Privacy Policy

Last updated: April 2026

Soravox is fully compliant with the General Data Protection Regulation (GDPR). We process personal data only as necessary to provide our services, and we do so with appropriate legal bases including consent and legitimate interest.

Data Collection

We collect information necessary to provide our AI voice agent services, including:

Account information (name, email, business details)
Shopify store data (products, orders, policies) accessed via authorized OAuth connection
Call recordings and transcripts generated by our voice agents
Usage metrics for billing purposes

Data Ownership

Your data belongs to you. Specifically:

We never use your data to train our AI models
Call recordings and transcripts are your property
You can export or delete your data at any time
When you cancel your account, your data is permanently deleted within 30 days

Data Security

We employ enterprise-grade security measures:

AES-256 encryption for data at rest
TLS 1.3 encryption for data in transit
Regular security audits and penetration testing
Access controls and audit logging

Our technology is trusted by government agencies in Latin America, meeting strict public sector security requirements.

Your Rights

Under GDPR and applicable data protection laws, you have the right to:

Access your personal data
Rectify inaccurate data
Request deletion of your data
Restrict or object to processing
Data portability
Withdraw consent at any time

Contact