Privacy & GDPR
NovaVoca takes data protection very seriously. As a German company, we are fully GDPR-compliant and process data transparently and securely.
GDPR compliance
Data processing in the EU
All conversation data is processed and stored on EU-based servers within the EU.
DPA available
A Data Processing Agreement (DPA) under Art. 28 GDPR is available and can be concluded directly.
Data minimization
We only collect and process the data required to provide the service.
Deletion on request
Conversation data can be deleted at any time on request. Automatic retention periods are configurable.
What data is processed?
| Data type | Description | Retention |
|---|---|---|
| Call transcripts | Text record of the conversation | Configurable (default: 90 days) |
| Extracted variables | Name, email, etc. from the conversation | Configurable (default: 90 days) |
| Metadata | Call duration, timestamp, numbers | Configurable (default: 90 days) |
| Audio | Voice data during the call | Not permanently stored |
Audio recordings
NovaVoca does not store permanent audio recordings of conversations. The audio data is processed in real time (speech-to-text) and then discarded. Only the text transcript is stored.
Sub-processors
NovaVoca works with carefully selected sub-processors in the EU and the USA. A current list is provided in the DPA.
Rights of data subjects
Data subjects (callers) have the right to:
- Access to stored data
- Rectification of incorrect data
- Deletion of their data
- Restriction of processing
- Objection to processing
- Data portability
Contact
For privacy inquiries, please contact:
Data Protection Officer Email: datenschutz@novavoca.com