Privacy Policy

1. Data We Collect

We collect the following categories of personal data:

1.1 Personal Information

• Your name and contact details (email, phone number, residence address)
• Company and organization information
• Your role within organizations (owner, manager, worker, customer, resident)

1.2 Web-Chat Widget Data

• Messages you type into the Renocount chat widget on a customer's website
• Any contact details you voluntarily provide in chat (e.g., name, email, phone number, address)
• Files or images you upload to the chat as attachments
• Conversation transcripts, AI tool/function-call traces, and session/visitor identifiers used to maintain conversation context
• Page/site context where the widget is loaded (e.g., referring URL, the customer organization the widget belongs to)

1.3 Calls Assistant Data (AI Phone Calls)

• Caller phone number (CLI), called number, call start/end time, duration, and routing decisions (e.g., business-hours forwarding to a human vs. AI handling)
• Real-time audio streamed from the call through Twilio Media Streams and processed by the OpenAI Realtime API for speech-to-speech responses
• Transcripts of the conversation and AI tool/function calls executed during the call
• Voicemail, follow-up email content, and other artifacts produced from the call (where enabled)

1.4 Email-Draft Data (Outlook / Gmail)

• OAuth 2.0 access and refresh tokens issued by Microsoft (Outlook/Exchange) or Google (Gmail) for the connected mailbox
• Inbound email content, headers, sender/recipient addresses, subject lines, and attachments that we read in order to generate a suggested reply
• Draft replies generated by Renocount and stored in your connected mailbox as drafts (we do not send emails on your behalf unless you explicitly approve)
• Mailbox metadata required to place drafts in the correct thread (message IDs, thread IDs, folder/label identifiers)

1.5 Knowledge / FAQ Source Data

• FAQ entries, documents, and other reference material that you (or your organization) upload or that we ingest from publicly accessible URLs you provide (e.g., via a web crawler) to ground the AI's responses
• Embeddings and indexed representations of that material used for retrieval

1.6 Technical Data

• IP address, browser type, device information, and language
• Website and widget usage and navigation patterns
• System logs, error reports, and audit logs of AI tool calls

2. Why We Process Your Data

We process personal data for the following purposes:

2.1 Web-Chat Widget

• Operating the embedded chat widget and answering visitor questions in real time
• Generating grounded responses from the customer's FAQ/knowledge base via OpenAI models
• Maintaining conversation state and history within a session, and across sessions where a visitor identifier is available
• Forwarding qualified leads, contact requests, or escalations to the customer organization (e.g., as an email notification via Resend)

2.2 Calls Assistant (AI Phone Calls)

• Receiving inbound calls through Twilio Voice and, depending on business-hours and routing rules, either forwarding the call to a human or handling it with the AI assistant
• Bridging the call's audio to the OpenAI Realtime API in order to understand the caller and respond in natural speech
• Transcribing the call, generating summaries, and triggering follow-up actions (e.g., creating an email draft, sending a confirmation, escalating to a human)
• Operating safety, abuse, and quality controls on the call flow

2.3 Email Drafts (Outlook / Gmail)

• Reading inbound emails in a connected Outlook (Microsoft Graph) or Gmail mailbox in order to propose a suggested reply
• Creating reply drafts in the same mailbox and thread, so a human can review, edit, and send them
• Sending transactional or notification emails on your behalf via Resend, only where you have configured this
• We do not auto-send emails to third parties from your mailbox without your approval; we do not use the contents of your mailbox for advertising or to train public AI models

2.4 AI Processing (Shared Across Workflows)

• Sending the minimum necessary content (messages, transcripts, email bodies, knowledge snippets) to OpenAI as our LLM sub-processor in order to generate responses, drafts, and tool calls
• Maintaining short-lived conversation context, tool/function-call traces, and audit logs
• Operating safety filters and rate limits

2.5 Service Improvement

• Analyzing aggregated usage patterns to improve platform functionality
• Enhancing AI conversation and routing capabilities
• Optimizing user experience and interface design

2.6 Legal and Business Operations

• Comply with legal obligations and regulations
• Establish and maintain business relationships
• Respond to inquiries and service requests
• Ensure platform security and prevent fraud

3. Legal Basis for Processing

We process your personal data based on:

• Contract performance: To fulfill our obligations when providing services, including processing service requests and delivering agreed functionality
• Legitimate interests: To respond to inquiries, operate and secure our services, support ongoing projects, and coordinate service routing data (balanced against your rights)
• Consent: When you voluntarily provide information through forms or communications (you may withdraw consent at any time)
• Legal obligation: To comply with applicable laws and regulations

4. Data from Third Parties

Connected email mailboxes: When you authenticate a mailbox via Microsoft (Outlook/Exchange, through the Microsoft Graph API) or Google (Gmail), we receive and process the mailbox content needed to read inbound messages and to create reply drafts. Access is based on OAuth 2.0 access and refresh tokens stored encrypted in our database; we never receive or store your account password. We do not use this data for advertising and we do not sell it. You can revoke access at any time from your Microsoft or Google account, which immediately revokes our tokens.

Telephony provider (Twilio): When a caller dials a phone number you have connected to Renocount, Twilio passes call signalling data (caller number, called number, timestamps) and the call's audio to us via webhooks and Twilio Media Streams.

