Privacy Policy - Team-Connect AI Customer Service

1. Introduction

Welcome to Team-Connect, the AI-powered customer service platform. We are committed to protecting your privacy and ensuring transparency in how we collect, use, and protect your personal data.

This Privacy Policy explains how Team-Connect Limited ("we", "us", or "our") processes personal data in connection with our AI customer service platform, website, and related services.

🛡️ Our Privacy Commitment

We are fully compliant with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and the Data Protection Act 2018. Your privacy rights are our priority.

2. Data Controller

Team-Connect Limited is the data controller for the personal data we process. Our contact details are provided at the end of this policy.

📍 Company Information

🏢

Team-Connect Limited
Company Registration: 12345678
ICO Registration: ZA123456

3. Data We Collect

We collect different types of data depending on how you interact with our services:

3.1 Account Information

Name and contact details (email, phone number)
Business information (company name, industry, size)
Billing information (processed securely through Stripe)
Account preferences and settings

3.2 Technical Information

IP address and geolocation data
Browser type, version, and settings
Device information and operating system
Usage data and interaction patterns

3.3 Communication Data

Support tickets and correspondence
Feedback and survey responses
Marketing communication preferences

⚠️ Important: We never collect sensitive personal data such as health records, political opinions, or religious beliefs unless explicitly required for specific business use cases with your consent.

4. Voice & Call Data

As an AI voice platform, we process voice and call data as part of our core service:

4.1 Call Recordings

When using our AI customer service platform, calls may be recorded for:

Quality assurance and service improvement
Training our AI models for better accuracy
Compliance and legal requirements
Dispute resolution and customer support

4.2 Voice Data Processing

Data Type	Purpose	Retention Period	Legal Basis
Call Audio	AI training, quality assurance	12 months	Legitimate interests
Transcripts	Analytics, reporting	24 months	Contract performance
Call Metadata	Service delivery, billing	36 months	Contract performance
Customer Phone Numbers	Call routing, analytics	24 months	Legitimate interests

✅ Your Control: You can request deletion of your voice data at any time by contacting our support team. We provide tools in your dashboard to manage call recording preferences.

5. How We Use Your Data

We use your personal data for the following purposes:

5.1 Service Delivery

Providing AI customer service functionality
Processing and routing phone calls
Account management and billing
Customer support and troubleshooting

5.2 Service Improvement

Analyzing usage patterns to improve our AI
Developing new features and capabilities
Performance monitoring and optimization
Security monitoring and threat detection

5.3 Communication

Service updates and notifications
Marketing communications (with consent)
Legal and regulatory communications
Customer satisfaction surveys

5.4 Legal Compliance

Compliance with legal obligations
Fraud prevention and detection
Regulatory reporting requirements
Law enforcement requests (when legally required)

6. Legal Basis for Processing

Under GDPR, we must have a legal basis for processing your personal data. We rely on the following legal bases:

Processing Activity	Legal Basis	Explanation
Service delivery	Contract performance	Necessary to provide our AI services
AI training & improvement	Legitimate interests	Improving service quality and accuracy
Marketing communications	Consent	Only with your explicit permission
Legal compliance	Legal obligation	Required by law or regulation
Security monitoring	Legitimate interests	Protecting our systems and users

7. Third-Party Services

We work with trusted third-party providers to deliver our services. All providers are carefully selected and meet our strict privacy standards:

7.1 Essential Service Providers

Provider	Service	Data Shared	Location
Google (Firebase)	Cloud hosting & database	Account data, call metadata	EU/UK regions
Twilio	Voice communication platform	Call audio, phone numbers	EU/US (adequacy decision)
OpenAI	AI processing engine	Voice transcripts (anonymized)	US (adequacy decision)
Stripe	Payment processing	Billing information	EU/US (adequacy decision)
ElevenLabs	Voice synthesis	Text for voice generation	EU/UK regions

🔐 Data Processing Agreements: All third-party providers have signed Data Processing Agreements (DPAs) that ensure GDPR compliance and implement appropriate technical and organizational measures.

7.2 Analytics and Marketing

Google Analytics: Website usage analytics (anonymized)
Mailchimp: Email marketing (with consent only)
Intercom: Customer support and communication
Hotjar: User experience analytics (anonymized)

8. Data Storage & Security

We implement industry-leading security measures to protect your data:

8.1 Security Measures

Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Control: Role-based access with multi-factor authentication
Infrastructure: Cloud services with SOC 2 Type II compliance
Monitoring: 24/7 security monitoring and threat detection
Backups: Encrypted backups with geographic redundancy
Auditing: Regular security audits and penetration testing

8.2 Data Location

Your data is primarily stored in:

Primary: European Union (Frankfurt, Germany)
Backup: United Kingdom (London)
CDN: Global edge locations for performance

✅ UK/EU Data Residency: We ensure your data remains within UK/EU jurisdictions wherever possible, with appropriate safeguards for any necessary transfers.

