BUZZER.AI PRIVACY POLICY

This Privacy Policy describes how Buzzer.ai Ltd. ("Buzzer," "Company," "we," "us," or "our") collects, uses, discloses, and protects information when you use the Buzzer.ai platform, website at https://buzzer.ai (the "Website"), APIs, and all related AI-powered telephony integration, omnichannel customer experience, and communication services (collectively, the "Services"). This Privacy Policy forms an integral part of our Terms of Service.

1. SCOPE AND APPLICABILITY

This Privacy Policy applies to:

  1. Customer Account Data: Information provided by Customers who register for and use the Services (e.g., account administrators, agents).
  2. End-User Communication Data: Information relating to individuals whose communications are processed through the Services on behalf of our Customers (e.g., callers, message recipients).
  3. Website Visitor Data: Information collected from visitors to our Website.

Where we process End-User Communication Data on behalf of a Customer, the Customer acts as the data controller (or equivalent under applicable law) and Buzzer acts as the data processor. The Customer's own privacy policy governs the collection and use of such data. This Privacy Policy governs our processing activities and obligations as a processor, and our independent processing of Customer Account Data and Website Visitor Data.

2. INFORMATION WE COLLECT

2.1 Information You Provide

  1. Account Information: Name, email address, phone number, company name, job title, and billing information provided during registration or account management.
  2. Payment Information: We use third-party payment processors. We do not store credit card numbers or full payment instrument details on our systems.
  3. Support Communications: Information provided when you contact us for technical support or customer service.

2.2 Information Processed Through the Services

  1. Voice Data: Real-time voice streams processed for transcription, summarization, AI agent interaction, and language translation. Voice data is processed in real time and we do not store audio recordings of calls after processing is complete.
  2. Transcripts and Summaries: Text-based outputs generated from voice processing, retained as configured by the Customer.
  3. Text-Based Communications: Messages processed through Supported Channels (WhatsApp, SMS, email, Messenger, Instagram, TikTok, Telegram, Line, and other platforms) as part of the Customer's omnichannel workflows.
  4. Metadata: Call duration, timestamps, channel identifiers, routing data, and system logs generated during service operation.

2.3 Automatically Collected Information

  1. Usage Data: Information about how you interact with our Website and Services, including pages visited, features used, and session duration.
  2. Device and Browser Information: IP address, browser type, operating system, and device identifiers.
  3. Cookies and Similar Technologies: We use cookies, web beacons, and similar technologies for authentication, analytics, and service optimization. See Section 10 for details.

3. HOW WE USE INFORMATION

We use collected information for the following purposes:

  1. Service Delivery: To provide, operate, and maintain the Services, including AI agent operation, voice processing, transcription, and omnichannel communication handling.
  2. Service Improvement: To analyze usage patterns, diagnose technical issues, and improve the performance, reliability, and security of the Services.
  3. Customer Support: To respond to inquiries, provide technical assistance, and resolve issues.
  4. Billing and Administration: To process payments, send invoices, and manage accounts.
  5. Communications: To send service-related notices, updates, and security alerts.
  6. Legal Compliance: To comply with applicable laws, regulations, legal processes, and enforceable governmental requests.
  7. Security: To detect, prevent, and address fraud, abuse, security incidents, and technical issues.

4. AI AND DATA PROCESSING

  1. No General-Purpose Model Training: We do not use Customer Data to train general-purpose or shared AI models. Customer Data is not made available to other customers or used to improve services for third parties.
  2. Service-Specific Fine-Tuning: We may fine-tune existing third-party AI models solely as necessary to deliver and improve the Services for you. Such fine-tuning is performed under contractual and technical safeguards and only with appropriate authorization.
  3. Third-Party AI Providers: The Services may utilize third-party AI model providers for speech recognition, natural language processing, and related capabilities. These providers process data under contractual obligations that restrict their use of Customer Data. For more details, see our AI & Data Usage Transparency page.

5. SHARING INFORMATION WITH THIRD PARTIES

We do not sell Personal Data. We may share information with:

  1. Service Providers: Third-party vendors who assist in operating the Services (e.g., cloud hosting, payment processing, AI model providers, analytics). These providers are contractually obligated to process data only as directed by us and to maintain appropriate security measures.
  2. Legal Requirements: When required by law, regulation, legal process, or governmental request.
  3. Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, subject to the receiving party agreeing to honor the commitments in this Privacy Policy.
  4. With Your Consent: When you have provided explicit consent to share information for a specified purpose.

6. DATA RETENTION

  1. Account Data: Retained for as long as your account is active or as needed to provide the Services. Upon account deletion, we will delete or anonymize your data within thirty (30) days, unless retention is required by law or legitimate business interest (e.g., billing records, dispute resolution).
  2. Voice Data: Processed in real time and not retained in audio form. Transcripts and summaries are retained according to Customer configuration.
  3. Text Communications: Retained as configured by the Customer within the Services, subject to applicable retention policies.
  4. Logs and Metadata: Retained for a reasonable period for security, debugging, and compliance purposes, typically not exceeding twelve (12) months.

7. DATA SECURITY

We implement appropriate technical and organizational measures to protect information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit and at rest, access controls, regular security assessments, and incident response procedures. Our security practices are aligned with ISO 27001:2022 standards.

For On-Premise Deployments, the Customer is responsible for the physical and network security of the infrastructure on which the Services operate. Our security obligations in such cases are limited to the software components we provide.

8. YOUR PRIVACY RIGHTS

Depending on your jurisdiction, you may have the following rights regarding your Personal Data:

  1. Access: Request a copy of the Personal Data we hold about you.
  2. Correction: Request correction of inaccurate or incomplete data.
  3. Deletion: Request deletion of your Personal Data, subject to legal retention requirements.
  4. Restriction: Request restriction of processing in certain circumstances.
  5. Portability: Request transfer of your data in a structured, machine-readable format.
  6. Objection: Object to processing based on legitimate interests.
  7. Withdrawal of Consent: Where processing is based on consent, withdraw consent at any time.
  8. Opt-Out of Marketing: Unsubscribe from marketing communications at any time.

To exercise these rights, contact us at . We will respond within the timeframe required by applicable law.

If we process your data as a processor on behalf of a Customer, please direct your request to the applicable Customer. We will assist the Customer in fulfilling such requests as required.

9. CROSS-BORDER DATA TRANSFERS

Our primary infrastructure is located in Israel and the European Union. Customer Data may be processed in other jurisdictions where our service providers operate. Where data is transferred outside of your jurisdiction, we ensure appropriate safeguards are in place, including standard contractual clauses, adequacy decisions, or other legally recognized transfer mechanisms.

10. COOKIES AND TRACKING TECHNOLOGIES

Our Website uses cookies and similar technologies for:

  1. Essential Cookies: Required for Website functionality and authentication.
  2. Analytics Cookies: Used to understand how visitors interact with our Website and to improve user experience.
  3. Preference Cookies: Used to remember your settings and preferences (e.g., language selection).

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect Website functionality.

11. CHILDREN'S PRIVACY

The Services are not directed to individuals under the age of 18. We do not knowingly collect Personal Data from minors. If we become aware that we have collected Personal Data from a person under 18, we will take steps to delete such data promptly.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through the Services with at least thirty (30) days' notice. The "Last updated" date at the bottom indicates when this policy was last revised.

13. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Buzzer.ai Ltd., 2 HaShonit, Herzliya, Israel

Last updated: March 2026