Privacy Policy

1. Overview

This Privacy Policy describes how RUU AI, operated by SAVOIR, together with its affiliates, service providers, and authorized personnel (“RUU,” “RUU AI,” “SAVOIR,” “we,” “us,” or “our”), collects, uses, discloses, retains, and protects Personal Data when you access or use our websites, dashboard, demo dashboard, AI Receptionist services, AI Calling Agent services, partner portal, calendar booking pages, call workflows, recordings, transcripts, account systems, support channels, and related products and services that link to this Privacy Policy.

RUU provides managed AI voice services for business call workflows. Because the Services may involve phone numbers, call recordings, transcripts, contact lists, lead information, business instructions, dashboard records, AI-generated outputs, payment information, and partner referral data, this Policy explains our privacy practices in detail.

By accessing or using the Services, creating an account, submitting a form, scheduling a demo, starting a trial or pilot, using a dashboard, connecting an integration, uploading contacts, using RUU-powered call workflows, or otherwise interacting with us, you acknowledge that you have read this Privacy Policy and understand the processing activities described here.

• RUU is a business-to-business managed AI voice provider.
• This Policy covers website, dashboard, partner portal, calls, recordings, transcripts, demo data, support, billing, and integrations.
• Additional agreements, including the Terms of Service or a Data Processing Addendum, may apply to business customers.

2. Scope and Relationship to Business Customers

This Policy applies to Personal Data that RUU processes in connection with its public website, marketing pages, forms, demo requests, partner pages, account dashboards, partner dashboards, call workflows, customer support, billing, security, analytics, and communications.

RUU may act as a controller, business, or equivalent responsible entity when we determine the purposes and means of processing Personal Data, such as when we process account registration information, billing records, website analytics, support communications, partner applications, sales inquiries, and direct customer relationship data.

RUU may act as a processor, service provider, contractor, or equivalent entity when we process Personal Data on behalf of a business customer according to that customer’s instructions, such as when a business customer uploads leads, call lists, customer records, scripts, business knowledge, or call workflows for RUU to process as part of the Services.

Where we process Personal Data on behalf of a business customer, that customer is responsible for providing required privacy notices, obtaining required consents, determining the lawful basis for processing, managing end-user requests, and ensuring that its use of RUU complies with applicable laws. In those cases, the business customer’s privacy policy may also apply to its end users, callers, leads, patients, customers, guests, buyers, sellers, or prospects.

• This Policy does not apply to third-party websites, calendars, CRMs, payment processors, or tools that do not link to this Policy.
• If you interact with RUU through a business that uses our Services, that business may control how your information is collected and used.
• If a separate written agreement conflicts with this Policy for business-customer processing, that written agreement controls for that conflict.

3. Definitions

For clarity, the following terms have the meanings below. Capitalized terms not defined in this Policy may have the meanings assigned to them in the RUU Terms of Service.

“Personal Data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked to an identified or identifiable person, household, device, or account, depending on applicable law.

“Customer Content” means data, files, prompts, instructions, contact lists, scripts, call flows, business knowledge, lead records, customer records, order data, CRM data, calendar data, or other materials submitted, uploaded, connected, transmitted, or made available by or on behalf of a customer.

“Call Data” means phone numbers, caller identifiers, call recordings, transcripts, summaries, dispositions, timestamps, call duration, call status, routing information, audio files, AI-generated responses, intent labels, sentiment indicators where enabled, call outcome tags, escalation notes, and other call-related metadata.

“RUU Platform Data” means operational, diagnostic, aggregated, de-identified, usage, telemetry, security, performance, and analytics data generated from the operation of the Services, excluding Customer Content in a form that directly identifies a person.

4. Information We Collect

We collect Personal Data from information you provide directly, information generated when you use the Services, information collected automatically, information received from business customers or partners, and information received from third-party service providers or integrations.

The categories of Personal Data we collect depend on how you interact with RUU, which Services you use, which plan or workflow is active, which integrations are connected, and whether you are a website visitor, account user, partner, caller, business customer, dashboard user, support contact, or end user of one of our customers.

