loader image

supporthive.ai

menu
Login
contact us
menu

Privacy Policy

Because your data is your business, not ours. Last Updated: March 2026

Transparency First

At Support Hive, we believe transparency is the foundation of great AI. Here is a simple breakdown of how we handle your information.

What We Do

Protect your Voice: We process audio in real-time to help your AI understand and respond to callers.

Keep it Private: We use industry-leading AES-256 encryption to ensure your data is for your eyes only.

Give you Control: You can view, download, or delete your transcripts and recordings at any time.

What We DON'T Do

Sell your Data: We never sell your business info, call logs, or transcripts to third parties. Period.

Train others with your data: Your unique business data is never used to train AI models for other companies.

Hide our Identity: Our AI agents always identify themselves as AI, ensuring every interaction is honest.

The Essentials

  • Recording Retention: Call audio is automatically deleted after 60 days unless you specify a shorter window.
  • Transcript Retention: Text transcripts are kept for 12 months so your team can review past interactions.
  • Security: We use the same level of encryption as global banks to keep your conversations secure.
  • Compliance: We are fully aligned with UK GDPR and TCPA regulations for outbound calling.

Your Rights in the Hive

You are always in the driver's seat. Through your Hive Control Centre, you can:

  1. Request a copy of all data we hold about your business.
  2. Correct any errors in your AI's knowledge base.
  3. Delete your account and all associated data permanently.

Full Privacy Policy

Last Updated: April 2, 2026

1. Introduction

Support Hive AI Ltd ("we", "our", or "us") is committed to protecting your privacy through "Data Protection by Design." This policy outlines how we collect, use, and safeguard information in connection with our AI agents and related services (collectively, the "Service"). By using our Service, you acknowledge the practices described herein.

2. Information We Collect

We collect only the minimum data necessary to provide high-fidelity automated services:

  • Account Information: Name, email, business credentials, and billing details.
  • Voice & Communication Data: Real-time audio recordings and transcripts from inbound/outbound calls. Note: Voices are processed as biometric data for the sole purpose of speech-to-text conversion.
  • Contextual Data: Messaging logs, email content, and metadata (timestamps, caller ID) used to maintain conversation "memory."
  • Integration Data: Metadata and access tokens for third-party tools (e.g., Calendly, Salesforce).
  • Google Account Data: When you connect your Google account via OAuth, we access the following:
    • Email Address & Profile (userinfo.email, userinfo.profile): Used solely to authenticate you into the SupportHive admin dashboard via Google sign-in.
    • Gmail — Send Only (gmail.send): Used to send transactional emails (order confirmations, reservation confirmations, receipts) to your customers on your behalf. We never read, search, modify, or delete your emails. We do not access your inbox, drafts, or any other Gmail data.
    • Google Calendar (calendar, calendar.events): Used to check your calendar availability and create reservation or appointment events on your behalf during live phone calls. We never delete your calendars. Access is limited to reading availability and creating/editing events.

3. How We Use Your Data

We process data under the lawful bases of Contractual Necessity and Legitimate Interests:

  • AI Agency: Powering dynamic conversations and executing tasks (e.g., booking appointments).
  • Service Improvement: We use de-identified and aggregated transcripts to improve AI accuracy. We do not use your specific business data to train foundational models for other clients.
  • Automated Decision-Making: Our AI may make "Limited Risk" automated decisions (e.g., scheduling). You have the right to request human intervention for any decision with significant effects.
  • Google Data Usage: Google account data is used exclusively for the purposes described in Section 2. Specifically:
    • Gmail send access is used only to deliver transactional emails to your customers.
    • Calendar access is used only to manage reservations and appointments.
    • Google data is never used for advertising, profiling, market research, or any purpose unrelated to delivering the Service.

4. Data Sharing & Sub-Processors

We do not sell your data. To deliver the Service, we share data with vetted sub-processors under strict Data Processing Agreements (DPAs):

  • AI Intelligence: OpenAI, Deepgram, and ElevenLabs (Real-time inference only).
  • Telephony: Twilio (Call routing and SMS).
  • Infrastructure: AWS (Secure cloud hosting with AES-256 encryption).
  • International Transfers: For data moving outside the UK/EEA (e.g., to US-based AI providers), we utilise the UK-US Data Bridge and Standard Contractual Clauses (SCCs) to ensure equivalent protection.