Customer websites embedding the chat widget: When a visitor interacts with the chat widget on a Renocount customer's website, we receive the messages, attachments, and session metadata sent by that visitor as described in §1.2.

5. Sub-Processors and Third-Party Services

To deliver the web-chat widget, the AI calls assistant, and the email-draft workflows, we rely on the following sub-processors. We have a Data Processing Agreement (DPA) in place with each of them and, for transfers outside the EU/EEA, rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

A current and authoritative list of sub-processors is maintained as the "Sub-processor List" attached to our Terms of Service and is available on request. We will provide advance notice of material changes where required by the DPA.

6. Data Storage and Retention

Our primary application data store is Supabase, hosted in Stockholm (EU). Data is encrypted in transit (HTTPS/TLS) and at rest. Access is role-based and follows the least-privilege principle, with row-level security policies isolating each customer organization's data.

6.1 Data Retention Periods

• Web-chat transcripts & widget conversations: retained for up to 12 months after the conversation ends, then deleted or anonymized unless retained for an ongoing legal or contractual obligation
• Call audio (calls assistant): real-time audio is streamed and not persistently stored by default; where call recording is explicitly enabled by the customer, recordings are retained for up to 30 days unless a longer period is contractually agreed
• Call transcripts and metadata: retained for up to 12 months after the call
• Email content read from connected mailboxes & generated drafts: processed transiently to produce a draft; references and metadata kept for up to 12 months for audit and quality purposes; the source mailbox content remains in your Outlook/Gmail account under its own retention rules
• OAuth tokens (Outlook/Gmail): stored encrypted and retained until you disconnect the integration or revoke access from your Microsoft/Google account
• Knowledge base / FAQ source data: retained for as long as the integration is active or the source URL/document is configured
• Attachments & media (chat or email): retained for up to 24 months unless legal retention applies
• User accounts: retained until account deletion or 3 years of inactivity
• Technical and audit logs (including AI tool-call traces): retained for up to 12 months for security and debugging purposes

We may retain data longer if required by law, regulation, or legitimate business needs. You can request data deletion at any time, subject to legal obligations.

7. Data Sharing

We do not sell your personal data. We may share it:

• With the sub-processors listed in §5, who help us operate the web-chat, calls assistant, and email-draft workflows (under data protection agreements)
• With the customer organization that operates the chat widget, the phone number, or the connected mailbox you are interacting with (they are the data controller for that interaction)
• When required by law or to protect our legal rights
• With your explicit consent

8. Your Rights Under GDPR

Under the EU General Data Protection Regulation (GDPR) and Finnish Data Protection Act (Tietosuojalaki), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured format
• Object: Object to processing based on legitimate interests
• Withdraw consent: Where processing is based on consent
• Lodge a complaint: With the Finnish Data Protection Authority (Tietosuojavaltuutetun toimisto)

8.1 How to Make a Data Request

To exercise your rights (including data deletion), contact us at christian.ahlstrom@renocount.com. We will confirm receipt and respond within 30 days. We may request additional information to verify your identity.

9. Cookies, Local Storage and Analytics

The Renocount web-chat widget uses first-party local/session storage on the customer site (and, where applicable, a first-party cookie) to keep your conversation continuous across page navigations. We do not use cross-site tracking cookies and we do not run third-party advertising trackers inside the widget.

Our website may use cookies and similar technologies to:

• Ensure proper website functionality
• Analyze website usage (we aim to use aggregated or anonymized data where possible)
• Improve user experience

You can control cookie settings through your browser preferences. Where required, we obtain your consent via a cookie banner.

10. Updates to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

11. Automated Decision-Making and AI

The web-chat widget, the calls assistant, and the email-draft workflows use large language models to generate responses and reply drafts. These are assistive outputs:

• Email drafts are created as drafts in your mailbox; a human reviews and sends them
• The calls assistant can escalate to or transfer the call to a human, and (during business hours, where configured) inbound calls are routed to a human first
• Web-chat answers are returned in real time; visitors can always request a human follow-up

We do not make decisions producing legal or similarly significant effects on you that are based solely on automated processing, including profiling, within the meaning of Article 22 GDPR.

12. Data Protection and Security

We implement technical and organizational measures in accordance with Article 32 GDPR, including HTTPS/TLS encryption in transit and encryption at rest where applicable, encrypted storage of OAuth tokens, role-based access controls and row-level security in Supabase, least-privilege principles, secure development practices, audit logging of AI tool calls, and regular access reviews.

13. International Data Transfers

Our primary storage (Supabase) and hosting (Fly.io) are in the EU. Some sub-processors used in the web-chat, calls assistant, and email-draft workflows — in particular OpenAI, Twilio, Resend, Microsoft, and Google — may process data outside the EU/EEA. Where such transfers occur, we rely on appropriate safeguards, in particular the European Commission's Standard Contractual Clauses, together with the supplementary technical and organizational measures described in §12.

14. Processing Roles and Responsibilities

Depending on the service context, we may act either as:

• Data controller when we collect personal data directly for our own service purposes
• Data processor when acting on behalf of a client under documented instructions

When acting as a processor, we process data only under documented instructions of the controller and in accordance with a Data Processing Agreement.

15. Children’s Data

Our services are not directed to children. We do not knowingly collect personal data of individuals under 16. If you believe a child has provided personal data, please contact us so we can delete it.