8.3 Data Breach Response

In the unlikely event of a data breach:

We will notify supervisory authorities within 72 hours
Affected individuals will be notified without undue delay
We will take immediate steps to contain and remedy the breach
A full investigation will be conducted and reported

9. Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this policy:

Data Category	Retention Period	Reason
Account information	Duration of service + 12 months	Contract performance, legal obligations
Call recordings	12 months	Quality assurance, AI training
Call transcripts	24 months	Analytics, service improvement
Billing data	7 years	Legal and tax obligations
Support communications	36 months	Service support, legal compliance
Marketing data	Until consent withdrawn	Consent-based processing
Website analytics	26 months	Business analytics, improvement

⏰ Automated Deletion: Our systems automatically delete data when retention periods expire, ensuring we don't hold your data longer than necessary.

10. Your Rights Under GDPR

You have the following rights regarding your personal data:

10.1 Right to Information

You have the right to know what personal data we process and how we use it (this policy provides that information).

10.2 Right of Access

You can request a copy of all personal data we hold about you. We will provide this within one month of your request.

10.3 Right to Rectification

You can ask us to correct any inaccurate or incomplete personal data we hold about you.

10.4 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances, including:

The data is no longer necessary for the original purpose
You withdraw consent (where consent was the legal basis)
The data has been unlawfully processed
Deletion is required for legal compliance

10.5 Right to Restrict Processing

You can ask us to temporarily stop processing your data in certain situations.

10.6 Right to Data Portability

You can request your data in a machine-readable format to transfer to another service provider.

10.7 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes.

10.8 Rights Related to Automated Decision-Making

You have rights regarding automated decision-making and profiling. Our AI system:

Does not make automated decisions that significantly affect you
Provides human oversight for all AI interactions
Allows you to request human intervention in AI responses

🚀 Exercising Your Rights

To exercise any of these rights, contact us using the details below. We will respond within one month and may ask for identification to protect your privacy.

No fees: Exercising your rights is free, though we may charge for excessive or repetitive requests.

10.9 Right to Complain

If you're unhappy with how we handle your data, you can complain to:

UK: Information Commissioner's Office (ICO) - ico.org.uk
EU: Your local data protection authority

11. Cookies and Tracking

We use cookies and similar technologies to enhance your experience and analyze usage:

11.1 Essential Cookies

These are necessary for the website to function and cannot be disabled:

Authentication: Keep you logged in securely
Security: Protect against fraud and attacks
Preferences: Remember your settings and choices

11.2 Analytics Cookies

Help us understand how our website is used (with your consent):

Google Analytics: Anonymized usage statistics
Hotjar: User experience analytics
Performance monitoring: Page load times and errors

11.3 Marketing Cookies

Used for targeted advertising and marketing (with your consent):

Google Ads: Conversion tracking
Facebook Pixel: Social media advertising
LinkedIn Insight: Professional network advertising

🍪 Cookie Control: You can manage your cookie preferences through our cookie banner or browser settings. Disabling certain cookies may affect website functionality.

11.4 Do Not Track

We respect Do Not Track signals and will not track users who have enabled this setting.

12. International Data Transfers

Some of our service providers are located outside the UK/EU. We ensure adequate protection through:

12.1 Adequacy Decisions

We transfer data to countries with adequacy decisions from the UK/EU:

United States: For providers covered by adequacy frameworks
Switzerland: Cloud infrastructure services
Canada: Analytics and support services

12.2 Standard Contractual Clauses

For other transfers, we use EU/UK Standard Contractual Clauses approved by regulators.

12.3 Specific Safeguards by Provider

Provider	Location	Safeguard
Google (Firebase)	US	Adequacy decision + DPA
Twilio	US	Adequacy decision + SCCs
OpenAI	US	Standard Contractual Clauses
Stripe	US	Adequacy decision + DPA

13. Privacy Policy Updates

We may update this Privacy Policy to reflect changes in our practices or legal requirements:

Notice: We'll notify you of significant changes via email or dashboard notification
Effective Date: Changes take effect 30 days after notification
Version History: Previous versions are available upon request
Continued Use: Using our services after changes indicates acceptance

📅 Version Control:
Current Version: 3.2
Last Updated: January 21, 2025
Previous Update: October 15, 2024

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

📧 Data Protection Officer

📧

Email:
privacy@team-connect.co.uk
dpo@team-connect.co.uk

📞

Phone:
+44 (0) 161 524 8417
Mon-Fri, 9 AM - 5 PM GMT

📍

Postal Address:
Data Protection Officer
Team-Connect Limited
7 Chelford Road
Handforth, SK9 3SQ
United Kingdom

🆔

ICO Registration:
ZA123456
Company Number:
12345678

✅ Response Time: We aim to respond to all privacy-related inquiries within 48 hours and will resolve requests within one month as required by GDPR.

14.1 Supervisory Authorities

You also have the right to contact supervisory authorities:

UK: Information Commissioner's Office (ICO)
Website: ico.org.uk | Phone: 0303 123 1113
EU: Your local data protection authority
Find your authority: ec.europa.eu/justice/data-protection