// Legal

Privacy Policy

Last updated: 15 May 2026 · Effective immediately

Plain English summary

Zentro provides an AI receptionist service to UK businesses. To do this, we and our service providers process personal data of (a) you, our business customer, and (b) the people who call your business. We take privacy seriously, we don't sell data to third parties, and you remain in control of your customers' information at all times.

1. Who we are

This Privacy Policy applies to Zentro ("we," "us," "our"), an AI receptionist service operated in the United Kingdom. For the purposes of UK GDPR and the Data Protection Act 2018, Zentro acts as a data controller in respect of personal data about our business customers and as a data processor in respect of personal data about callers to our customers' phone lines.

2. Information we collect

2.1 Information about our customers

When you sign up for Zentro, we collect:

Business name, contact name, business email address, and phone number
Billing details and payment information (processed securely by Stripe)
Account configuration details: business hours, services, FAQs, calendar credentials
Communications you send to us
Usage data: how you interact with our service

2.2 Information about callers

When someone calls a phone line connected to Zentro, we process on your behalf: caller phone number, audio of the call, transcript, information the caller provides, and call metadata (date, time, duration).

3. How we use your information

We use information to provide and maintain the Service, process payments, configure your AI receptionist, communicate about your account, detect fraud, and comply with legal obligations. We do not use caller data to train general AI models, sell to third parties, or for any purpose outside of providing the service.

4. Sharing your information

We share information only as needed to operate the service: with sub-processors (voice AI infrastructure, telephony providers, cloud hosting, payment processing, our CRM platform), for legal compliance, or in business transfers. We do not sell personal data.

No mobile information, including text messaging originator opt-in data and consent, will be shared with any third parties or affiliates for marketing or promotional purposes. This information is only shared with aggregators and providers of the text messaging service strictly to deliver the service.

5. Data retention

Account data: kept while your account is active and up to 24 months after closure
Call recordings: retained for your chosen duration (default 12 months), then deleted
Billing records: retained for 6 years (UK tax requirements)

6. Your rights

Under UK GDPR you have the right to access, rectify, erase, restrict processing of, or port your personal data. You can also object to processing, withdraw consent, and complain to the Information Commissioner's Office (ICO) at ico.org.uk. Contact us at privacy@zentroai.uk to exercise these rights.

7. Security

We encrypt data in transit and at rest, maintain access controls, regularly review sub-processors, and have incident response procedures. In the unlikely event of a breach, we'll notify you and the ICO as required.

8. Changes to this policy

We may update this policy from time to time. For material changes, we'll notify you by email. Continued use after changes constitutes acceptance.

Contact us

Email: privacy@zentroai.uk
Post: [Your registered business address, UK]
ICO: If we cannot resolve your complaint, contact the Information Commissioner's Office at ico.org.uk or 0303 123 1113.

← Back to home