Skip to content

Privacy

Last updated: July 2026

MinuteOne AI processes business contact data on behalf of customer organizations to place consent-based outbound calls and book appointments. This page is a product-facing summary for the MVP—not a substitute for a counsel-reviewed policy at production scale.

Data we process

  • Lead identity: name, phone, email, campaign metadata
  • Consent artifacts and form text versions
  • Call metadata, transcripts, qualification outcomes
  • Account users: name, email, role membership

Purposes

Lead contact, qualification, booking, product analytics for the customer org, security, and abuse prevention. We do not sell lead lists.

Retention

  • Account users: retained while the account is active; deactivated accounts retained ≤90 days unless legal hold.
  • Lead and call records: retained per customer policy (default 24 months operational history) or until export + deletion request.
  • Audit/security logs: typically 12 months for abuse investigation.
  • Demo/synthetic data: labeled and may be wiped without notice.

Owners can export workspace JSON and deactivate accounts in Settings. Hard erasure of call history may require a support ticket.

Subprocessors

Depending on configuration we may use: hosting providers for compute/storage; Stripe (billing); LiveKit (realtime voice); Listmonk/Mailcow (email); n8n (automation); optional LLM providers for support chat. A current list is published at /subprocessors.

GDPR / rights

Where GDPR or similar law applies, data subjects may request access, correction, export, or deletion via the customer organization or our contact form. Customers are typically controllers of lead data; MinuteOne acts as processor under their instructions.

Contact

Privacy questions: use the contact form or email the address provided during onboarding. DPA requests: note “DPA” in the contact subject.