Back to home

Privacy Policy

Last updated: 8 July 2026

This Privacy Policy explains how MINEVRA ("MINEVRA", "we", "us", "our") — the AI voice service operated by the individuals behind it — collects, uses, shares, and protects personal data. It applies to our website and to the AI voice services we provide. Please read it together with our Terms of Service. If you do not agree with it, do not use the website or the service.

01Who we are and our role

MINEVRA provides an AI agent that answers, resolves, and follows up on customer service calls on behalf of business customers. MINEVRA is currently an independent service operated by the individuals who run it and is not yet incorporated as a company; where this policy refers to the "data controller", that means the operators of MINEVRA, reachable at the contact details below.

Our role under data-protection law depends on the context:

  • Data controller: for personal data about our website visitors, prospects, and the individuals who administer a business customer's account, we decide why and how the data is processed, so we act as the controller.
  • Data processor: for personal data contained in the calls we handle on behalf of a business customer (for example, the details a caller shares with the AI agent), the business customer is the controller and we act as a processor, processing that data only on their documented instructions under a Data Processing Agreement (DPA).

If you are an end caller and want to exercise your rights over call data, please contact the business you called; we will support them in responding.

02Personal data we collect

Depending on how you interact with us, we may collect:

  • Identity and contact data: name, business name, email address, phone number, job title, and similar details you provide when you contact us, request a demo, or open an account.
  • Account and billing data: login identifiers, plan, billing contact, and transaction records. Card payments are processed by our payment provider; we do not store full card numbers.
  • Call content and voice data: audio of calls, call recordings, transcripts, and AI-generated summaries, where the business customer has enabled these features.
  • Call metadata: phone numbers, date, time, duration, call direction, outcome, and routing information.
  • Usage and device data: IP address, browser type, pages viewed, referring URLs, and similar technical information collected automatically when you use the website.
  • Communications: the content of messages and support requests you send us.

You do not have to provide the data we ask for, but if you do not, we may be unable to provide the website or the service.

03How and why we use personal data (legal bases)

We process personal data for the following purposes, relying on the legal bases indicated (under the EU/UK GDPR; equivalent bases apply under Türkiye's KVKK and other applicable laws):

  • To provide and operate the service — route, understand, and resolve calls; generate transcripts and dashboard summaries. Legal basis: performance of a contract; and, for call content processed for a business customer, that customer's instructions.
  • To manage accounts, billing, and support. Legal basis: performance of a contract; legitimate interests in running our business.
  • To improve and secure the service, prevent fraud and abuse, and develop new features. Legal basis: legitimate interests; where required, consent.
  • To communicate with you, including service messages and, where permitted, marketing. Legal basis: consent or legitimate interests; you can opt out of marketing at any time.
  • To comply with legal obligations and to establish, exercise, or defend legal claims. Legal basis: legal obligation; legitimate interests.

We do not sell personal data, and we do not use call content to train third-party AI models except as strictly needed to deliver the service and, where required, with appropriate consent or contractual safeguards.

04Call recording, transcription and AI processing

The service uses automated speech recognition and large language models to understand callers and respond in real time. Where enabled by the business customer, calls may be recorded, transcribed, and summarised.

Recording and processing calls may be subject to notice and consent requirements. The business customer is responsible for providing any legally required disclosures to callers (for example, that the call is handled by an AI system and/or may be recorded) and for obtaining any required consent. We provide features to support these disclosures but do not control how each business customer configures them.

05Automated processing and human oversight

The AI agent processes calls automatically to determine intent and provide answers or actions (such as booking a callback). This does not produce legal or similarly significant effects about you without human involvement on our side. Business customers configure the actions the agent may take. If you believe an automated interaction affected you and want it reviewed, contact us or the relevant business customer.

06Sharing personal data and sub-processors

We share personal data only as needed to run the service and as described here:

  • Service providers / sub-processors: cloud hosting, telephony/voice infrastructure, speech-to-text and AI model providers, analytics, and payment processors, each bound by contract to protect the data and use it only for the services they provide to us.
  • Business customers: where we process calls on their behalf, we make the related data available to them.
  • Legal and safety: to comply with law, regulation, legal process, or enforceable governmental request, or to protect the rights, property, or safety of MINEVRA, our users, or others.
  • Corporate transactions: in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate confidentiality protections.

A current list of sub-processors is available on request.

07International data transfers

We and our service providers may process personal data in countries other than your own. Where we transfer personal data across borders, we use appropriate safeguards recognised under applicable law — such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Agreement, or an adequacy decision — and take additional measures where needed to protect the data.

08Data retention

We keep personal data only for as long as necessary for the purposes described in this policy, then delete or anonymise it.

  • Call recordings, transcripts, and summaries: retained for the period configured by the business customer, or until they request deletion.
  • Account and billing records: retained for the life of the account and afterwards as required to meet legal, tax, and accounting obligations.
  • Website usage data: retained for a limited period consistent with the purpose for which it was collected.

Aggregated or de-identified data that no longer identifies you may be retained to improve the service.

09How we protect personal data

We use technical and organisational measures designed to protect personal data, including encryption of data in transit and at rest, access controls and least-privilege access, logging and monitoring, and regular review of our security practices. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of a personal-data breach affecting you, we will notify you and the competent authorities where required by law.

10Your rights

Subject to applicable law (including the EU/UK GDPR and Türkiye's KVKK), you may have the right to:

  • access the personal data we hold about you and receive a copy;
  • have inaccurate or incomplete data corrected;
  • have your data erased in certain circumstances;
  • restrict or object to certain processing, including direct marketing;
  • data portability;
  • withdraw consent at any time, without affecting processing carried out before withdrawal;
  • lodge a complaint with your data-protection authority (in Türkiye, the KVKK Board; in the EU, your local supervisory authority).

To exercise these rights, contact us using the details below. We may need to verify your identity, and we will respond within the timeframes required by law. If your request concerns call data processed on behalf of a business customer, we will refer you to, or act on the instructions of, that customer.

11Cookies and local storage

Our website uses strictly necessary storage (such as your language preference kept in your browser's local storage) to make the site work. We may also use limited analytics to understand and improve usage. Where required by law, we ask for your consent before setting non-essential cookies, and you can control cookies through your browser settings.

12Children's privacy

The service is intended for businesses and is not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will take appropriate steps to delete it.

13Third-party links

Our website and communications may link to third-party sites or services we do not control. This policy does not apply to them, and we are not responsible for their privacy practices. Please review their policies before providing personal data.

14Changes to this policy

We may update this policy from time to time. When we do, we will change the "last updated" date above and, for material changes, provide additional notice where required. Your continued use of the website or service after an update means you accept the revised policy.

15How to contact us

For any question about this policy or to exercise your rights, contact the MINEVRA team by email at info@callminevra.com.