Data Processing Agreement

1. Roles and scope

This DPA applies where Flyvoice processes personal information on the Customer’s behalf in providing the Service. The Customer determines the purposes and means (Controller); Flyvoice processes only on the Customer’s documented instructions (Processor), which include these Terms and use of the product’s configuration.

2. Details of processing

Subject matterProvision of AI voice calling, qualification, booking, feedback, and analytics.
DurationThe term of the Customer’s subscription, plus limited retention per clause 8.
Nature & purposePlacing/receiving calls; recording and transcribing; scoring; storing lead, booking, and response records; reporting.
Types of dataContact details, call audio and transcripts, call metadata, enquiry details, and any information volunteered on a call.
Data subjectsThe Customer’s leads, customers, and other individuals it calls or that call it.

3. Flyvoice’s obligations

4. Customer’s obligations

The Customer warrants it has a lawful basis and any required consent to provide the personal information and to have Flyvoice process it, including consent for call recording and AI disclosure. The Customer is responsible for the accuracy and legality of its instructions, scripts, and data.

5. Sub-processors

The Customer authorises Flyvoice to engage sub-processors (including voice/AI, telephony, and hosting providers) listed at [sub-processors URL]. Flyvoice imposes data-protection terms on sub-processors no less protective than this DPA and remains responsible for their performance. Flyvoice will give notice of new sub-processors and the Customer may reasonably object.

6. Overseas transfers

Where processing occurs outside Australia, Flyvoice takes reasonable steps to ensure an equivalent level of protection consistent with APP 8. Locations: [countries].

7. Security incidents

Flyvoice will notify the Customer without undue delay after becoming aware of a data breach affecting the Customer’s personal information, and will provide information reasonably available to help the Customer meet its Notifiable Data Breaches obligations.

8. Return and deletion

On termination, Flyvoice will, at the Customer’s choice, return or delete Customer personal information within [N] days, except where retention is required by law. The product provides self-service export and deletion controls.

9. Audit

On reasonable prior notice and no more than [once per year] (or after a breach), Flyvoice will provide reasonable information to allow the Customer to verify compliance, subject to confidentiality and security constraints.

10. Precedence

If this DPA conflicts with the Terms of Service on the processing of personal information, this DPA prevails to the extent of the conflict.

11. Contact

Data protection: [privacy email].