Autocloz
Privacy

Your data, your rules.

Plain-language privacy policy. We collect what we need to run the platform, nothing more. We never sell your data. We delete on request inside 30 days.

Last updated:

TL;DR

  • We collect: account info you give us, the leads you upload, the messages you send/receive, the calls you make, and basic usage telemetry.
  • We use it to: run the platform, send you product updates, and improve the product. Never to train AI on your data.
  • We share it with: the third-party processors listed below — only the minimum required to deliver the feature you asked for.
  • We never sell your data. We never let advertisers see it.
  • You can export, correct, or delete it any time. Deletion completes within 30 days.

What we collect

Account data you provide: name, email, organisation name, billing details (handled by our payment processor), team-member emails, role.

Operational data you upload or generate: lead lists, sequences, mailbox credentials (encrypted at rest), carrier API keys, call recordings + transcripts, message bodies, notes, deal pipeline data, audio files for IVR + voicemail drops.

Usage telemetry: page views, feature usage, error reports, performance metrics. We use this to find bugs and prioritise the product roadmap. We do not use it for advertising.

Cookies: a strictly-necessary session cookie for auth, plus a remember-me token if you tick the box. We do not run third-party advertising trackers.

How we use it

  • To run the platform — store and serve your leads, sequences, mailboxes, calls, etc.
  • To send you product updates (email; you can unsubscribe with one click)
  • To send you transactional emails (password reset, billing receipts, security notifications) — these you cannot unsubscribe from
  • To improve the product (aggregate analytics; never individual-level shared)
  • To meet legal obligations (e.g., GST filing in India, tax records)

We do not use your data to train AI models — neither ours nor third-party providers'. We do not share it with advertisers. We do not sell it.

Third-party processors

These vendors process customer data on our behalf — strictly limited to what's needed to deliver the feature.

  • AWS (Amazon Web Services) — hosting, storage, backups (Mumbai by default; EU on request)
  • Stripe / Razorpay — payment processing
  • Telnyx / DIDLogic / FreJun — voice carriers (your choice; we proxy your credentials)
  • Twilio / MessageBird / Vonage — SMS and WhatsApp delivery (your choice)
  • Google / Microsoft — OAuth + IMAP for connected mailboxes
  • Unipile / PhantomBuster — LinkedIn provider (your choice)
  • OpenAI / Anthropic / Groq / ElevenLabs / Deepgram — LLM + voice AI (with zero-retention enabled where supported)
  • Cloudflare / Sentry — DNS, error monitoring
  • Mailgun / SendGrid — transactional emails (password reset, etc.)

AI providers

When you use AI replies, AI voice agents, or AI summaries, the relevant content is sent to the configured LLM/voice provider for inference. We enable zero-retention mode on every API call where the provider supports it (OpenAI data_retention=none, Anthropic enterprise zero-retention).

You can bring your own API key per workspace. When you do, the provider becomes your sub-processor (not ours) and the data path goes directly from Autocloz to your account.

Retention

  • Active workspaces — kept indefinitely while you remain a customer
  • Cancelled workspaces — soft-deleted immediately on cancellation; hard-deleted after 30 days unless you explicitly request earlier deletion
  • Audit log — 12 months on Pro, 24 on Business, 7 years on Enterprise (regulatory requirement)
  • Backups — retained 30 days then permanently deleted
  • Voice recordings — retained per the workspace's recording_retention_days setting (default 90 days)
  • Marketing analytics — aggregated only; personal identifiers stripped after 13 months

Your rights

Depending on where you live (GDPR, India DPDP, CCPA, etc.) you have the right to:

  • Access — request a copy of all the data we hold about you
  • Correct — fix inaccuracies (most fields editable directly in the product)
  • Delete — we honour deletion within 30 days; some data must be retained for tax/audit reasons (we'll tell you what)
  • Port — export your data in standard formats (CSV, JSON)
  • Object — opt out of marketing emails with one click; opt out of usage analytics in Settings → Privacy
  • Withdraw consent — for AI features, marketing, or any specific processing

Email privacy@autocloz.com to exercise any of these rights. We respond within 5 business days and complete the action within 30 days.

International transfers

Your data is stored in our primary AWS region (Mumbai, ap-south-1 by default). EU customers can request EU data residency (eu-west-1) at signup or via support.

For transfers outside India / the EU (e.g., when AI providers are US-hosted), we rely on Standard Contractual Clauses (SCCs) and the receiving party's own GDPR / DPDP compliance posture.

Children's data

Autocloz is a B2B platform. We do not knowingly collect data from anyone under 18. If you discover that a child has provided us data, email privacy@autocloz.com and we'll delete it.

Changes to this policy

When we change this policy materially, we'll email every workspace Owner at least 30 days in advance. Non-material changes (typo fixes, clarifications) take effect on publication and the "Last updated" stamp at the top reflects the date.

Contact us

Privacy questions: privacy@autocloz.com
Security incidents: security@autocloz.com
Everything else: hello@autocloz.com

Data Protection Officer (for GDPR / DPDP requests): dpo@autocloz.com.