-sized businesses.

We are committed to protecting your privacy and handling your data in an open and transparent manner. We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR).

2. Who We Are

APPS 365 LTD is the data controller responsible for your personal data.

  • Company name: APPS 365 LTD
  • Registered address: 20-22 Wenlock Road, London, N1 7GU, England
  • Company number: 13955007
  • VAT number: GB 411473233
  • Email: info@apps365ltd.com
  • Telephone: +44 (0)20 3890 3026
  • Website: www.apps365ltd.com

3. What Data We Collect

We collect and process the following categories of personal data:

3.1 Account Information

When you register for the Service, we collect:

  • Your name and business name
  • Email address
  • Telephone number
  • Business address
  • Password (stored in hashed form only)

3.2 Call Data

When the Service handles calls on your behalf, we process:

  • Call recordings (audio files of conversations between callers and the AI receptionist)
  • Call transcripts (text versions of call conversations generated by our AI)
  • Caller telephone numbers
  • Call duration, date and time
  • Information provided by callers during calls (such as names, appointment requests and messages)

3.3 Business Configuration Data

To set up and customise the AI receptionist, we collect:

  • Business operating hours
  • Services offered and pricing information you provide
  • Frequently asked questions and answers you configure
  • Greeting scripts and call-handling preferences
  • Staff names and availability for appointment booking

3.4 Billing and Payment Data

  • Billing name and address
  • Payment card details (processed and stored securely by Stripe - we do not store full card numbers)
  • Transaction history and invoices
  • Subscription plan details

3.5 Usage and Technical Data

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and features used within the Service
  • Date and time of access
  • Referral source

4. How We Use Your Data

We use your personal data for the following purposes:

4.1 Service Delivery

  • To provide the AI phone receptionist service, including answering calls, booking appointments and responding to caller enquiries
  • To generate call transcripts and summaries
  • To send you notifications about calls, appointments and messages
  • To manage your account and provide customer support

4.2 AI Processing

  • To process speech-to-text and text-to-speech conversion during calls
  • To enable the AI to understand caller intent and respond appropriately
  • To improve the accuracy and quality of AI responses over time

4.3 Service Improvement

  • To analyse usage patterns and improve the Service
  • To develop new features and functionality
  • To monitor and ensure the quality of AI interactions
  • To identify and fix technical issues

4.4 Billing and Administration

  • To process subscription payments and manage billing
  • To send invoices and payment confirmations
  • To manage free trial periods

4.5 Communications

  • To send service-related communications (such as maintenance notices and security alerts)
  • To send marketing communications where you have given consent

4.6 Legal and Compliance

  • To comply with legal obligations
  • To establish, exercise or defend legal claims
  • To prevent fraud and ensure security of the Service

5. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

5.1 Performance of a Contract (Article 6(1)(b))

Processing that is necessary to provide you with the Service as set out in our Terms of Service, including:

  • Account registration and management
  • Call handling and AI receptionist functionality
  • Billing and payment processing
  • Customer support

5.2 Legitimate Interests (Article 6(1)(f))

Processing that is necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms, including:

  • Improving and developing the Service
  • Ensuring the security and integrity of the Service
  • Analysing usage patterns to enhance user experience
  • Internal record-keeping and administration

5.3 Consent (Article 6(1)(a))

Where we rely on your consent, you have the right to withdraw it at any time. This includes:

  • Marketing communications
  • Non-essential cookies

5.4 Legal Obligation (Article 6(1)(c))

Processing that is necessary to comply with a legal obligation, such as:

  • Tax and accounting requirements
  • Responding to lawful requests from public authorities

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Account data: Retained for the duration of your subscription and for 12 months after account closure, unless you request earlier deletion
  • Call recordings: Retained for 90 days from the date of the call, unless you configure a shorter retention period. You may delete individual recordings at any time
  • Call transcripts: Retained for the duration of your subscription and for 30 days after account closure
  • Billing and transaction data: Retained for 7 years as required by UK tax and accounting regulations
  • Usage and technical data: Retained for 12 months in identifiable form, then anonymised for statistical analysis
  • Marketing consent records: Retained for as long as you remain subscribed to marketing communications, plus 12 months

7. Third-Party Processors

We share your personal data with the following categories of third-party service providers who process data on our behalf:

7.1 Cloud Hosting and Infrastructure

We use cloud hosting providers to store and process data. Our hosting providers are required to keep your data secure and only process it as we instruct.

7.2 Payment Processing

We use Stripe to process payments securely. When you provide payment details, they are transmitted directly to Stripe's PCI DSS-compliant infrastructure. We do not store full credit or debit card numbers on our servers. You can review Stripe's privacy policy at stripe.com/gb/privacy.

7.3 AI and Voice Processing

We use third-party AI and voice processing services to power the speech recognition, natural language understanding and text-to-speech capabilities of the Service. Call audio is transmitted to these providers in real time during calls and is processed in accordance with our data processing agreements.

7.4 Telephony Providers

We use telephony providers to route and manage incoming calls. These providers may process caller telephone numbers and call metadata.

7.5 Email and Communications

We use email service providers to send transactional and marketing communications.

All third-party processors are bound by data processing agreements that require them to process your data only on our instructions, keep it secure and not use it for their own purposes.

8. International Data Transfers

Some of our third-party processors may transfer your data outside the United Kingdom. Where this occurs, we ensure that appropriate safeguards are in place, including:

  • Transfers to countries that the UK government has determined provide an adequate level of data protection
  • Standard contractual clauses approved by the Information Commissioner's Office (ICO)
  • International Data Transfer Agreements (IDTAs) or UK Addendums to EU Standard Contractual Clauses

You may request details of the safeguards we have in place by contacting us at info@apps365ltd.com.

9. Your Rights Under UK GDPR

You have the following rights in relation to your personal data:

9.1 Right of Access

You have the right to request a copy of the personal data we hold about you. We will respond to your request within one month.

9.2 Right to Rectification

You have the right to ask us to correct any inaccurate personal data or to complete any incomplete data we hold about you.

9.3 Right to Erasure

You have the right to ask us to delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected, or where you withdraw consent.

9.4 Right to Data Portability

You have the right to receive a copy of your personal data in a structured, commonly used and machine-readable format, and to transmit that data to another controller.

9.5 Right to Object

You have the right to object to the processing of your personal data where we are relying on legitimate interests as the legal basis, including profiling. You also have the absolute right to object to direct marketing at any time.

9.6 Right to Restriction of Processing

You have the right to ask us to restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or where you have objected to processing.

9.7 Rights Related to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. The AI receptionist provides information and books appointments but does not make automated decisions that produce legal effects.

9.8 How to Exercise Your Rights

To exercise any of these rights, please contact us at info@apps365ltd.com. We will respond to your request within one month. In certain circumstances, we may extend this period by a further two months where requests are complex or numerous - we will notify you if this is the case.

There is no fee for exercising your rights, though we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.

10. Cookies

Our website uses cookies and similar technologies. Cookies are small text files placed on your device when you visit our website.

10.1 Essential Cookies

These are necessary for the website to function and cannot be switched off. They include cookies that remember your login session and your preferences (such as dark mode).

10.2 Analytics Cookies

With your consent, we use analytics cookies to understand how visitors interact with the website. This helps us improve the Service. These cookies collect information in an anonymised form.

10.3 Managing Cookies

You can control and manage cookies through your browser settings. Please note that removing or blocking cookies may affect your user experience and some parts of the website may no longer be fully accessible.

11. Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and authentication requirements for staff
  • Regular security assessments and monitoring
  • Secure coding practices and code reviews
  • Incident response procedures

While we take all reasonable steps to protect your data, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.

12. Children's Privacy

The Service is designed for use by businesses and is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at info@apps365ltd.com and we will take steps to delete such information.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal requirements. We will notify you of any material changes by:

  • Posting the updated policy on our website with a revised effective date
  • Sending you an email notification if the changes are significant

We encourage you to review this policy periodically. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

14. Complaints

If you are unhappy with the way we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:

  • Website: ico.org.uk
  • Telephone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us first at info@apps365ltd.com.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

  • Email: info@apps365ltd.com
  • Telephone: +44 (0)20 3890 3026
  • Post: APPS 365 LTD, 20-22 Wenlock Road, London, N1 7GU, England