Privacy Policy
Last updated: March 2026
At Orateur, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered receptionist service. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the service.
1. Information We Collect
We collect information that you provide directly to us, including: • Account Information: When you create an account, we collect your name, email address, phone number, and business information. • Payment Information: When you subscribe to our services, we collect billing information through our secure payment processor (Stripe). We do not store your full credit card numbers. • Call Data: Our AI receptionist processes incoming calls to your business. This includes caller information, call recordings (if enabled), transcriptions, and appointment details. • Business Data: Information about your services, scheduling preferences, calendar integrations, and customer database that you provide to customize your AI receptionist. • Usage Data: We automatically collect information about how you interact with our service, including log data, device information, and analytics.
2. How We Use Your Information
We use the information we collect solely to provide, maintain, and improve our AI receptionist service. Specifically: • Provide and operate our AI receptionist service, including handling incoming calls and scheduling appointments on your behalf • Process transactions and send related information • Send you technical notices, updates, and support messages • Respond to your comments, questions, and customer service requests • Monitor and analyze usage to improve the reliability and performance of our service • Detect, investigate, and prevent fraudulent transactions and abuse • Comply with legal obligations We do not use your data for purposes unrelated to providing or improving Orateur's functionality. We do not use your data for advertising, market research, or to build user profiles for third parties.
3. Third-Party AI Services
Orateur uses third-party artificial intelligence services to power its features. We want to be transparent about how these services process your data: • ElevenLabs: Our AI receptionist is powered by ElevenLabs' conversational AI technology. When our AI receptionist handles a phone call, call audio and conversation data are processed by ElevenLabs to provide voice interaction capabilities. Call transcripts, audio recordings, and conversation metadata may be stored by ElevenLabs. You can review ElevenLabs' privacy policy at https://elevenlabs.io/privacy-policy. • Vercel AI SDK: We use Vercel's AI SDK to power supplementary features such as analyzing your business website during onboarding, translating content, and providing recommendations. The AI SDK may route requests to third-party AI model providers (such as Google, OpenAI, or Anthropic) depending on the model selected. These features process limited data solely to provide or improve Orateur's functionality. You can review Vercel's privacy policy at https://vercel.com/legal/privacy-policy. We have data processing agreements with these providers. They are contractually prohibited from using your data for their own purposes, including training their AI models on your data. Data shared with these services is limited to what is necessary to provide the specific functionality described above.
4. Google API Services User Data
When you connect your Google account to Orateur (for example, to integrate Google Calendar), we access certain data through Google API Services. This section describes how we handle data obtained from Google APIs. Data we access from Google: • Google Calendar: We read your calendar events and availability to check for scheduling conflicts, and we create new calendar events when appointments are booked through our AI receptionist. • Google Account Profile: We access your basic profile information (name and email address) solely for authentication purposes when you sign in with Google. How we use Google user data: • Calendar data is used exclusively to provide appointment scheduling functionality within Orateur — checking your availability and creating appointments on your behalf. • Profile data is used exclusively for account authentication and identification. • We do not use Google user data for advertising, market research, or any purpose unrelated to providing or improving Orateur's core appointment scheduling functionality. Google API Services Limited Use Disclosure: Orateur's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically: • We only use Google user data to provide and improve Orateur's appointment scheduling features. • We do not transfer Google user data to third parties, except as necessary to provide or improve Orateur's functionality, as required by law, or as part of a merger/acquisition with adequate data protection. • We do not use Google user data for serving advertisements. • We do not allow humans to read Google user data unless: (a) we have your explicit consent, (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data is aggregated and anonymized for internal operations. You can revoke Orateur's access to your Google data at any time through your Google Account settings (https://myaccount.google.com/permissions). Upon revocation, we will stop accessing your Google data and delete any cached Google data within 30 days.
