← Back to Engage.co

Privacy Policy

Effective Date: July 9, 2025

This Privacy Policy explains how Engage.co ("Engage," "we," "us," or "our") collects, uses, discloses, and protects personal information in connection with our services, including our website at engage.co ("Website"), mobile applications, voice interfaces, APIs, and other communication systems (collectively, the "Services").

By accessing or using the Services, you agree to the terms of this Privacy Policy. If you do not agree, do not use the Services.

This Privacy Policy is part of and governed by our Terms of Service. Capitalized terms not defined in this policy shall have the meaning assigned in the Terms.

This Privacy Policy is designed to meet global compliance requirements, including the General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act ("CCPA"), and other applicable data protection laws.

1. Definitions

  • Service refers to the website, platform, APIs, mobile applications, and related products and services offered by Engage.co.
  • Personal Data means data relating to an identified or identifiable individual.
  • Usage Data means data automatically collected during the use of the Services.
  • Cookies are small pieces of data stored on your device.
  • Data Controller means the entity that determines the purposes and means of processing personal data.
  • Data Processor means a third-party entity that processes personal data on behalf of the Data Controller.
  • Data Subject/User means the natural person whose personal data is being processed.

2. Types of Data Collected

We collect various categories of information for business, legal, and compliance purposes:

(a) Personal Data

This may include:

  • Name, email address, phone number, mailing address
  • Payment details (processed by secure third-party providers)
  • Voice recordings and audio samples (if voice features are used)
  • Authentication credentials (hashed passwords, API tokens)

(b) Usage Data

  • Device type, browser type and version
  • IP address, geolocation data
  • Pages visited, time spent, navigation patterns
  • Referrer URL, clickstream analytics

(c) Platform & Integration Data

  • Call logs, assistant configurations, phone numbers
  • API keys, third-party access tokens
  • Voicebot prompts, training content, and custom flows

(d) Communication Data

  • Emails and in-app messages
  • Customer support inquiries and metadata

(e) Biometric and Voice Model Data

  • User-generated or uploaded voice recordings
  • Speech-to-text transcripts
  • AI voice model configurations and customizations

3. Use of Data

Engage.co uses the data collected for the following purposes:

  • To operate and deliver the Services
  • To maintain and improve the performance of AI agents and automation workflows
  • To personalize content and features
  • To monitor system performance, conduct audits, and prevent abuse
  • To communicate with users, including service notices and billing updates
  • To send optional marketing communications (with opt-out ability)
  • To comply with legal obligations and enforce our terms
  • To enable third-party integrations with secure authentication
  • To improve training models using anonymized, aggregated content
  • To support functionality covered by our Data Processing Addendum (DPA) and Business Associate Agreement (BAA)

We do not commercialize voice models on a standalone basis unless you have granted explicit permission.

4. Voice and Call Data

If you use our voice capabilities (e.g., Vapi, ElevenLabs, RetellAI), we may collect:

  • Phone numbers used in calls
  • Transcripts and audio recordings (if enabled)
  • Call metadata such as start time, end time, duration, and status
  • Conversational flows, AI responses, and assistant behavior

Call data is retained only for the duration required by your configuration or legal requirements. You may delete call data at any time, or request deletion through our support team.

5. Tracking & Cookies

We use session cookies, persistent cookies, and third-party tracking tools:

  • Analytics Cookies (e.g., PostHog, Mixpanel, Segment)
  • Advertising Cookies (e.g., Google Ads, Meta Pixel, LinkedIn)
  • Functional Cookies to remember user preferences

You may disable cookies in your browser, but some features may be limited. We honor browser-level Do Not Track signals.

6. Data Sharing

We do not sell your personal information. However, we share information with:

  • Service Providers (e.g., AWS, Cloudflare, Stripe, RetellAI, OpenAI, Amelia.AI, Forethought, Kore.ai)
  • Integrated Platforms (e.g., CRMs, email services, analytics tools)
  • Legal Authorities where required by law or court order
  • Business Transfers in case of merger, acquisition, or asset sale

All service providers are bound by our DPA and are required to comply with confidentiality and data protection obligations.

7. Data Retention

We retain data:

  • As long as you have an active account
  • For as long as necessary for the purpose collected
  • To comply with legal, contractual, or security requirements

Voice and call data may be retained per your configuration, and can be deleted upon request or through self-service tools. Personal data will not be stored longer than is necessary to achieve the processing purpose.

8. Security of Data

We take data protection seriously and implement measures including:

  • HTTPS and TLS for data in transit
  • Encryption of sensitive fields at rest
  • Access control and audit logging
  • Role-based permissions
  • Regular security audits and compliance reviews

Despite best efforts, no method of storage or transmission is 100% secure.

9. International Transfers

If you access the Services from outside the United States, you consent to the transfer of data to and from the U.S. or other jurisdictions where we or our vendors operate. We use Standard Contractual Clauses (SCCs) and equivalent safeguards where required by law.

10. User Rights

Depending on your location, you may have the right to:

  • Access a copy of your personal data
  • Correct inaccurate information
  • Delete your data or restrict certain uses
  • Object to processing based on legitimate interests
  • Withdraw consent (for marketing or training uses)
  • Port data to another provider (where applicable)

To exercise your rights, email us at [email protected]. You may also access some rights through your dashboard. We may ask you to verify your identity before fulfilling your request.

11. GDPR and CCPA Disclosures

For EEA/UK Residents:

You have rights under the GDPR including the right to file a complaint with your supervisory authority.

For California Residents:

You may request:

  • What categories and pieces of personal information we've collected
  • Deletion of your personal information
  • Disclosure of information shared with service providers
  • That we not sell your personal information (we don't)

Contact: [email protected] with subject line "CCPA Request" to exercise your rights.

12. Children's Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected such data, please contact us.

13. Service Providers

We use reputable vendors to help deliver the Services. Some include:

  • Stripe (payments)
  • AWS (cloud hosting)
  • Cloudflare (performance and security)
  • Google Analytics, PostHog, Segment.io, Mixpanel (analytics)
  • GitHub (source control)
  • Twilio/RetellAI/Vapi/Kore.ai/Amelia.AI (telecom and AI APIs)

All subprocessors operate under the terms of our DPA. A complete list is available upon request.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Substantial changes will be communicated via email or your account dashboard at least 10 business days before taking effect. Continued use of the Services constitutes your acceptance of the changes.

15. Contact Us

Engage.co
520 Broadway #200
Santa Monica, CA 90401
USA
Email: [email protected]
© Engage.co, 2026. All rights reserved.