We do not transfer Google user data to third parties except as strictly necessary to provide the Service (e.g., sending an email via the Gmail API). We do not allow third parties to use your Google data independently.

5. Google API Services — Limited Use Disclosure

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google data for the purposes explicitly described in this policy.
  • We do not transfer Google data to others unless necessary to provide or improve the Service, to comply with applicable laws, or as part of a merger/acquisition with equivalent privacy protections.
  • We do not use Google data for serving advertisements.
  • We do not allow humans to read your Google data unless: (a) you have given explicit consent, (b) it is necessary for security purposes (e.g., investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data is aggregated and anonymised for internal operations.

6. Retention & Deletion

In accordance with the principle of Storage Limitation:

  • Audio Recordings: Automatically deleted after 60 days unless a client specifies a shorter window.
  • Transcripts: Retained for 12 months to facilitate service continuity and quality audits.
  • Google OAuth Tokens: Retained only while your Google account is connected. Tokens are permanently deleted when you disconnect your Google account or delete your SupportHive account.
  • Google Calendar & Gmail Data: We do not store copies of your emails or calendar events. Data is accessed in real-time via the Google API and is not cached or retained on our servers beyond the immediate transaction.
  • User Rights: You may exercise your rights to Access, Rectification, Erasure, or Portability via the "Hive Control Centre" or by emailing privacy@supporthive.ai. We honour all requests within 30 days.
  • Revoking Google Access: You can disconnect your Google account at any time from the SupportHive Integrations page, or directly from your Google Account Permissions. Upon disconnection, all stored tokens are immediately deleted.

7. Outbound Compliance (TCPA & FCC)

For outbound AI services, we maintain strict adherence to 2026 regulations:

  • Explicit Consent: We require "Prior Express Written Consent" for all AI-generated outbound calls.
  • Revocation (Opt-Out): We honour "STOP" or verbal opt-out requests across all channels within 10 business days.
  • Identification: Our agents clearly identify themselves as "Artificial Intelligence" at the start of every call.

8. Security Measures

We implement industry-leading safeguards:

  • Encryption: TLS 1.3 for data in transit; AES-256 for data at rest.
  • Anonymization: Automated PII (Personally Identifiable Information) redaction tools can be enabled to scrub sensitive data from transcripts.
  • Access Controls: Role-based permissions and multi-factor authentication for all platform access.
  • Incident Response: We maintain a 72-hour breach notification protocol in compliance with UK GDPR Article 33.
  • Google Token Security: OAuth tokens are stored encrypted and access is restricted to the application service layer only.

9. Contact Us

If you have questions about this Privacy Policy, your data, or how we use your Google account data, please get in touch:

Support Hive AI Ltd Email: privacy@supporthive.ai
Website: supporthive.ai

Revolutionise business communication through AI

Solutions

Features Library

Use Cases


Smart Response Agent
AI Receptionist Agent
Brand Representative Agent
Tele Sales Specialist Agent

Account Management
Call Routing
Appointment Scheduling
Billing and Payments
Booking and Reservation
Order Management
Quotation and Invoice
Trouble Shooting
Feedback and Survey collection
Order Tracking and Status Update

Restaurants
Takeaways
Car Dealerships
Real Estate
Dentists
Moorgate Advisors
SME’s
DIY Traders
Salons

Solutions

Features Library

Smart Response Agent
AI Receptionist Agent
Brand Representative Agent
Tele Sales Specialist Agent

Account Management
Call Routing
Appointment Scheduling
Billing and Payments
Booking and Reservation
Order Management
Quotation and Invoice
Trouble Shooting
Feedback and Survey collection
Order Tracking and Status Update

Use Cases


Restaurants
Takeaways
Car Dealerships
Real Estate
Dentists
Moorgate Advisors
SME’s
DIY Traders
Salons

Supporthive

  • Billing & Payment

Cost breakdowns and billing insights

  • Analysis

it’s a birds eye overview of the complete service along with key insights.

  • Document Hub

The policies, procedures and order of service the AI agent should follow when representing your business.

  • Agent Training

Train your agent the way you wan it to represent your business.

  • Call Alert Hub

Provides complete customer conversation, detailed transcript, and voice playbacks.