5. Microsoft API Services User Data
When you connect your Microsoft account to Orateur (for example, to integrate Microsoft Outlook Calendar), we access certain data through Microsoft Graph API. This section describes how we handle data obtained from Microsoft APIs. Data we access from Microsoft: • Microsoft Outlook Calendar: We read your calendar events and availability to check for scheduling conflicts, and we create new calendar events when appointments are booked through our AI receptionist. • Microsoft Account Profile: We access your basic profile information (name and email address) solely for authentication purposes when you sign in with Microsoft. How we use Microsoft user data: • Calendar data is used exclusively to provide appointment scheduling functionality within Orateur — checking your availability and creating appointments on your behalf. • Profile data is used exclusively for account authentication and identification. • We do not use Microsoft user data for advertising, market research, or any purpose unrelated to providing or improving Orateur's core appointment scheduling functionality. • We do not transfer Microsoft user data to third parties, except as necessary to provide or improve Orateur's functionality, as required by law, or as part of a merger/acquisition with adequate data protection. • We do not allow humans to read Microsoft user data unless: (a) we have your explicit consent, (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data is aggregated and anonymized for internal operations. You can revoke Orateur's access to your Microsoft data at any time through your Microsoft Account settings (https://microsoft.com/consent). Upon revocation, we will stop accessing your Microsoft data and delete any cached Microsoft data within 30 days.
6. Data Storage and Security
We use industry-standard security measures to protect your data: • All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption • We use secure cloud infrastructure with SOC 2 Type II compliance • Access to personal data is strictly limited to authorized personnel • We conduct regular security audits and vulnerability assessments • Call recordings and transcriptions are stored securely and retained according to your settings Data is primarily stored in secure data centers located in the United States and European Union, depending on your location and preferences.
7. Information Sharing and Disclosure
We do not sell your personal information. We may share your information in the following circumstances: • AI Service Providers: As described in Section 3, call data is processed by ElevenLabs to provide AI receptionist functionality, and limited data is processed via the Vercel AI SDK for supplementary features. • Calendar Integrations: When you connect your calendar (Google Calendar, Microsoft Outlook), appointment data is shared according to your integration settings, solely to provide scheduling functionality. • Payment Processing: Billing information is processed by Stripe solely for payment processing purposes. • Telephony: Phone numbers are provisioned through Twilio for call routing purposes. • Legal Requirements: We may disclose information if required by law, court order, or government request. • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, with adequate data protection safeguards. • With Your Consent: We may share information with your explicit consent for specific purposes. All third-party providers are contractually prohibited from using your data for their own purposes. We do not share your data with any third parties for advertising, marketing, or any purpose unrelated to providing or improving our service.
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to: • Keep you logged in to your account • Remember your preferences and settings • Analyze how our service is used • Improve our service based on usage patterns You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of our service. We use the following types of cookies: • Essential cookies: Required for the service to function • Analytics cookies: Help us understand how you use our service • Preference cookies: Remember your settings and preferences
9. Your Rights and Choices
Depending on your location, you may have the following rights: • Access: Request a copy of the personal data we hold about you • Correction: Request correction of inaccurate personal data • Deletion: Request deletion of your personal data (subject to legal retention requirements) • Portability: Request your data in a portable format • Objection: Object to certain processing of your personal data • Restriction: Request restriction of processing in certain circumstances To exercise these rights, please contact us at privacy@orateur.ai. We will respond to your request within 30 days. You may also: • Update your account information through your dashboard • Opt out of marketing communications • Delete call recordings and transcriptions • Revoke third-party integrations (Google, Microsoft) at any time • Export your data at any time
10. Security Measures
We implement comprehensive security measures including: • End-to-end encryption for all communications • Multi-factor authentication for account access • Regular security audits and penetration testing • Employee security training and background checks • Incident response procedures • Data processing agreements with all third-party service providers While we strive to protect your information, no method of transmission over the Internet is 100% secure. We encourage you to use strong passwords and enable two-factor authentication.
11. Children's Privacy
Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us at privacy@orateur.ai, and we will take steps to delete such information.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by: • Posting the new Privacy Policy on this page • Updating the "Last updated" date • Sending you an email notification for significant changes We encourage you to review this Privacy Policy periodically. Your continued use of the service after any changes constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us: Email: contact@cappsule.io If you have concerns about our privacy practices that we have not resolved, you have the right to lodge a complaint with your local data protection authority.