Name: Real Voice Employee
Author: agents.miami

Back to Home

# Privacy Policy

agents.miami

Effective Date: February 1, 2026

Last Updated: January 21, 2026

## 1. Introduction

agents.miami ("Company," "we," "us," or "our") is committed to protecting the privacy of our users, clients, and callers. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information when you use our AI-powered phone reception services ("Service").

This policy applies to:

- Restaurant clients who subscribe to the Service

- Callers who interact with our AI assistants

- Visitors to our website (agents.miami)

## 2. Data Controller Information

Data Controller:

ClientBuddy

KvK Number: 97483672

Netherlands (European Union)

Registered address available upon request via hi@agents.miami

Contact for Privacy Inquiries:

- Email: hi@agents.miami

- Website: https://agents.miami/privacy

For GDPR purposes, ClientBuddy acts as the data controller for personal data collected through the Service. As ClientBuddy is established within the European Union (Netherlands), no Article 27 EU Representative is required.

## International Data Processing

As ClientBuddy is established in the Netherlands, personal data may be processed within the European Union. Where personal data relates to callers or clients located in the United States, such processing may involve cross-border data flows. All such processing is conducted in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), using appropriate safeguards.

## 3. Information We Collect

### 3.1 Client Information (Restaurants)

When you register for and use the Service, we collect:

| Data Category | Examples | Purpose |

|---------------|----------|---------|

| Account Information | Name, email, business name, address | Account creation, communication |

| Payment Information | Credit card details (via Stripe) | Billing and payment processing |

| Business Information | Phone number, hours, menu, policies | Service configuration |

| Login Credentials | Email, password hash | Authentication |

| Usage Data | Login times, dashboard interactions | Service improvement |

### 3.2 Caller Information

When callers interact with our AI assistants, we collect:

| Data Category | Examples | Purpose |

|---------------|----------|---------|

| Phone Number | Caller ID | Reservation confirmation, callbacks |

| Voice Recording | Full audio of calls | Service delivery, quality assurance |

| Transcripts | Text version of conversations | Reservation processing, training |

| Reservation Details | Date, time, party size, name | Fulfilling reservation requests |

| Communication Preferences | Opt-out requests | Compliance with preferences |

### 3.3 Technical Information

We automatically collect:

| Data Category | Examples | Purpose |

|---------------|----------|---------|

| Device Information | Browser type, OS, IP address | Security, analytics |

| Log Data | Access times, pages visited, errors | Service monitoring |

| Cookies | Session identifiers, preferences | Website functionality |

## 4. How We Use Information

### 4.1 Purpose of Processing

We process personal information for the following purposes:

Contract Performance:

- Delivering AI phone reception services

- Processing reservations

- Sending SMS confirmations

- Billing and payment processing

- Account management

Legitimate Interests:

- Improving AI quality and accuracy

- Preventing fraud and abuse

- Analyzing service performance

- Developing new features

Legal Compliance:

- Responding to legal requests

- Complying with telecommunications regulations

- Maintaining required records

With Consent:

- Marketing communications (where required)

- Processing beyond stated purposes

### 4.2 AI Training and Improvement

Call recordings and transcripts may be used to:

- Improve AI speech recognition accuracy

- Enhance natural language understanding

- Train reservation extraction models

- Quality assurance and monitoring

Note: Data used for training is aggregated and anonymized where feasible.

## 5. Third-Party Service Providers

We share personal information with the following categories of service providers:

| Provider | Purpose | Data Shared |

|----------|---------|-------------|

| Twilio | Telephony infrastructure | Phone numbers, call metadata |

| ElevenLabs | AI voice processing | Call audio, transcripts |

| Anthropic | AI language processing | Conversation context, text prompts |

| Stripe | Payment processing | Payment details (PCI-compliant) |

| Clerk | Authentication | Login credentials |

| Convex | Database hosting | All service data |

| Vercel | Website hosting | Access logs |

All providers are bound by data processing agreements and maintain appropriate security measures.

## 6. Data Retention

We retain personal information for the following periods:

| Data Type | Retention Period | Justification |

|-----------|------------------|---------------|

| Call Audio | 180 days | Quality assurance, dispute resolution |

| Call Transcripts | 1 year | Service improvement, legal compliance |

| Reservation Records | 2 years | Business operations, legal requirements |

| Billing Records | 7 years | Tax and legal compliance |

| Account Information | Duration of account + 90 days | Service delivery, export period |

| Consent Records | Duration of account + 3 years | Compliance proof |

| Anonymized Analytics | Indefinite | Statistical analysis |

After retention periods expire, data is either deleted or anonymized.

These retention periods align with those in our Call Recording Consent Notice (§9.2: 180 days for audio, up to 1 year for transcripts) and Client Service Agreement (§1.1: 180-day call recording storage). In case of conflict, the most specific document prevails. For EU AI Act compliance, anonymized data may be retained longer for model improvement (see §14).