• Account and contact information, such as name, company name, job title, email address, phone number, business address, country, login credentials, account role, notification preferences, and user profile details.
• Business and configuration information, such as industry, business type, call workflow needs, scripts, FAQs, service areas, opening hours, routing rules, escalation contacts, approved call instructions, and workflow preferences.
• Billing and transaction information, such as plan selection, subscription status, invoices, billing address, partial payment details, payment status, transaction dates, and tax-related information. Full card or bank details are generally processed by payment processors.
• Call, audio, recording, and transcript data, including call recordings, voice prompts, synthetic audio output, transcripts, call summaries, caller statements, outcomes, routing notes, and call metadata.
• Lead, customer, order, and contact data uploaded or connected by customers, including names, phone numbers, email addresses, order IDs, appointment requests, lead source, CRM fields, campaign lists, status labels, and notes.
• Partner and referral data, including partner applications, partner IDs, referral links, Cal booking links, referred leads, demo bookings, commission status, payout status, sales asset usage, and partner support requests.
• Support and communication data, including emails, chat messages, tickets, phone calls, form submissions, survey responses, meeting notes, and feedback.
• Device, usage, analytics, and log data, including IP address, browser, device type, operating system, pages viewed, features used, timestamps, referrer URLs, session activity, error logs, security events, and approximate location derived from IP address.

5. Call Recordings, Transcripts, Voice Data, and AI Outputs

RUU’s Services may process voice and call-related information in order to answer calls, place calls, follow up with leads, confirm orders, request appointment information, route inquiries, generate transcripts, prepare summaries, classify outcomes, support dashboards, improve service reliability, and provide managed call workflow visibility.

Call Data may include Personal Data and may include information about callers, recipients, business staff, customers, patients, guests, prospects, order recipients, buyers, sellers, service requesters, or other individuals who interact with RUU-powered workflows.

Where call recording, transcription, AI interaction disclosure, monitoring notice, or caller consent is required by law, the business customer that uses RUU is responsible for determining and implementing the required notices, consents, scripts, disclosures, and retention settings for its use case. RUU may provide configuration tools or recommended disclosure language, but the customer remains responsible for legal compliance.

AI-generated outputs, including transcripts, summaries, classifications, dispositions, recommendations, call notes, and routing decisions, may be incomplete, inaccurate, delayed, or affected by call quality, accent, background noise, interruptions, caller behavior, language, or third-party systems. Customers should review and validate outputs before using them for important business decisions.

• Call recordings may be stored to allow review, quality assurance, dispute resolution, dashboard visibility, support, and workflow improvement.
• Transcripts and summaries may be generated using automated tools and may contain errors.
• Call metadata may be used to diagnose latency, reliability, routing, telephony, and platform performance issues.
• Voice samples or reference audio, if provided for approved voice configuration, may be processed to configure voice-related features and should only be provided where the customer has lawful authority to do so.
• RUU does not intend the Services to be used for emergency response, medical diagnosis, legal advice, financial advice, or other high-risk determinations.

6. Customer Content and Business Data

Customers may provide Customer Content to RUU so that the Services can be configured for business-specific workflows. Customer Content may include scripts, FAQs, lead lists, contact lists, CRM records, order information, appointment details, business policies, pricing rules, escalation instructions, routing preferences, call objectives, and other business knowledge.

Customers are responsible for ensuring that they have the rights, permissions, consents, notices, and lawful basis required to provide Customer Content to RUU and to instruct RUU to process it. Customers should not provide sensitive, regulated, or unnecessary information unless it is appropriate for the workflow, lawful, and covered by the applicable plan or written agreement.

RUU processes Customer Content to provide, configure, support, secure, maintain, and improve the Services according to the customer relationship, account settings, service configuration, and applicable agreements.

7. Sources of Personal Data

We may collect Personal Data from you directly when you fill out forms, create an account, apply as a partner, book a meeting, submit a support request, upload data, connect an integration, provide payment information, or communicate with us.

We may collect Personal Data automatically through cookies, pixels, tags, SDKs, server logs, analytics tools, security tools, dashboard instrumentation, call infrastructure, telephony systems, and usage monitoring.

We may receive Personal Data from business customers, partners, telephony providers, calendar providers, authentication providers, payment processors, CRM integrations, ecommerce integrations, marketing vendors, analytics providers, public sources, and service providers acting on our behalf.

8. How We Use Personal Data

We use Personal Data for the purposes described in this Policy and as otherwise permitted by applicable law. Our use depends on the nature of the data, the relationship between the individual and RUU, the customer’s instructions where RUU acts as a processor, and the configuration of the Services.

We may use Personal Data to provide, operate, maintain, secure, configure, test, support, and improve the Services; create and manage accounts; authenticate users; process payments; provide dashboards; process calls; generate recordings, transcripts, summaries, and outcomes; support integrations; personalize configuration; respond to support requests; communicate about the Services; prevent fraud and abuse; comply with legal obligations; and enforce our agreements.

