Privacy Policy

Effective date: 1 April 2026

1. Who We Are

TeleMate AI ("we", "us", "our") operates the website tmai.com.au and provides an AI-powered phone receptionist service for Australian businesses. We are operated from Australia and comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

2. Information We Collect

  • Business details — business name, address, phone number, services offered, operating hours, and greeting preferences.
  • Call recordings & transcripts — audio recordings and AI-generated transcripts of inbound calls handled by our service.
  • Caller information — caller name (when provided), phone number, and the content of their conversation.
  • Payment information — billing details processed securely through Stripe. We do not store credit card numbers on our servers.
  • Account credentials — email address and authentication data used to secure your account.

3. How We Use Your Information

  • To provide the AI receptionist service — answering calls, capturing messages, and transferring calls as configured.
  • To send SMS notifications to you and/or your callers when configured (e.g., missed-call summaries, appointment confirmations).
  • To capture booking requests and forward them to your reception team for manual confirmation.
  • To process subscription payments and manage billing.
  • To improve the service, troubleshoot issues, and develop new features.
  • To comply with legal obligations and enforce our Terms of Service.

4. Third-Party Service Providers

We share data with the following third-party providers solely to operate our service. Each provider is bound by their own privacy policies and data protection agreements:

  • Stripe — payment processing and subscription management (United States).
  • Twilio — phone number provisioning, call routing, and SMS delivery (United States).
  • LiveKit — real-time voice infrastructure for AI call handling (India / United States).
  • Supabase — secure database hosting and authentication (United States).
  • OpenAI — AI language model powering our conversational receptionist (United States).
  • Cartesia — text-to-speech voice generation for AI responses (United States).
  • Deepgram — speech-to-text transcription of caller audio (United States).

We do not sell your personal information to any third party.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS) and at rest, role-based access controls, and regular security reviews. However, no method of transmission or storage is 100% secure and we cannot guarantee absolute security.

7. Data Retention

  • Call recordings and transcripts are retained for 90 days from the date of the call, or for the duration of your active subscription (whichever is longer), and are permanently deleted within 30 days of account closure.
  • Caller information (name, phone number, conversation content) is retained for the duration of your active subscription and deleted within 30 days of account closure.
  • Business configuration data (greeting preferences, business details, calendar tokens) is deleted within 30 days of account closure.
  • Financial and billing records (invoices, payment history) are retained for 7 years from the date of the transaction, as required under the Corporations Act 2001 (Cth) and Australian tax law.
  • Following account deletion, all associated call data, business configurations, and stored tokens (including Google OAuth tokens) are permanently deleted within 30 days, except for financial records as noted above.

8. Cross-Border Data Transfers

Under Australian Privacy Principle 8 (APP 8) of the Privacy Act 1988, we disclose that personal information collected by TeleMate AI is transferred to and processed by our service providers located overseas. This includes:

  • United States — Stripe, Twilio, Google, Supabase, OpenAI, Cartesia, Deepgram, and LiveKit (US infrastructure).
  • India — LiveKit inference infrastructure (Mumbai region), which processes real-time voice data during calls.

Before disclosing personal information to overseas recipients, TeleMate AI takes reasonable steps to ensure that those recipients handle personal information consistently with the APPs, including by entering into data processing agreements with our providers.

By using the Service, you acknowledge that your personal information (and caller information collected during calls on your behalf) will be transferred to and processed by these overseas recipients as described in this Policy.

9. Notifiable Data Breaches

TeleMate AI is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988. If we become aware of an eligible data breach that is likely to result in serious harm to any individual whose information is involved, we will:

  • Assess the breach as quickly as possible, and within 30 days of becoming aware of grounds to suspect a breach.
  • Notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required by the NDB scheme.
  • Take remedial action to reduce the risk of harm where possible.

If you suspect a data breach involving your account or your callers' data, please contact us immediately at info@tmai.com.au. We take all breach reports seriously and will investigate promptly.

10. Health Information (Radiology Customers)

If you subscribe to a radiology plan, callers may disclose health information during calls handled by TeleMate AI. The v1 workflow is limited to safe callback capture and operational questions, and we recognise that health information requires heightened protection.

  • Health information collected during calls is treated with the same protections as all personal information under this Policy, and additionally with regard to applicable health privacy legislation including the Health Records Act 2001 (Vic) and the Health Records and Information Privacy Act 2002 (NSW).
  • TeleMate AI does not use health information disclosed during calls for any purpose other than providing the receptionist service to your practice.
  • Health information is not used to train AI models, shared with third parties for marketing, or otherwise processed beyond what is necessary to provide the Service.
  • As the health service provider deploying TeleMate AI, you (the Customer) are responsible for ensuring your use of the Service complies with your obligations under the applicable health privacy legislation, including providing appropriate notice to patients about how their information is handled.

For questions about how health information is handled, contact us at info@tmai.com.au.

11. Your Rights

Under the Australian Privacy Act 1988, you have the right to:

  • Access — request a copy of the personal information we hold about you.
  • Correction — request correction of inaccurate or incomplete information.
  • Deletion — request deletion of your personal information (subject to legal retention requirements).
  • Complaint — lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached.

To exercise any of these rights, contact us at info@tmai.com.au. We will respond within 30 days.

12. Cookies & Analytics

We use essential cookies to maintain your session and authentication state. We may use analytics tools to understand how our website and dashboard are used. You can manage cookie preferences through your browser settings.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice on our website. Your continued use of the service after changes take effect constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or how we handle your data, please contact us:

Email: info@tmai.com.au

Website: tmai.com.au