EnoDesk (“we,” “our,” or “us”) operates the eno-ai.com website, our mobile applications, and the EnoDesk AI receptionist service (collectively, the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, phone number, business name, and billing information. If you sign up using Google or another third-party provider, we receive your name, email, and profile picture from that service.

Call Data

When calls are processed by our AI receptionist, we collect call recordings, transcripts, AI-generated summaries, caller phone numbers, and appointment details. This data is stored securely and associated with your business account.

Usage Data

We automatically collect information about how you interact with our Service, including pages visited, features used, device information, IP address, and browser type.

Push Notification Data

If you use our mobile application and enable push notifications, we collect your device push notification token to deliver real-time call alerts and updates. You can disable push notifications at any time in your device settings.

Biometric Authentication

Our mobile application supports optional biometric authentication (Face ID / Touch ID) for convenient sign-in. Biometric data is processed entirely on your device by the operating system and is never transmitted to or stored on our servers.

2. Third-Party Authentication

If you choose to sign in using Google OAuth, we access only the information you authorize — typically your name, email address, and profile picture. We do not access your Google password. You can revoke access at any time from your Google account settings.

3. Google Calendar Integration

If you connect your Google Calendar, EnoDesk accesses your calendar events to check availability and create appointments on your behalf. We use Google’s OAuth 2.0 protocol and only request the minimum permissions needed. Calendar data is used solely to provide the appointment booking feature and is never sold or shared. You can disconnect your calendar at any time from your EnoDesk account settings or your Google account.

4. How We Use Your Information

Provide, operate, and maintain the EnoDesk service
Process calls, book appointments, and generate summaries
Send you call alerts, transcripts, and account notifications
Process payments and manage your subscription
Improve our AI models and service quality
Respond to your support requests
Comply with legal obligations

5. SMS / Text Messaging

EnoDesk sends text messages to your callers for appointment confirmations and follow-ups, and to you for call alerts and missed-call notifications. By using our service, you consent to these messages being sent on your behalf. Standard messaging rates may apply. You can manage SMS preferences in your account settings.

6. Data Sharing

We do not sell your personal information. We may share data with:

Service providers — hosting, payment processing, and SMS delivery providers who process data on our behalf
ElevenLabs — voice AI provider that processes call audio to power the AI receptionist’s speech and real-time call handling. Data is transmitted over encrypted connections and is not used to train ElevenLabs models.
OpenAI — AI provider that processes call transcripts and knowledge base documents to generate call summaries, insights, and AI receptionist responses. Data is transmitted over encrypted connections and is not used to train OpenAI models.
Legal requirements — when required by law, regulation, or legal process
Business transfers — in connection with a merger, acquisition, or sale of assets

7. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3) and at rest (AES-256), strict access controls, and regular security audits. Each business account’s data is logically isolated from all other accounts.

8. Data Retention & Account Deletion

Call recordings, transcripts, and summaries are retained according to your plan settings and any retention policies you configure. You can delete individual call records at any time.

You can request deletion of your account directly within the EnoDesk mobile app or web dashboard under Account > Security > Danger Zone. Account deletion requires password confirmation. Once initiated:

Your account is immediately deactivated and you are signed out
If you are the account owner, your subscription is cancelled and team members are notified; team member access is revoked after 7 days
All associated data — including call recordings, transcripts, personal information, and billing records — is permanently and irreversibly deleted within 30 days

9. Your Rights

Depending on your location, you may have the right to:

Access the personal data we hold about you
Correct inaccurate or incomplete data
Delete your personal data
Object to or restrict processing of your data
Export your data in a portable format
Withdraw consent at any time

To exercise any of these rights, contact us at privacy@eno-ai.com.

10. Cookies

We use essential cookies to maintain your session and preferences. We use analytics cookies (which you can opt out of) to understand how our service is used. We do not use advertising or tracking cookies.

11. Children’s Privacy

Our service is not directed to individuals under 18. We do not knowingly collect personal information from children. If we learn we have collected data from a child, we will delete it promptly.

12. International Data Transfers

Our servers are located in the United States. If you access our service from outside the US, your data will be transferred to and processed in the US. We ensure appropriate safeguards are in place for international transfers in compliance with GDPR and applicable data protection laws.

13. HIPAA Compliance

EnoDesk is designed to support HIPAA compliance for healthcare businesses. Business Associate Agreements (BAAs) are available upon request. Contact us at privacy@eno-ai.com for details.

14. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with additional rights regarding your personal information:

Right to Know — You may request details about the categories and specific pieces of personal information we have collected about you
Right to Delete — You may request deletion of your personal information, subject to certain exceptions
Right to Opt-Out of Sale — We do not sell your personal information. We have not sold personal information in the preceding 12 months
Right to Non-Discrimination — We will not discriminate against you for exercising any of your CCPA/CPRA rights

To exercise your California privacy rights, contact us at privacy@eno-ai.com or delete your account directly within the app.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.

16. Contact Us

If you have questions about this Privacy Policy, contact us at:

Email: privacy@eno-ai.com
Support: Contact page