We may also use Personal Data to send administrative messages, security alerts, product updates, billing notices, subscription communications, partner communications, meeting reminders, support responses, marketing communications where permitted, and other service-related notices.

• Providing AI Receptionist and AI Calling Agent services.
• Configuring workflows, scripts, routing, escalation, and dashboard settings.
• Processing inbound and outbound calls, recordings, transcripts, summaries, and call outcomes.
• Operating demo dashboards, partner dashboards, login systems, and account management tools.
• Managing subscriptions, invoices, payment status, refunds where applicable, and billing communications.
• Maintaining security, preventing fraud, investigating misuse, enforcing terms, and protecting platform integrity.
• Improving latency, reliability, call quality, dashboard usability, workflow performance, and product functionality.
• Conducting analytics, measurement, forecasting, operational reporting, service diagnostics, and internal business planning.

9. Legal Bases for Processing

Where applicable law requires a legal basis for processing, we rely on one or more recognized legal bases depending on the context and jurisdiction.

These may include performance of a contract, such as providing the Services, managing accounts, processing subscriptions, and responding to support requests; legitimate interests, such as securing the platform, improving the Services, preventing abuse, communicating with business users, and operating our business; consent, such as where required for certain cookies, marketing communications, call recording, AI voice processing, or optional features; compliance with legal obligations, such as tax, accounting, fraud prevention, lawful requests, and regulatory requirements; and protection of rights, safety, or vital interests where applicable.

10. AI Systems, Model Improvement, and Service Development

RUU may use data to test, monitor, evaluate, secure, debug, improve, and develop AI systems, speech systems, transcription systems, classification tools, dashboards, workflow logic, and related service features. Where feasible, we use aggregated, de-identified, pseudonymized, or minimized data for service improvement.

The availability of opt-outs, data-use restrictions, model-improvement exclusions, or customer-specific data handling terms may depend on your plan, settings, jurisdiction, and written agreement with RUU. Where a customer’s written agreement restricts model-training or improvement use, we will process data in accordance with that agreement.

We do not intend to use Customer Content or Call Data in a manner that publicly identifies a customer, caller, or end user without permission. We may use Platform Data and de-identified information for analytics, benchmarking, product improvement, security, quality assurance, and business operations.

11. Cookies, Pixels, and Similar Technologies

We use cookies and similar technologies to operate the website, remember preferences, authenticate sessions, secure accounts, measure performance, understand usage, improve the Services, support marketing, and analyze traffic.

Cookies may be strictly necessary, functional, performance or analytics-related, advertising or targeting-related, or security-related. Some cookies are essential and cannot be disabled through a preference tool because the Services may not work without them.

Depending on your location and applicable law, you may be able to manage non-essential cookies through a cookie banner, preference center, browser settings, device settings, or third-party opt-out tools. If you disable cookies, some parts of the website or dashboard may not function properly.

12. How We Disclose Personal Data

We may disclose Personal Data to service providers, processors, contractors, telephony carriers, cloud infrastructure providers, payment processors, analytics providers, security vendors, support tools, communication tools, professional advisors, affiliates, business customers, partners, and other parties as described in this Policy and permitted by law.

We do not sell Personal Data in the conventional sense of selling customer lists for money. However, privacy laws may define “sale,” “sharing,” or “targeted advertising” broadly. If our use of analytics or advertising technologies is considered a sale, sharing, or targeted advertising under applicable law, you may have the right to opt out as described in this Policy or through available preference tools.

We may disclose Personal Data when required by law, subpoena, court order, legal process, regulatory request, enforcement request, or to protect the rights, safety, security, property, and operations of RUU, users, customers, callers, end users, service providers, or the public.

• Service providers and processors that help us provide hosting, storage, support, billing, analytics, security, telephony, email, communications, and operational services.
• Telephony and communications providers that route, connect, record, transmit, or support calls and call metadata.
• Business customers and account administrators where an individual uses the Services under that customer’s account or interacts with a RUU workflow configured for that customer.
• Partners or referral systems where a prospect uses a partner link, partner calendar page, partner referral code, or partner booking flow.
• Professional advisors, such as lawyers, auditors, accountants, insurers, consultants, and financial advisors.
• Counterparties in connection with a merger, acquisition, financing, reorganization, sale of assets, insolvency, or similar corporate transaction.
• Third parties when you direct us to share information, connect an integration, or authorize disclosure.

