Privacy Policy

Voco Private Limited ("Voco", "we", "our", or "us") is incorporated in Singapore. We operate an AI-powered receptionist platform for home service businesses accessible at voco.live.

This Privacy Policy explains how we collect, use, disclose, and protect personal data in accordance with Singapore's Personal Data Protection Act 2012 (PDPA). By using our services, you consent to the practices described below.

1. Data We Collect

From business owners (subscribers)

• Account data — name, email address, business name, trade type, business address, and phone number provided during sign-up and onboarding.
• Billing data — payment method details processed by Stripe. We do not store full card numbers.
• Configuration data — working hours, service zones, escalation contacts, and calendar credentials you provide to configure the AI receptionist.
• Usage data — call logs, appointment records, lead records, and analytics generated through your use of the platform.

From callers (your customers)

• Call data — name, phone number, service address, and job description shared during an AI-answered call.
• Call recordings and transcripts — recordings of calls handled by the AI receptionist. Callers are informed of recording at the start of each call.
• Appointment data — booking details created during a call, including date, time, and service address.

Automatically collected

• Log data — IP address, browser type, pages visited, and timestamps when you access our website or dashboard.
• Cookies — session cookies required for authentication. We do not use advertising or third-party tracking cookies.

2. How We Use Your Data

• Provide and operate the AI receptionist service, including answering calls, booking appointments, and sending notifications.
• Process billing and manage your subscription through Stripe.
• Send transactional emails (lead alerts, booking confirmations, account notifications) via Resend.
• Sync appointments with connected Google or Outlook calendars at your direction.
• Improve service quality, diagnose errors, and monitor platform performance.
• Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal data or your customers' personal data to any third party.

3. Third-Party Service Providers

We share data with trusted third-party sub-processors solely to operate the platform. These providers handle functions such as database hosting, authentication, telephony, AI processing, payment processing, email delivery, calendar synchronisation, error monitoring, and application hosting. Each sub-processor is bound by data processing agreements and their own privacy policies.

Some of our service providers are based outside Singapore. By using our services, you consent to the transfer of your data to these providers in accordance with the PDPA's cross-border transfer obligations.

For a full list of our sub-processors, please contact us at support@voco.live.

4. Call Recordings and AI Processing

The Voco AI receptionist records and transcribes inbound calls to provide the service. A disclosure is played to callers at the beginning of every call. As the business owner (subscriber), you are responsible for ensuring your use of call recordings complies with applicable laws in your jurisdiction, including any additional consent requirements.

AI-generated responses during calls are produced by Google's Gemini model. Audio is processed in real time and is not permanently retained by Google beyond the session.

5. Data Retention

• Account data — retained for the duration of your subscription and for 90 days after account closure, then permanently deleted.
• Call recordings and transcripts — retained for 12 months from the date of the call, then deleted.
• Billing records — retained for 7 years as required by Singapore's accounting and tax regulations.
• Log data — retained for 30 days.

6. Your Rights Under the PDPA

As an individual whose personal data we hold, you have the right to:

• Access — request a copy of the personal data we hold about you.
• Correction — request that we correct inaccurate or incomplete personal data.
• Withdrawal of consent — withdraw consent to collection, use, or disclosure of your personal data at any time. Note that withdrawal may affect your ability to use the service.
• Data portability — request your account data in a machine-readable format where technically feasible.

To exercise any of these rights, email us at support@voco.live. We will respond within 30 days.

7. Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, row-level security policies on our database, and access controls limiting data access to authorised personnel only. Despite these measures, no system is entirely secure. If you become aware of a security concern, please contact support@voco.live.

8. Children's Privacy

Our services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For material changes, we will notify subscribers by email at least 14 days before the change takes effect. Continued use of the service after the effective date constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related enquiries or to exercise your rights: