Privacy Policy **Last Updated:** July 15, 2025 This Privacy Policy describes how ESHAL ("we," "us," or "our") collects, uses, and protects information through our AI customer service platform at www.eshal.ai. ## Who This Policy Covers - **Business Customers**: Companies that use ESHAL to provide AI customer service**End Users**: Individuals who interact with AI agents powered by ESHAL ## 1. Information We Collect ### From Business Customers (You) When you sign up for ESHAL, we collect: - Company name, contact details, billing information - Team member accounts and permissions - Platform configuration (AI agent settings, knowledge bases, integrations) - Usage analytics and performance metrics ### From End Users (Your Customers) When someone interacts with your AI agent: - Voice recordings and conversation transcripts - Chat messages and interaction history - Basic technical information (browser, device type, IP address) **Important**: For end-user data, you are the Data Controller and ESHAL is the Data Processor. (See Section 6 for details) ## 2. How We Use Information **Business Customer Data**: To provide and improve our service, process payments, send updates, and provide support. **End-User Data**: To power your AI agents, process conversations in real-time, and improve platform performance. We **do not sell** any data to third parties. --- 3. Data Storage & Security Regional Data Residency Your data is stored on infrastructure in your region: - Middle East & North Africa (MENA) - Southeast Asia (Singapore, Malaysia, Indonesia, Thailand, Philippines) - India, Australia, and other regions **Your data stays in your region by default.** No cross-border transfers unless you're a multi-region company and authorize it. Security Measures - Encryption: AES-256 (at rest), TLS 1.3 (in transit) - Access controls and multi-factor authentication - Regular security audits and monitoring - ISO 27001 certified, SOC 2 Type II in progress ### Data Retention - Active conversations: 90 days - Voice recordings: 30-90 days (configurable) - Account data: Duration of subscription + 90 days - You can delete data anytime via dashboard or by request --- ## 4. Third-Party Services We use trusted vendors for: - Cloud infrastructure (regional data centers) - Payment processing - Analytics and monitoring - Customer support tools All vendors are contractually required to protect your data. --- ## 5. Your Rights & Controls You can: - Access and export your data (JSON, CSV format) - Correct or update information - Delete your account and data - Opt-out of marketing emails - Configure data retention settings To exercise rights**: Email privacy@eshal.ai (response within 30 days) --- 6. For Business Customers: Your Responsibilities When you use ESHAL to collect end-user data, you must: ✅ **Provide your own privacy notice** to your customers ✅ **Obtain necessary consents** under applicable laws ✅ **Comply with data protection regulations** in your region ✅ **Handle data subject requests** from your customers (we'll assist) Data Processing Agreement (DPA) A DPA is available that covers: - Our role as Data Processor - Your role as Data Controller - Data security commitments - Sub-processor list - Standard Contractual Clauses (if needed) Request the DPA from your account manager or email legal@eshal.ai. 7. Regional Compliance ESHAL complies with: - **GDPR** (EU/EEA) - **CCPA/CPRA** (California) - **PDPA** (Singapore, Malaysia, Thailand) - **PDPL** (Saudi Arabia, UAE) - **Data Privacy Act** (Philippines) - **DPDP Act** (India) - **Privacy Act** (Australia) For region-specific details, see our [Regional Compliance Guide](#) or contact compliance@eshal.ai. 8. AI & Automated Processing Our platform uses AI to: - Understand and respond to customer inquiries - Route conversations intelligently - Analyze sentiment and intent Business customers control: - When to escalate to human agents - What decisions AI can make - Knowledge base and training data End users can always request a human agent. 9. Updates to This Policy We may update this policy periodically. Material changes will be communicated via email and website notice. 10. Contact Us **Privacy Questions**: privacy@eshal.ai **Data Protection Officer**: dpo@eshal.ai **Security Issues**: security@eshal.ai **Support**: support@eshal.ai By using ESHAL, you agree to this Privacy Policy and our Terms of Service. For Business Customers: You confirm that you will comply with applicable privacy laws when using our platform to process end-user data.
English