Privacy Policy

AudioConcierge is a product of restsiz.ai. We provide AI-powered WhatsApp receptionist services to small and medium businesses worldwide. Our registered operations are based in Ireland and we are subject to EU data protection law including the General Data Protection Regulation (GDPR).

Contact: privacy@restsiz.ai

We collect and process data for the following purposes:

• Providing the AudioConcierge service (contract performance)
• Processing and confirming bookings on your behalf
• Sending booking notification emails to business owners
• Improving the accuracy and performance of our AI
• Billing and subscription management
• Responding to support requests

All data is stored in Supabase EU West (Ireland) — physically within the European Union. We use industry-standard encryption in transit (TLS) and at rest. Access is restricted to authorised personnel only.

We retain conversation data for 12 months from the date of the last message. Booking records are retained for 7 years for accounting purposes. You may request deletion at any time.

We share data with the following sub-processors to deliver our service:

• Twilio — WhatsApp message delivery (USA, SCCs in place)
• OpenAI — AI processing and voice transcription (USA, SCCs in place)
• Google — Calendar integration (EU data processing option enabled)
• Stripe — Payment processing (EU servers available)
• Resend — Email delivery (USA, SCCs in place)
• Vercel — Application hosting (EU region)

Standard Contractual Clauses (SCCs) are in place for all processors outside the EU.

AudioConcierge.ai's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

• We only request access to Google Calendar data that is necessary to provide our AI receptionist service.
• We use Google Calendar data solely to check availability and create/manage appointments on behalf of the business owner.
• We do not use Google Calendar data to serve advertising or for AI/ML model training.
• We do not sell, transfer, or share Google Calendar data with third parties except as necessary to provide our service.
• We store Google Calendar credentials securely and only retain them for as long as the business account is active.

If you are located in the EU or UK, you have the following rights:

• Access — request a copy of your personal data
• Rectification — correct inaccurate data
• Erasure — request deletion of your data ("right to be forgotten")
• Portability — receive your data in a machine-readable format
• Objection — object to processing based on legitimate interests
• Restriction — request restriction of processing

To exercise any right, email privacy@restsiz.ai. We will respond within 30 days.

We use only essential cookies required for authentication and session management. We do not use advertising or tracking cookies. We do not display ads.

Business customers who require a Data Processing Agreement (DPA) for GDPR compliance may request one by emailing privacy@restsiz.ai.

We may update this policy from time to time. We will notify customers of material changes by email at least 14 days before they take effect.

For privacy questions: privacy@restsiz.ai

If you are unsatisfied with our response, you have the right to lodge a complaint with the Irish Data Protection Commission (DPC) at dataprotection.ie.