13. Business Customers, Administrators, and End Users

If you use the Services through an organization, your account administrator or business customer may be able to access, export, delete, restrict, configure, or otherwise manage information associated with your account, workspace, calls, recordings, transcripts, settings, and usage.

If you are an end user, caller, lead, patient, guest, buyer, seller, or customer of a business that uses RUU, that business may determine the purposes for which your Personal Data is processed. RUU may process your information on behalf of that business, and requests relating to your information may need to be directed to that business unless RUU is independently responsible for the processing at issue.

Business customers are responsible for determining whether they need to provide call notices, privacy notices, call recording disclosures, AI disclosure statements, consent mechanisms, opt-out mechanisms, or other information to their end users.

14. Partner Portal, Referral, and Commission Data

If you apply for or participate in the RUU Partner Program, we may collect and process partner profile information, agency details, website information, client verticals, partner status, partner tier, partner ID, referral code, unique booking link, referred leads, lead status, demo bookings, commission eligibility, estimated commission, payout status, support requests, and sales-asset usage.

We use partner data to operate the partner portal, verify partner eligibility, attribute referrals, manage leads, track demo bookings, calculate commission estimates, validate payouts, prevent fraud, provide sales assets, communicate with partners, and enforce partner terms.

Partner dashboards may display information about referred businesses or leads where appropriate for attribution and sales tracking. Partners must use that information only for authorized partner activities and in accordance with applicable law and partner terms.

15. Payments, Billing, and Financial Information

If you purchase a subscription, pilot, production activation, setup, or other paid service, payment information may be processed by third-party payment processors. RUU may receive transaction details, subscription status, billing address, invoice information, tax information, partial payment details, and payment status information, but we generally do not store complete card numbers or full bank account credentials unless expressly stated by the payment processor or required for a specific method.

We use billing and transaction information to process payments, manage subscriptions, issue invoices, prevent fraud, resolve billing disputes, enforce terms, calculate revenue, handle taxes, and maintain accounting records.

16. Data Retention

We retain Personal Data for as long as reasonably necessary to provide the Services, maintain accounts, support customers, comply with legal obligations, resolve disputes, enforce agreements, prevent fraud, protect security, conduct audits, maintain business records, or fulfill the purposes described in this Policy.

The retention period depends on the category of data, account status, customer instructions, plan settings, retention configuration, legal requirements, the nature of the Services, the existence of disputes or investigations, and operational needs.

Call recordings and transcripts may be retained according to customer settings, plan limits, agreement terms, default retention periods, backup schedules, or legal requirements. Business customers may be able to configure or request deletion of certain Call Data, subject to technical limitations, retention settings, legal obligations, and backup processes.

When Personal Data is no longer needed, we may delete, anonymize, aggregate, or otherwise process it in accordance with our retention practices and applicable law. Residual copies may remain in backups or logs for a limited period.

17. Security

We implement reasonable administrative, technical, and organizational measures designed to protect Personal Data against unauthorized access, loss, misuse, alteration, disclosure, and destruction. These measures may include access controls, authentication controls, encryption in transit or at rest where appropriate, logging, monitoring, backup practices, network protections, vendor review, internal policies, and employee or contractor access limitations.

No method of transmission, storage, processing, or security control is completely secure. We cannot guarantee absolute security. Customers and users are responsible for maintaining credential security, limiting dashboard access, configuring integrations appropriately, reviewing access permissions, and promptly notifying RUU of suspected unauthorized use.

18. International Transfers

RUU may process and store Personal Data in India and in other countries where RUU, its affiliates, infrastructure providers, telephony providers, AI providers, support vendors, payment processors, or other service providers operate. These countries may have privacy laws that differ from those in your location.

Where required by applicable law, we use appropriate safeguards for international transfers, which may include contractual protections, standard contractual clauses, data processing agreements, transfer assessments, vendor obligations, or other recognized mechanisms.

By using the Services or providing Personal Data to RUU, you understand that Personal Data may be transferred to, processed in, and accessed from countries outside your country of residence, subject to applicable safeguards.

19. Your Privacy Rights and Choices

Depending on your location and applicable law, you may have rights with respect to your Personal Data. These may include the right to access, confirm processing, receive a copy, correct, delete, restrict processing, object to processing, withdraw consent, request portability, opt out of certain marketing, opt out of certain sale/sharing/targeted advertising activities, or lodge a complaint with a data protection authority.

