Privacy Policy

Last updated 9 June 2026

VoxAide (“VoxAide”, “we”, “us”) provides AI phone-screening and related voice software to employers and staffing teams. This policy explains what personal data we collect, how we use and share it, how we protect it, and the choices and rights you and the people we call have. It covers voxaide.co, our web application, and the phone calls placed through our platform.

For most candidate data, our customer (the employer or recruiter who runs a screen) is the controller and VoxAide is the processor acting on their instructions. For our own account, billing, and website data, VoxAide is the controller.

1. Information we collect

  • Account & organisation data — name, work email, organisation, role, and authentication data for the people who use VoxAide.
  • Candidate & contact data — for people our customers screen or call: name, email, phone number, the job applied for, and any details our customer adds or imports from their ATS.
  • Call recordings & transcripts — audio and transcript of the AI phone call, captured only after the person is told it is an AI and consents to being recorded.
  • Assessment data — the answers given, the AI-generated score, summary, and recommendation. Scores are advisory; a person makes every hiring decision.
  • Usage & technical data — log, device, and IP data needed to run, secure, and audit the service.
  • Billing data — subscription and payment status (card details are handled by our payment processor, not stored by us).

2. How we use it

  • To run AI phone screens and check-ins: place the call, hold the conversation, record it (with consent), and produce a transcript, score, and summary.
  • To provide the application — accounts, results, reporting, and integrations our customers choose to connect (e.g. their ATS).
  • To keep candidates informed and treated fairly: every call discloses that it is an AI and is recorded, and asks for consent before continuing.
  • To secure the service, prevent abuse, support customers, meet legal obligations, and produce decision/audit records.
  • To bill for the service.

We do not sell personal data, and we do notuse call recordings, transcripts, or candidate data to train our own or third parties’ general AI models.

3. AI disclosure, recording & consent

Before any screening conversation begins, the AI agent identifies itself as an AI, states the organisation and purpose of the call, and discloses that the call is recorded and transcribed for the hiring team to review. Consent is requested and recorded. If the person declines, the call ends and no screening questions are asked. The AI assesses what a person says against the role — never voice, accent, tone, video, or appearance.

4. How we share data (sub-processors)

We share personal data only with the service providers needed to run VoxAide, each under contract and for the purposes below:

  • Vercel — application hosting and delivery.
  • Supabase — database and authentication.
  • Fly.io — our self-hosted voice engine and the recording store.
  • Twilio — telephony (placing calls and SMS).
  • Anthropic / OpenAI — language-model scoring. Transcripts are sent identity-blind (the candidate’s name withheld) under no-training and zero/short-retention terms.
  • Integrations you connect — e.g. JobAdder. When a customer connects their ATS, we read the jobs and applicants they choose to screen and write the screening result back to the candidate’s record. See our integration data brief for the exact fields.

We also disclose data where required by law, to protect rights and safety, or as part of a business transfer. A current sub-processor list and Data Processing Addendum are available to customers on request.

5. How we protect it

  • In transit: TLS/HTTPS for every connection.
  • At rest: provider-level database encryption; stored third-party credentials (such as ATS OAuth tokens) are additionally encrypted with field-level AES-256-GCM.
  • Tenant isolation: row-level security on org-scoped data, so one customer can never see another’s.
  • Access control & audit: role-based access; access to the most sensitive data (recordings, transcripts) is logged in an append-only audit trail and can be restricted to admins. Recording links are short-lived and minted on demand behind authentication.

6. Retention & deletion

Customers set a retention window for their organisation. When a record passes that window, an automated sweep purges the transcript text and severs the recording reference (a legal-hold flag can exempt a record during a dispute). Account and billing data is kept while the account is active and for as long as needed to meet legal and accounting obligations. Customers and individuals can request deletion of personal data as described below.

7. Your rights

Depending on your location (including under the GDPR and similar laws), you may have the right to access, correct, delete, port, or restrict the processing of your personal data, and to object or withdraw consent. Because employers are usually the controller of candidate data, candidate requests are typically directed to the employer who ran the screen; we will assist them or act on a verified request. To exercise a right, contact us at the address below.

8. International transfers

Our providers may process data in countries other than yours. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

9. Cookies

We use only the cookies needed to sign you in and keep the application secure. We do not use advertising cookies.

10. Children

VoxAide is a workplace product and is not directed to children. We do not knowingly collect data from children.

11. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by the “last updated” date above and, where appropriate, notified to customers.

12. Contact

Questions or requests: privacy@voxaide.co. See also our Trust & compliance page and our Terms of Service.