Elyte AI

Try it Live!

Data Privacy

Privacy Policy

Version 1.1 — Last updated: July 2025

1. Introduction
Elyte AI (“we”, “our”, or “us”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and protect your personal data and the data of your clients. We operate in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and relevant EU GDPR standards.

If you are a client of Elyte AI, or a user of one of our deployed AI systems (such as voice agents or lead automation tools), this policy explains how your data is handled securely, lawfully, and transparently.

2. Who We Are
Elyte AI is a UK-based AI automation consultancy and service provider. We specialise in voice agents, AI integrations, and lead generation tools for businesses.

If you have questions about this policy or how we handle your data, you can contact us at:
hello@elyte-ai.com

3. The Data We Collect

We may collect the following types of data:

From Clients:

  • Contact details (name, email, phone number)
  • Company information
  • Payment and billing details
  • Project requirements and documentation
  • Any data provided for training or deploying AI systems (e.g. call recordings, CRM records, FAQs)

From End Users (via AI systems we deploy):

  • Call audio or transcripts (only if logged and explicitly agreed)
  • Chat interactions or user inputs
  • Lead data (e.g. name, contact details, inquiry) submitted via voice/chat agents

All data collected is strictly limited to what is necessary to deliver our services.

4. How We Use Your Data
We use your data to:

  • Deliver and support our AI automation services
  • Communicate with you about your project
  • Improve and train our systems (only with consent or anonymised data)
  • Comply with our legal obligations

We never sell your data. We do not use your data for marketing unless you’ve opted in.

Call recordings or transcripts are only collected if (a) enabled by the client, and (b) end-user consent has been clearly obtained at the start of the interaction (if the user continues after being informed their call is recorded). Clients are responsible for ensuring appropriate consent is in place if recordings are active.

5. Data Security
We take data security seriously and apply strict measures to protect it:

  • All client files are stored securely with access control
  • AI voice/chat agent data is encrypted at rest and in transit
  • Internal access is restricted to authorised team members only
  • We use GDPR-compliant third-party processors (e.g. for cloud hosting, analytics, CRM)

If we become aware of a breach that may affect your data, we will notify you within 72 hours as required under GDPR.

Some AI-powered interactions (e.g. voice agents or chatbots) may involve processing through third-party AI platforms. These providers are selected based on their security standards and published GDPR compliance measures. We do not allow AI platforms to retain or use your data for their own model training unless you have explicitly agreed to it.

6. Data Sharing
We only share your data with:

  • Trusted service providers we use to run our business (e.g. Google Cloud, Twilio, Microsoft)
  • Legal authorities, if required by law
  • Our project collaborators under strict confidentiality agreements

We do not transfer data outside the UK or EU unless adequate protections (e.g. Standard Contractual Clauses) are in place.

A full list of our sub-processors, including their hosting locations and GDPR safeguards (e.g. SCCs, DPF), is available upon request. Our main infrastructure providers (such as Google Cloud, Microsoft Azure, Twilio, and Retell AI and ChatDash) are either based in the UK/EU or have appropriate data protection safeguards in place for international transfers.

7. Your Rights
You have the right to:

  • Access the personal data we hold on you
  • Request correction or deletion of your data
  • Object to processing or request restrictions
  • Withdraw consent at any time (where applicable)
  • File a complaint with the ICO (Information Commissioner’s Office) if you’re unhappy with how your data is handled

To exercise any of these rights, contact us at hello@elyte-ai.com

8. Client Responsibility for End-User Data
When we deploy AI tools (e.g. voice agents) on your behalf, you remain the Data Controller for any customer or lead data collected. Elyte AI acts as the Data Processor, meaning we process the data only on your instructions and never for our own purposes. We offer full data processing agreements (DPAs) upon request.

Clients must ensure that any use of our tools on their websites, phone systems, or apps includes a clear privacy notice for their users, informing them of data collection and processing.

A Data Processing Agreement (DPA) is required under UK GDPR when Elyte AI processes personal data on behalf of a client. We provide a standard DPA to all clients who use our services in a way that involves data processing, including voice agent deployment, CRM integration, or lead capture. Please request this at hello@elyte-ai.com to remain compliant.

9. Data Retention
We retain project data only for as long as necessary:

  • Client data: up to 6 years for legal and financial record keeping
  • Voice/chat agent logs: up to 90 days by default, unless agreed otherwise
  • Deleted data is securely and permanently destroyed

Voice and chat agent data is automatically deleted 90 days after collection, unless a longer retention period is required to support an ongoing service or agreed by contract. Where automation is not available, we aim to manually purge records every 90 days, and no later than 180 days from collection.

10. Updates to This Policy
We may update this policy to reflect changes in regulation or how we operate. Any changes will be posted on our website and, where appropriate, notified to you by email.

Contact Us
If you have any questions about this Privacy Policy, data protection, or security, email us at hello@elyte-ai.com