Floxela ("we," "us," or "our") is committed to protecting the privacy and personal data of our clients and the individuals who interact with our AI-powered services. This Privacy Policy explains what personal data we collect, how we use it, the lawful bases for processing, who we share it with, and the rights available to data subjects.
1. Who We Are
Floxela provides AI-powered virtual receptionist and call-handling services to businesses. For the purposes of UK and EU data protection law, Floxela is a data controller in relation to personal data collected directly from clients and website visitors, and a data processor in relation to personal data processed on behalf of clients.
Contact: [email protected]
2. Personal Data We Collect
2.1 Information You Provide Directly
- Account information: name, business name, email, phone, billing address
- Payment information: processed securely by third-party payment processors
- Service configuration data: scripts, FAQs, business information
- Communications: messages, support requests, and feedback
2.2 Information Collected Automatically
- Technical data: IP address, browser, device information, operating system
- Usage data: pages visited, features used, call volumes, session duration
- Cookies and similar technologies
2.3 Information Processed on Behalf of Clients
When End Users interact with the AI through a client's configured Service, we may process caller names, phone numbers, contact details, call recordings and transcripts (where enabled), booking information, and metadata such as call duration and outcome. In these cases, the client is the data controller and Floxela acts as the data processor.
3. How We Use Personal Data
- To provide, operate, and maintain the Services
- To process payments and manage subscriptions
- To configure and improve the AI for the client's business
- To respond to support requests
- To monitor performance, prevent fraud, and ensure security
- To comply with legal, regulatory, and contractual obligations
4. Lawful Bases for Processing
- Contract: to deliver the Services the client has subscribed to
- Legitimate interests: to operate, secure, and improve our business
- Legal obligation: to comply with tax, accounting, and regulatory requirements
- Consent: where required by law, for example for certain marketing communications
5. Call Recording and AI Processing
Where calls are recorded or transcribed, the client is responsible for ensuring all required disclosures and consents are obtained from End Users in accordance with applicable law. Floxela processes such recordings solely on the client's instructions and only for the purposes of providing, improving, and securing the Services.
6. Sharing of Personal Data
- Service providers and sub-processors (cloud hosting, telephony, AI infrastructure, payment processing)
- Professional advisers under duties of confidentiality
- Authorities where required by law or valid legal process
- Business transfers (merger, acquisition, or sale of assets) with appropriate protections
We do not sell personal data.
7. International Transfers
Personal data may be transferred to countries outside the UK or EEA. Where such transfers occur, we put appropriate safeguards in place, such as the UK International Data Transfer Agreement or EU Standard Contractual Clauses.
8. Data Retention
- Account and billing records: up to seven (7) years after termination
- Call recordings and transcripts: per the client's configured retention period
- Marketing data: retained until consent is withdrawn
9. Data Security
We implement appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and regular security reviews.
10. Your Rights
- Right of access: to request a copy of your personal data
- Right to rectification: to correct inaccurate data
- Right to erasure: to request deletion in certain circumstances
- Right to restriction: to limit how we process your data
- Right to data portability: to receive your data in a structured format
- Right to object: to processing based on legitimate interests or for direct marketing
- Right to withdraw consent: where processing is based on consent
- Right to lodge a complaint: with the UK Information Commissioner's Office (ICO) at ico.org.uk
To exercise any of these rights, please contact [email protected].
11. Cookies
Our website uses cookies and similar technologies. You can control cookies through your browser settings.
12. Children's Privacy
The Services are intended for use by businesses and are not directed at children under 16. We do not knowingly collect personal data from children.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated to clients by email.
14. Contact Us
If you have any questions, please contact: