Privacy Policy

1. Introduction

Ringlo Labs Inc. ("Ringlo", "we", "us") operates the Ringlo AI phone agent platform (the "Service"). This Privacy Policy explains what personal data we collect, why, how we use it, and the choices you have. By creating a Ringlo account or using the Service, you agree to this Policy.

2. Data we collect

• Account data: name, company, email, hashed password, login provider identifiers.
• Call data: audio recordings, transcripts, caller phone numbers, timestamps, language, duration, outcomes, and structured fields you configure (names, appointment slots, addresses, etc.).
• Configuration: assistants, voices, knowledge documents, phone numbers, business hours, and integrations.
• Billing: company name, billing address, tax ID, and payment method tokens held by our payment processor (Stripe). We do not store full card numbers.
• Usage & device: IP address, user-agent, console pages visited, feature events, error logs.
• Cookies: strictly-necessary cookies for sign-in and CSRF, plus optional analytics where consent applies.

3. How we use data

• Provide the Service — answer calls, transcribe, follow your playbook, write to your CRM/calendar.
• Authenticate you and secure your account.
• Improve quality (e.g. evaluating assistant performance on your own calls). We do not use your customers' call content to train foundation models.
• Bill, prevent abuse, comply with law.
• Send service notices and — only with opt-in — product newsletters.

4. Legal bases (GDPR)

We process data on the bases of (a) performance of a contract (running your account and answering calls), (b) legitimate interests (security, fraud prevention, product analytics), (c) legal obligation (tax, accounting), and (d) consent (marketing emails, optional cookies). You can withdraw consent at any time.

5. Sharing & subprocessors

We do not sell personal data. We share it with vetted subprocessors strictly to run the Service:

• Cloud hosting, database, and auth (managed cloud backend).
• Telephony carriers for inbound/outbound calls.
• Speech-to-text, text-to-speech, and large-language-model providers, under data-processing agreements that prohibit training on your content.
• Stripe for payments.
• Email delivery for transactional messages.

A current subprocessor list is available on request at privacy@ringlo.com.

6. International transfers

Ringlo operates globally. Where data leaves your region (e.g. EU → US), we rely on Standard Contractual Clauses and the EU-US Data Privacy Framework where applicable.

7. Retention

Call recordings and transcripts: 90 days by default, configurable per workspace (7 days minimum, 365 days maximum). Account & billing records: for the life of the account plus the period required by tax law. You can request earlier deletion of specific calls or your entire account at any time.

8. Your rights

Depending on where you live, you may have the right to access, correct, export, delete, or object to processing of your personal data. Email privacy@ringlo.com and we will respond within 30 days. You also have the right to complain to your local supervisory authority.

9. Security

Data in transit is encrypted with TLS 1.2+. Data at rest is encrypted with AES-256. Access is role-based and audit-logged. We run vulnerability scans on every deployment and are pursuing SOC 2 Type II.

10. Children

Ringlo is a B2B service and is not directed at children under 16. We do not knowingly collect data from children.

11. Changes

We will post material updates here and notify account admins by email at least 14 days before they take effect.

12. Contact

Ringlo Labs Inc. — privacy@ringlo.com.