Privacy Policy
Effective Date: 2 June 2026
FrontDeskAgency (operated by Hayden James Beaven, Sole Trader trading as FrontDeskAgency) is committed to protecting the privacy of our clients and their customers in full compliance with the Privacy Act 2020 (NZ), including the Information Privacy Principles (IPPs) and the Privacy Amendment Act 2025.
1. Information We Collect
We collect the following types of personal information:
Client Business Information (KYC / Verification)
- Business registration details (e.g. New Zealand Companies Register extract)
- Proof of address documents (tax notice, utility bill, lease, title deed, bank statement, etc.)
- Phone numbers and related verification materials
Call Data
- Call recordings (if enabled)
- Transcripts, logs, caller numbers, booking details, enquiries, and issues
- End-customer personal information collected during AI-handled calls (including names, phone numbers, email addresses, and booking preferences)
Website and Technical Data
- IP address, browser type, device information, pages visited, and usage statistics
- Enquiries submitted through our website contact forms
2. Purposes of Collection
- Verifying your identity and legitimate control of phone numbers (KYC / telecom compliance)
- Delivering the AI receptionist service (24/7 call answering, automated booking, payment holds, spam screening, etc.)
- Storing customer contact data in Airtable for your marketing and promotional use
- Providing support, troubleshooting, analytics, reports, and dashboard access
- AI training, quality assurance, and service improvement
- Security, fraud prevention, and meeting legal/telecom obligations
- Responding to website enquiries
3. How We Collect Information
Directly from you during signup and service setup. Indirectly from your customers when our AI handles calls on your behalf. Where personal information is collected indirectly, we take reasonable steps to notify individuals (where practicable) that their call is being managed by an AI system operated by FrontDeskAgency for the Client.
4. Use and Disclosure
We use and disclose personal information only for the purposes for which it was collected, or with your consent, or as required by law. We do not sell, rent, or disclose Call Data or customer contact information to third parties for marketing or unrelated purposes. Disclosure may occur to:
- Trusted service providers (e.g. Twilio, Airtable, AWS, Stripe) under strict data processing agreements
- Courts, regulators, or law enforcement when legally compelled
- Professional advisers where necessary for our legitimate interests
5. Security and Storage
All data is stored on encrypted AWS servers in Sydney and Frankfurt with encryption at rest and in transit. We maintain reasonable technical and organisational security measures consistent with Privacy Principle 5. If a privacy breach occurs that is likely to cause serious harm, we will notify the Office of the Privacy Commissioner and affected individuals as required by law.
6. Retention of Personal Information
- Call recordings (if enabled): 6 months (default)
- Call logs and transcripts: 24 months
- Client KYC / business verification documents: Duration of the relationship + 7 years
- Customer contact data in Airtable: Retained until you request deletion or the service agreement is terminated
7. Access, Correction and Data Subject Rights
You and your customers have the right to access personal information we hold, request correction of inaccurate information, and request deletion (subject to legal retention requirements). Requests should be made in writing. We will respond within 10 working days where reasonably practicable.
8. Cross-Border Disclosure
Personal information may be transferred to and stored in Australia and Germany. We ensure appropriate safeguards are in place through contractual measures or other approved mechanisms.
9. Marketing Use of Customer Data
Email addresses and contact details collected during calls are stored for your direct marketing purposes only. As the data controller for this information, you are solely responsible for ensuring your marketing activities comply with the Unsolicited Electronic Messages Act 2007 and the Privacy Act 2020.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be notified on our website and, where appropriate, by email.
11. Contact Us
Privacy Officer: Hayden James Beaven, FrontDeskAgency
Email: staff@frontdesk-agent.com
Phone: 020 4019 5202
You also have the right to complain to the Office of the Privacy Commissioner at privacy.org.nz.