?

User

Create receptionistSign in / Register

Privacy Policy

Last updated: April 21, 2026

rAIceptionist ("we", "our platform") is committed to protecting your personal data. This policy describes what data we collect, how we use it, and what your rights are.

Data Controller

Agentix EOOD (rAIceptionist)
Company ID (ЕИК): 208755889
Registered office: Varna 9005, Primorski district, Chayka, bl. 203, ent. B, fl. 9, ap. 25, Bulgaria
Manager: Kristian Georgiev Gandozov
Contact for GDPR requests: ai@raiceptionist.com

1. What data we collect

Account data: Name, email address, password (hashed), upon registration.

Business data: Business name, address, phone, working hours, services, team — entered by you when creating a receptionist.

Integration tokens: Instagram Page Access Token and Google Calendar access — so the receptionist can respond to messages and book appointments.

Message data: Messages sent to your Instagram business account are processed by the AI receptionist. We do not store chat contents — they are processed in real-time.

Statistics: Number of messages, bookings, and cancellations — aggregated daily data without personal information.

2. How we use data

Data is used solely for:

  • Providing the AI receptionist service
  • Responding to messages on your behalf
  • Booking appointments in Google Calendar
  • Displaying statistics in the dashboard
  • Sending system emails (confirmations, notifications)

3. Who we share data with

Your data is shared only with these providers for service purposes:

  • Meta (Instagram API) — for receiving and sending messages
  • Google (Calendar API) — for booking appointments
  • AI model providers — for generating responses (we use the newest AI models from leading providers)
  • Supabase — for data storage (hosted in EU)
  • Resend — for sending emails
  • Vercel — for website hosting

We do not sell or share your data with third parties for marketing purposes.

4. Storage and security

Data is stored in Supabase (PostgreSQL), hosted in the European Union. We use HTTPS encryption for all communications. Passwords are hashed with bcrypt. Database access is restricted with Row Level Security.

5. Your rights (GDPR)

As an EU user, you have the right to:

  • Access — request a copy of your data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data
  • Portability — receive your data in a machine-readable format
  • Restriction — restrict data processing

To exercise these rights, contact us at ai@raiceptionist.com. You also have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP)www.cpdp.bg, 2 Prof. Tsvetan Lazarov Blvd., Sofia 1592, Bulgaria.

6. Cookies

We use only technically necessary cookies for authentication and sessions. We do not use tracking or advertising cookies.

7. Data retention

Account data is stored while you have an active account. Upon account deletion, all data is deleted within 30 days. Statistical data is anonymized after 12 months.

8. Google API Services User Data Policy

rAIceptionist's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Google scopes we request:

  • https://www.googleapis.com/auth/calendar — to read busy times and create/cancel events in the calendar you select when connecting
  • https://www.googleapis.com/auth/calendar.events — to manage only the events created by the receptionist
  • openid, email, profile — to identify the connected Google account

Why we need this access: The AI receptionist checks availability in the calendar you selected and books clients automatically when they message you on Instagram. Without calendar access, the receptionist cannot function.

How we use Google data (Limited Use):

  • We use the data only to provide and improve user-facing features of the receptionist (availability checks, creating bookings, cancelling bookings)
  • We do not transfer Google user data to third parties, except as necessary to provide the service, with explicit consent, or as required by law
  • We do not use Google user data for advertising, profiling, or targeting purposes
  • We do not use Google user data to train AI/ML models. Calendar content is never sent to any generative AI model
  • No humans read your calendar data, except (a) with your explicit consent, (b) for security purposes (investigating abuse), (c) to comply with applicable law, or (d) when the data is aggregated and anonymized

Google data storage: We only store the ID of the calendar you selected (e.g. primary or a shared calendar ID). Access tokens and refresh tokens are encrypted at rest. No calendar events or content are stored in our database — they are read in real time when needed and not cached.

Revoking access: You can revoke rAIceptionist's access to your Google account at any time via myaccount.google.com/permissions or from our dashboard (Dashboard → Receptionist → Disconnect Google Calendar). After revocation, we delete the stored calendar ID and tokens within 24 hours.

9. Contact

For questions about this policy or to exercise your rights: ai@raiceptionist.com