Privacy Policy

0Privacy Policy

This Privacy Policy describes how HuskyVoiceAI (a product from AppEQ) ("Company," "we," "us," or "our") collects, uses, discloses, and protects personal data when you visit our website, use our services, or otherwise interact with us. This Privacy Policy applies to our website and related pages (the "Site"), and our voice automation platform and related services (the "Services").

1Scope

This Privacy Policy applies to personal data we collect:
• Through the Site (including pages, forms, and marketing campaigns)
• Through the Services (including call workflows, recordings, transcripts, and analytics)
• Through support channels (email, chat, phone)
• Through offline interactions where relevant (e.g., sales calls)
This policy does not cover third-party websites or services that may be linked from our Site.

2Key Definitions

"Personal Data": any data relating to an identifiable individual.
"Customer": the organization or person subscribing to the Services.
"End Users / Callers": individuals who call or are called using a Customer's configured voice workflows.
"Customer Data": data submitted to or generated in the Services (e.g., call metadata, transcripts, recordings).

3What We Collect

A) Information you provide to us

Account & profile details: name, email, password, company, role, phone number (if provided)
Billing/contact details: billing contact name, email, company details
Support communications: emails, chats, tickets, and information shared during support interactions
Forms and enquiries: contact forms, demo requests, newsletter signups

B) Information processed through the Services (voice & workflow data)

Depending on Customer configuration, the Services may process:

Phone numbers (caller/callee)
Call metadata (time, duration, call status, routing)
Voice recordings (if enabled by Customer)
Transcripts (if enabled by Customer)
Workflow data (agent prompts, routing rules, outcomes, tags)
Integration data (if connected to Customer systems)

Important: For most enterprise usage, the Customer controls what is collected and how it is used, including what the AI agent asks, records, or stores.

C) Information collected automatically on the Site

Device/browser data: IP address, browser type, operating system, device identifiers
Usage data: pages visited, time spent, clicks, scroll depth, referral source
Approximate location: inferred from IP (city/region-level, not precise)

4Cookies, Pixels & Tracking Technologies

We use cookies and similar technologies for:

Site functionality and preferences
Analytics and performance measurement
Marketing and advertising attribution
Retargeting (where permitted by your settings)

Tools we use

Google Analytics (site analytics)
Meta Pixel (ad conversion tracking/retargeting)
LinkedIn Insight Tag (ad conversion tracking/retargeting)
Zoho (lead capture/CRM workflows for enquiries and sales follow-up)

Your choices

We provide a cookie banner/consent manager that allows you to manage non-essential cookies. You can also control cookies via your browser settings, though some site features may not work properly. For more information, see our Cookie Policy.

5How We Use Personal Data

A) Service delivery

Provisioning accounts and enabling platform functionality
Running voice workflows (inbound/outbound, routing, transcription, etc.)
Customer support and troubleshooting

B) Communications

Responding to enquiries
Sending administrative messages (account, security, product updates)
Support communications

C) Marketing (where permitted)

Sending newsletters or product announcements (you can opt out)
Measuring ad campaign performance and improving targeting

D) Security & compliance

Preventing fraud, abuse, and unauthorized access
Monitoring and investigating incidents
Enforcing terms and acceptable use policies

E) Legal obligations

Complying with lawful requests and applicable regulations
Resolving disputes and enforcing agreements

6Call Recording & Support Call Recording

A) Calls handled by Customer voice agents

Customers may enable call recording and transcription. Customers are responsible for providing legally required notices and obtaining consents based on their jurisdiction and use case.

B) Our support calls

We may record support calls (e.g., onboarding or troubleshooting) for quality, training, and support purposes. Where required, we will provide notice at the start of the call or via the scheduling/meeting context.

7AI Processing & Cross-Border Processing

By default, primary customer data is hosted in India.
Certain features (such as real-time AI inference) may involve controlled, transient processing of transcripts or request-response data outside India, depending on provider configuration and the services used.
We do not use Customer Data to train public AI models without explicit agreement.
We use contractual safeguards and vendor obligations to protect Customer Data.

8How We Share Personal Data

A) Service providers (sub-processors)

We use vetted vendors to help operate the Site and Services, such as:

Cloud hosting and storage providers
Telecom routing providers
AI inference providers
Monitoring/security providers (where applicable)

For transparency, we maintain a Sub-Processor List available on our Trust/Compliance pages.

B) Business transfers

If we undergo a merger, acquisition, restructuring, or sale, personal data may be transferred as part of that transaction (subject to safeguards).

C) Legal requirements

We may disclose data where required to comply with law, court orders, lawful government requests, or to protect rights and safety.

D) With consent

We may share data when you explicitly consent.

We do not sell personal data.

9Data Retention

We retain personal data only as long as necessary to:

Provide Services
Maintain security and prevent abuse
Comply with legal obligations
Resolve disputes and enforce agreements

Termination retention (Customer Data)

Upon account termination:

Customer Data is deleted from primary systems within 60 days
Backups are purged within 90 days
Retention may be extended if required by law or due to a legal hold

For details, refer to our Data Retention Policy.

10Your Rights & Choices

Depending on your jurisdiction and applicable law, you may have rights to: (a) Access your personal data, (b) Correct inaccurate data, (c) Request deletion (subject to legal/operational requirements), (d) Request a copy of your data (portability where applicable), (e) Opt out of marketing emails, (f) Manage cookies via our consent manager. If you are an end user/caller interacting with a Customer's agent, your request may need to be routed through the relevant Customer (as they control the workflow and lawful basis).

11Your Rights: Data Principal Rights Under DPDP Act, 2023

Under the Digital Personal Data Protection (DPDP) Act, 2023, you have the following rights:

1. Right to Access

You can request a summary of the personal data that HuskyVoiceAI is processing about you, including the purpose of processing, categories of personal data, duration of retention, and other relevant details. Submit a request to privacy@huskyvoice.ai.

