VesperAI
Legal

Privacy Policy

How Vesper AI collects, uses, stores and protects personal and patient data across our services.

Last updated: 22 April 2026

1. Who we are

Vesper AI ("we", "us", "our") provides AI voice receptionist software to private healthcare clinics. This policy explains how we process personal data when clinics use our services and when patients interact with our voice agents.

2. Data we process

We process the following categories of personal data:

  • Caller details such as name, phone number and email address.
  • Call audio recordings, transcripts and call metadata (time, duration, outcome).
  • Appointment details, treatment interest and scheduling preferences.
  • Clinic staff account information for users of our dashboard.

3. How we use data

We use personal data to operate the AI receptionist on behalf of the clinic, book and manage appointments, generate transcripts and analytics, improve service quality, and comply with our legal obligations.

4. Legal basis

We process personal data on the basis of our contract with the clinic (data controller), the clinic's legitimate interests in operating their practice, and where applicable, explicit consent obtained from the caller at the start of the call.

5. Data residency & security

All personal data is stored within the UK and EU. We use encryption in transit and at rest, role-based access controls, and regular security reviews. We are GDPR compliant and operate appropriate technical and organisational measures.

6. Sharing

We share data only with sub-processors strictly required to deliver the service (such as cloud hosting and telephony providers) under written data processing agreements. We never sell personal data.

7. Retention

Call recordings and transcripts are retained for the period agreed with the clinic, after which they are securely deleted. Account data is retained for the duration of the clinic's subscription and a short period afterwards for legal and audit purposes.

8. Your rights

Under UK and EU data protection law you have the right to access, rectify, erase, restrict, port or object to the processing of your personal data. To exercise these rights, contact your clinic (the data controller) or email us at hello@vesperlabs.ai.

9. Contact

For any privacy-related questions, please email hello@vesperlabs.ai.