Privacy Policy

When We Collect Data

We collect personal data when you call an auto service center using AutoIntelligent's AI phone agent. You speak with an AI assistant who helps handle your service request.

You will be informed at the start of the call that you are speaking with an AI assistant and that your call is processed digitally.

What Data We Collect

Information you provide:

• Your name
• Your phone number (automatically registered via the call)
• Your email address (if you provide it)
• Information about your vehicle (make, model, year, license plate)
• Description of your service request
• Preferred booking time

Information generated automatically:

• Call transcription (speech converted to text)
• Call time and duration
• Call metadata

We do not collect sensitive personal data (health information, political beliefs, religious beliefs, etc.).

How We Process Your Data

Your call is processed by multiple technical systems to deliver a good service experience:

1. Telephony — Your call is received via an EU-based phone connection
2. Transcription — Your speech is converted to text in real-time
3. AI Understanding — A language model analyzes your request and generates a response
4. Speech Generation — The AI assistant's response is converted to speech
5. Customer Lookup — Existing information is looked up to provide better service
6. Booking/Notification — Your information is sent to the service center

All systems are subject to strict security requirements and data processing agreements.

Legal Basis

• Art. 6.1.b — Performance of Contract: When you book a service, we process your data to fulfill the contract for servicing your vehicle.
• Art. 6.1.f — Legitimate Interest: We have a legitimate interest in handling your request efficiently and ensuring high service quality.

Who We Share Your Data With

The service center receives your information and your service request so they can help you.

Additionally, we use the following data processors:

Service	Purpose	Location
Vapi.ai	AI phone platform	USA *
Deepgram	Speech-to-text	USA *
ElevenLabs	Text-to-speech	USA *
Anthropic	AI language model	USA *
GatewayAPI.eu	SMS sending	Denmark
Baserow	Customer database	Netherlands (EU)
Telnyx	Telephony	Germany (EU)

* For transfers to the USA, we use the EU Commission's Standard Contractual Clauses (SCC) and have conducted Transfer Impact Assessments. ElevenLabs and Telnyx are certified under the EU-US Data Privacy Framework (DPF). We never sell your data.

Retention Periods

Data Type	Retained For
Call recordings and transcriptions	30 days
Call summary	90 days
Call metadata	90 days
Customer information (name, phone, email, vehicle)	Active customer: no expiration. Deleted after 24 months without contact
Booking data	24 months
SMS communication	90 days
Billing data	5 years (Accounting Act)

Your Rights

Transfers Outside the EU

Some of our data processors are located in the USA. We only transfer data with appropriate security safeguards:

• EU-US Data Privacy Framework (DPF) — ElevenLabs (ID: 9996) and Telnyx (ID: 8692) are DPF-certified service providers
• Standard Contractual Clauses (SCC) — EU Commission's standard contract terms (version June 4, 2021)
• Transfer Impact Assessments (TIA) — Risk assessment for each US-based service
• Supplementary Measures — Encryption, data minimization, and short retention periods

The overall risk assessment is low to moderate, as the processed data concerns vehicle servicing and is not of interest to foreign authorities.

Automated Decision Making

Our AI phone agent does not make automated decisions with legal effects for you (per Art. 22). The AI assistant collects information and forwards it to service center staff, who make final decisions.

Security

• Encryption of all data transmission (TLS)
• Access control with API keys and SSH
• Automatic data deletion after retention period
• EU hosting of customer database and automation platform
• Regular review of security measures

Right to Lodge a Complaint

Contact Us