2. Right to Correction/Update

If your personal data is inaccurate, incomplete, or outdated, you can request that we correct, complete, or update it. We will make the correction and inform you within 30 days or provide a reason for refusal if it is not feasible or lawful.

3. Right to Erasure (Deletion)

You can request deletion of your personal data, subject to legal and contractual retention obligations. For example, we may retain data if required by law, for dispute resolution, or to maintain service integrity. Upon termination of your account, Customer Data is deleted within 60 days, with backups purged within 90 days. For details, refer to our Data Retention Policy.

4. Right to Grievance Redressal

If you believe your privacy rights have been violated, you can raise a grievance with HuskyVoiceAI. Contact us at privacy@huskyvoice.ai. We will investigate and respond within 30 days. You also have the right to lodge a complaint with the Data Protection Board (DPB), if established.

5. Right to Withdraw Consent

Where processing is based on your consent (e.g., marketing communications or optional analytics), you can withdraw that consent at any time. Withdrawal will not affect the legality of processing done before withdrawal. You can manage your preferences through your account settings or by contacting us.

6. Right to Nominate

Under DPDP, you have the right to nominate another person to exercise your Data Principal rights in the event of your death or incapacity, where applicable. Please contact us at privacy@huskyvoice.ai to discuss nomination arrangements.

Important: Data Fiduciary vs. Data Processor

If you are an End User or Caller who interacted with a Customer's voice workflow (e.g., you called a clinic, hospital, business, or organization using HuskyVoiceAI):

The Customer (clinic, hospital, employer, business) is typically the Data Fiduciary — they determine the purpose and decide what information to collect and how to use it.
HuskyVoiceAI is the Data Processor — we process data on the Customer's behalf, following their instructions.
Your Data Principal rights request (access, correction, deletion, grievance) should initially be directed to the relevant Customer, as they control your data and lawful basis.
If the Customer does not respond or you need assistance, you may contact HuskyVoiceAI at privacy@huskyvoice.ai, and we will assist in routing your request to the appropriate Data Fiduciary.

How to Exercise Your Rights

To submit a Data Principal rights request:

Send a clear request to privacy@huskyvoice.ai specifying which right you wish to exercise.
Include sufficient information to identify yourself (e.g., phone number, email, account ID, or the organization that initiated the workflow).
HuskyVoiceAI will verify your identity and respond within 30 days, or provide a reason for any extension or refusal.
If we are the Data Processor and cannot fulfil your request independently, we will route it to the relevant Data Fiduciary.

12DPDP Act Readiness for Indian Customers

HuskyVoiceAI supports customers in meeting DPDP obligations. For customer-configured voice workflows, the customer is typically the Data Fiduciary and HuskyVoiceAI is the Data Processor. Customers are responsible for determining lawful purpose, consent/notice language, and call workflow configuration. HuskyVoiceAI supports consent capture, retention controls, audit logs, deletion support, subprocessors transparency, and breach support. Data Principal requests from callers may need to be routed to the relevant customer. For a comprehensive overview of our DPDP readiness, see our <a href="/dpdp" className="text-[#7B5CDC] hover:underline">DPDP Act readiness page</a>.

13Healthcare and Patient Communication Data

HuskyVoiceAI may process appointment details, phone numbers, call recordings, transcripts, follow-up status, and information voluntarily shared by callers.Although DPDP does not separately define “sensitive personal data,” HuskyVoiceAI treats health-related communication data as high-sensitivity personal data.Customers should configure workflows to collect only necessary information.Avoid collecting clinical diagnosis or treatment data unless necessary for the workflow.Consent/notice should be provided before recording/transcription where required.

14Customer Notice and Consent Responsibilities

Customer is responsible for determining the lawful purpose and, where applicable, providing appropriate notice and obtaining valid consent from Data Principals, including callers and call recipients, for the configured voice workflows, call recording, transcription, follow-up communication, and integrations. Processor will provide reasonable technical support, logs, configuration options, and deletion/export assistance to help Customer meet such obligations.

15Security

We implement reasonable technical and organizational safeguards to protect personal data, including encryption, access controls, monitoring, and auditability. No system can be guaranteed 100% secure, but we continuously improve our security posture. Please see our Security page for an overview of our security practices.

16International Data Transfers

Where personal data is processed across borders (for example, via AI inference providers), we take steps to implement contractual and technical safeguards appropriate to the nature of processing. Primary data hosting remains region-aligned as configured (India by default).

17International & GDPR Notice (EU/UK)

Our primary data hosting is in India. Certain services may involve controlled, transient cross-border processing (e.g., AI inference) depending on configuration. If you are located in the EEA/UK (or where GDPR applies), please review our GDPR Privacy Addendum, which supplements this Privacy Policy and describes GDPR legal bases, rights, and international transfer safeguards.

18Children's Privacy

Our Site and Services are not intended for children under 18, and we do not knowingly collect personal data from children. If we learn we have collected such data, we will delete it. Our Services are not intended for direct use by children. For India DPDP purposes, a child means an individual below 18 years of age. Where a Customer uses HuskyVoiceAI in workflows involving children, such as pediatric appointments or school-related calls, the Customer is responsible for ensuring verifiable parental or lawful guardian consent where required. HuskyVoiceAI can support customer-configured notices, consent capture, and retention controls for such workflows.

19Updates to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date indicates the latest revision. Continued use of the Site/Services after changes means you accept the updated policy.

20Contact Us

For privacy inquiries or to exercise your rights: privacy@huskyvoice.ai
For data processing / DPA-related questions: dpa@huskyvoice.ai
For general support: support@huskyvoice.ai