## 7. Data Security

We implement appropriate technical and organizational measures to protect personal information:

Technical Measures:

- Encryption in transit (TLS 1.3)

- Encryption at rest (AES-256)

- Access controls and authentication

- Regular security assessments

Organizational Measures:

- Limited access on need-to-know basis

- Employee confidentiality obligations

- Incident response procedures

- Vendor security assessments

## 8. Your Rights

### 8.1 Rights for All Users

You have the right to:

- Access: Request a copy of your personal data

- Correction: Request correction of inaccurate data

- Deletion: Request deletion of your data (subject to legal retention requirements)

- Opt-Out: Unsubscribe from marketing communications

- Complaint: Lodge a complaint with a supervisory authority

### 8.2 CCPA Rights (California Residents)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

- Right to Know: Request disclosure of personal information collected, used, and shared

- Right to Delete: Request deletion of personal information

- Right to Opt-Out: Opt out of the "sale" of personal information

- Non-Discrimination: We will not discriminate against you for exercising your rights

We do not sell personal information as defined by the CCPA.

To exercise CCPA rights, contact hi@agents.miami. Phone support is available via callback request through your dashboard.

### 8.3 GDPR Rights (EU/EEA Data Subjects)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation:

- Right to Access: Obtain confirmation of processing and access to your data

- Right to Rectification: Correct inaccurate or incomplete data

- Right to Erasure: Request deletion ("right to be forgotten")

- Right to Restriction: Restrict processing in certain circumstances

- Right to Portability: Receive data in a structured, machine-readable format

- Right to Object: Object to processing based on legitimate interests

- Right to Withdraw Consent: Withdraw consent at any time

- Right to Lodge Complaint: File a complaint with your local supervisory authority

Legal Bases for Processing (GDPR Article 6):

- Contract performance

- Legitimate interests (service improvement, security)

- Legal obligations

- Consent (where specifically obtained)

International Data Transfers:

Your data may be transferred to and processed in the United States. We rely on:

- Standard Contractual Clauses (SCCs)

- Data processing agreements with sub-processors

- Appropriate safeguards as required by GDPR

## 9. Caller-Specific Disclosures

### 9.1 Call Recording Notice

All calls handled by agents.miami AI assistants are recorded. This recording is disclosed at the beginning of each call in compliance with Florida two-party consent requirements.

### 9.2 Caller Rights

Callers may:

- Request deletion of their call recordings by contacting the restaurant

- Opt out of SMS confirmations by replying STOP

- Request a copy of their data by emailing hi@agents.miami

### 9.3 How Caller Data is Used

Caller information is used to:

- Process and confirm reservations

- Send SMS confirmations

- Improve AI service quality

- Respond to inquiries

Caller data is not used for:

- Marketing without consent

- Selling to third parties

- Profiling for unrelated purposes

## 10. Cookies and Tracking

### 10.1 Website Cookies

Our website uses the following cookies:

| Cookie Type | Purpose | Duration |

|-------------|---------|----------|

| Essential | Authentication, security | Session |

| Functional | User preferences | 1 year |

| Analytics | Service improvement | 2 years |

### 10.2 Managing Cookies

You can control cookies through your browser settings. Disabling essential cookies may affect website functionality.

## 11. Children's Privacy

The Service is not intended for individuals under eighteen (18) years of age. We do not knowingly collect personal information from children. If we discover that we have collected information from a child, we will delete it promptly.

## 12. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on our website with an updated "Last Updated" date. Material changes will be communicated via email to registered clients at least thirty (30) days in advance.

## 13. Contact Us

For privacy inquiries, data requests, or complaints:

ClientBuddy

KvK Number: 97483672

Netherlands (European Union)

Registered address available upon request via hi@agents.miami

- Email: hi@agents.miami

- Website: https://agents.miami/privacy

For GDPR inquiries:

- Contact: hi@agents.miami

Response Time: We will respond to privacy requests within thirty (30) days. We will acknowledge your request within forty-eight (48) hours.

## 14. EU AI Act Compliance

As a Netherlands-based provider, ClientBuddy complies with the EU AI Act (Regulation (EU) 2024/1689).

### Transparency Obligations (Article 50)

Effective August 2, 2026, the EU AI Act mandates that users interacting with AI systems must be clearly informed of this fact. Our compliance measures include:

- Clear AI Disclosure: All callers are informed at the start of each call that they are interacting with an AI-generated voice assistant

- Synthetic Content Marking: Audio outputs generated by our AI system are identified as AI-generated where technically feasible and required by law

- No Deception: Our AI systems never impersonate humans or deceive users about their artificial nature

- Human Escalation: Users may request human assistance at any time during AI interactions

### Risk Classification

Our AI voice assistant is classified as a "limited risk" AI system under the EU AI Act, subject to transparency obligations but not the stricter requirements applicable to high-risk AI systems.

### Potential Updates from Digital Omnibus

The European Commission's Digital Omnibus proposals (November 2025, under review) may delay high-risk AI obligations until December 2027 and introduce further simplifications. We will update this policy upon adoption (expected mid-2026) and notify clients of material changes.

## 15. Supplemental State Disclosures

### 15.1 Nevada Residents

Nevada residents may submit opt-out requests for the sale of covered information. Contact hi@agents.miami. Note: We do not currently sell personal information.

### 15.2 Virginia Residents

Virginia residents have rights under the Virginia Consumer Data Protection Act (VCDPA), including rights to access, correct, delete, and opt out. Contact hi@agents.miami.

BY USING OUR SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.