You may exercise certain rights through account settings where available. For other requests, contact us using the information in the Contact section. We may need to verify your identity, authority, account relationship, or request details before responding. We may deny or limit requests where permitted by law, including where fulfilling the request would impair another person’s rights, reveal confidential information, interfere with legal obligations, affect security, or conflict with a business customer’s instructions.

If RUU processes your information on behalf of a business customer, we may direct your request to that customer or process it according to that customer’s instructions.

20. Marketing Communications

We may send marketing communications about RUU products, services, events, partner opportunities, guides, demos, pricing, pilots, and related content where permitted by law. You may opt out of marketing emails by using the unsubscribe link in the email or contacting us.

Even if you opt out of marketing communications, we may still send transactional, administrative, security, billing, legal, support, account, service, or operational messages.

21. Children’s Privacy

The Services are intended for businesses and individuals who are at least 18 years old or the age of majority in their jurisdiction. RUU does not knowingly collect Personal Data from children under 18. If we learn that we have collected Personal Data from a child without required authorization, we will take reasonable steps to delete it.

22. Third-Party Services, Integrations, and Links

The Services may link to or integrate with third-party websites, applications, calendars, payment processors, CRM systems, ecommerce platforms, telephony systems, analytics tools, authentication providers, and other services. This Policy does not apply to third-party services unless they process Personal Data on our behalf as service providers.

Your use of third-party services may be governed by their own terms and privacy policies. RUU is not responsible for the privacy, security, or content practices of third-party services that are not controlled by RUU.

23. Regional Privacy Notices

Additional rights and disclosures may apply depending on your location. This section is intended to supplement, not limit, the rest of this Policy.

For individuals in the European Economic Area, United Kingdom, Switzerland, or similar jurisdictions, RUU may process Personal Data as a controller or processor depending on the context. Legal bases may include contract, legitimate interests, consent, legal obligation, and protection of rights. You may have rights to access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and complaint to a supervisory authority.

For individuals in India, where applicable, RUU may process digital personal data in accordance with applicable Indian privacy laws, including principles relating to notice, consent where required, lawful use, security safeguards, grievance handling, and rights available under applicable law.

For individuals in U.S. states with comprehensive privacy laws, you may have rights to access, correct, delete, receive a copy, opt out of certain processing, and appeal certain decisions, subject to applicable exceptions. If RUU engages in activities deemed sale, sharing, or targeted advertising under applicable law, you may have the right to opt out.

24. Sensitive Information and Regulated Workflows

RUU is designed for business call workflows, not for emergency services, medical diagnosis, legal advice, financial advice, insurance determinations, credit decisions, employment decisions, housing decisions, or other high-risk determinations unless expressly approved in writing and configured under appropriate legal, contractual, and operational controls.

Customers should not submit or cause RUU to collect sensitive information unless it is necessary, lawful, covered by appropriate notices and consents, supported by the applicable plan or agreement, and approved for the workflow. Sensitive information may include health information, financial account information, government identifiers, precise geolocation, biometric information, payment card data, protected classifications, children’s data, or similarly regulated information.

25. Browser Signals and Opt-Out Mechanisms

Some browsers offer “Do Not Track” signals, and some jurisdictions recognize browser-based opt-out signals such as Global Privacy Control for certain activities. Where required by applicable law and technically feasible, we will honor legally recognized opt-out signals for activities subject to those requirements.

Because standards for browser signals vary, our response may depend on the signal, jurisdiction, device, browser, and processing activity. You may also manage cookies through browser settings or available preference tools.

26. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our Services, technologies, data practices, legal requirements, business operations, or other factors. When we update the Policy, we will revise the Last Updated date above.

If we make material changes, we may provide additional notice, such as by posting a notice on the website, displaying a dashboard notice, sending an email, or using another reasonable method. Your continued use of the Services after the updated Policy becomes effective means that you acknowledge the updated Policy.

27. Contact and Privacy Requests

If you have questions about this Privacy Policy, our privacy practices, data protection, or your rights, contact RUU using the details below.

Privacy Contact: privacy@ruu.savoir.ltd

Website: https://ruu.savoir.ltd/

If you submit a privacy request, please include enough information for us to verify your identity, understand your relationship with RUU, identify the relevant account or customer, and process the request. If your request concerns data processed on behalf of a RUU business customer, we may refer your request to that customer or process it according to their instructions.