Privacy Policy

Last updated: 9 June 2026

Not legal advice. Still to complete: registered business address and ICO registration number (once registered). We recommend a qualified UK data-protection solicitor reviews this before you rely on it.

1. Who we are

TradieDial (“we”, “us”, “our”) provides an AI telephone receptionist that answers calls, captures job details, flags emergencies, and books appointments for trade businesses. This policy explains how we handle personal data.

Data controller: TradieDial, [registered address to be added]. ICO registration number to be added once registered. Privacy and data-protection contact: support@tradiedial.com.

2. Our two roles

  • Controller — for data about our own customers (the trade businesses) and visitors to this website.
  • Processor — for the personal data of callers, which we process on behalf of, and under the instructions of, the trade business that operates the line. That business is the controller of its callers’ data; our processing is governed by our Terms and a Data Processing Addendum.

3. Personal data we process

  • Call data (on behalf of our customers): call audio recordings, transcripts, AI-generated summaries, and details a caller provides — name, phone number, property address/postcode, and a description of the problem.
  • Booking data: appointment date/time, the caller’s name, contact details and address, processed via our scheduling provider.
  • Account data: business name, contact name, email, and login credentials of our customers.
  • Website/technical data: a functional cookie used only to keep an authenticated dashboard session, and IP addresses retained briefly (under 24 hours) for rate limiting and abuse prevention. We do not use advertising or analytics tracking cookies.

4. Call recording & AI — important

Calls handled by the service are answered by an automated AI assistant and may be recorded and transcribed. In line with UK law (Telecommunications (Lawful Business Practice) Regulations 2000, UK GDPR and PECR) and AI-transparency requirements, callers are informed at the start of the call that (a) they are speaking to an AI assistant and (b) the call may be recorded, with the purpose and how to find this policy.

Lawful basis for recording and AI analysis is normally the controller’s legitimate interests (running the business, quality, dispatch and dispute resolution), supported by a documented Legitimate Interest Assessment. Where special-category data is volunteered, we rely on the caller’s consent or another appropriate condition. Callers may ask not to be recorded.

5. Why we process it (lawful bases)

  • Contract — to provide the service to our customers.
  • Legitimate interests — to answer, record and triage calls, prevent abuse, and improve the service.
  • Consent — where required, e.g. special-category data.
  • Legal obligation — to comply with law and respond to lawful requests.

6. Sub-processors & sharing

We use trusted providers to run the service. Current sub-processors include: Vapi (call orchestration), OpenAI (language model), Microsoft Azure / Deepgram (speech), Supabase (database), Twilio (SMS), Resend (email), Cal.com (scheduling) and Vercel (hosting). We share personal data with them only as needed to deliver the service. A current list is available on request.

7. International transfers

Some sub-processors are based outside the UK (including the USA). Where data is transferred internationally, we rely on appropriate safeguards such as the UK International Data Transfer Agreement / Addendum or UK-recognised adequacy, as applicable.

8. Retention

We keep call recordings for 90 days, after which they are deleted on an automated daily schedule. Transcripts, summaries and captured job details are kept while the customer's account is active (so past jobs stay visible in their dashboard) unless deletion is requested earlier. Prospective-customer (sales) contact details are reviewed and removed within 12 months if there is no active relationship, and immediately on request. Account data is kept for the life of the account plus 12 months. IP addresses used for rate limiting are deleted within 24 hours.

9. Your rights

Under UK GDPR you have rights to access, rectification, erasure, restriction, objection and data portability, and rights regarding automated decision-making. To exercise a right about a call you made to a trade business, contact that business (the controller); we will assist them. For data we control, contact support@tradiedial.com. You can also complain to the ICO at ico.org.uk.

10. Security

We use access controls, encryption in transit, and reputable infrastructure providers. Dashboard access is restricted to authenticated users.

11. Changes & contact

We may update this policy and will revise the date above. Questions: support@tradiedial.com — TradieDial, [registered address to be added].