LiveTok LogoLiveTok

Privacy Policy

Last Updated: December 19, 2025

LiveTok ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our AI-powered communication platform and services.

1. Information We Collect

1.1 Information You Provide Directly

  • Account Information: Name, email address, password (hashed), and role when you create an account
  • Team Information: Team name, member details, and invitation emails
  • Payment Information: Billing details processed through Stripe (we do not store full credit card numbers)
  • AI Agent Configuration: Agent names, prompts, tone preferences, voice settings, language, business context, office hours, timezone, and custom customer profile fields
  • Documents and Content: Files you upload for AI training, website URLs for crawling, and knowledge base content
  • Communication Data: Phone numbers, WhatsApp business account details, conversation transcripts, and session summaries
  • Customer Data: Phone numbers and display names of end-users who interact with your AI agents

1.2 Information Collected Automatically

  • Usage Data: Browser type and version, pages visited, time and date of visits, time spent on pages
  • Activity Logs: Account actions, team member activities, and timestamps
  • Session Data: Conversation duration, number of turns, transcriptions, tags, summaries, and metadata from AI agent interactions
  • Cookies and Tracking: Authentication cookies, session identifiers, and analytics cookies

1.3 Information from Third Parties

  • WhatsApp: Business account information, phone number details, and message metadata
  • Twilio: Phone number details, call metadata, and telephony capabilities
  • Stripe: Payment status, subscription information, and customer IDs
  • Google Vertex AI: AI processing results and RAG (Retrieval-Augmented Generation) corpus data

2. Legal Basis for Processing (GDPR)

For users in the EU/UK, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide our services (account management, AI agents, communication channels)
  • Legitimate Interests: Improving our services, security monitoring, fraud prevention, and analytics
  • Consent: Marketing communications, optional cookies, and certain data processing activities (you may withdraw consent at any time)
  • Legal Obligations: Compliance with tax laws, financial regulations, and legal requests

3. How We Use Your Information

  • Provide, maintain, and improve our AI communication platform
  • Process payments and manage subscriptions through Stripe
  • Train and configure AI agents based on your specifications
  • Enable WhatsApp, telephony, and web communication channels
  • Generate conversation summaries and analytics
  • Send service-related notifications and updates
  • Respond to customer support requests
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our Terms of Service
  • Conduct internal research and development to improve AI capabilities

4. Data Sharing and Disclosure

4.1 Service Providers

We share data with trusted third-party service providers who assist us in operating our platform:

  • Google Cloud Platform: Cloud infrastructure, database hosting, and AI processing (Vertex AI, Gemini API)
  • Stripe: Payment processing and subscription management
  • Twilio: Telephony services and SMS capabilities
  • Meta (WhatsApp): WhatsApp Business API integration
  • Redis Labs: Caching and session management

4.2 Other Disclosures

  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (you will be notified)
  • Protection of Rights: To protect our rights, property, safety, or that of our users
  • With Your Consent: When you explicitly authorize sharing

We do not sell your personal information to third parties.

5. International Data Transfers

Your data may be transferred to and processed in the United States and other countries where our service providers operate. For EU/UK users, we ensure adequate safeguards through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Service providers certified under the EU-U.S. Data Privacy Framework (where applicable)
  • Other appropriate safeguards in accordance with GDPR Article 46

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy:

  • Account Data: Until you delete your account, plus 90 days for recovery
  • Conversation Data: Retained for the duration of your subscription plus 1 year for analytics and compliance
  • Activity Logs: 2 years for security and fraud prevention
  • Payment Records: 7 years for tax and financial compliance
  • Deleted Account Data: Soft-deleted data is permanently removed after 90 days

You may request earlier deletion of your data by contacting us, subject to legal retention requirements.

7. Your Privacy Rights

7.1 Rights for All Users

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and personal data
  • Opt-Out: Unsubscribe from marketing emails

7.2 Additional Rights for EU/UK Users (GDPR)

  • Data Portability: Receive your data in a structured, machine-readable format
  • Restriction of Processing: Limit how we process your data in certain circumstances
  • Object to Processing: Object to processing based on legitimate interests or for direct marketing
  • Withdraw Consent: Withdraw consent for processing activities that require consent
  • Automated Decision-Making: Request human review of automated decisions that significantly affect you
  • Lodge a Complaint: File a complaint with your local data protection authority

7.3 Additional Rights for California Users (CCPA/CPRA)

  • Know: Request disclosure of personal information collected, used, and shared
  • Delete: Request deletion of personal information
  • Opt-Out of Sale: We do not sell personal information
  • Non-Discrimination: Exercise rights without discriminatory treatment
  • Correct: Request correction of inaccurate personal information
  • Limit Use of Sensitive Data: Request limits on use of sensitive personal information

To exercise your rights, email us at hello@livetok.ai or visit our Data Removal page. We will respond within 30 days (or as required by applicable law).

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

  • Essential Cookies: Required for authentication and core functionality
  • Analytics Cookies: Help us understand usage patterns and improve our service
  • Preference Cookies: Remember your settings and preferences

8.2 Managing Cookies

You can control cookies through your browser settings. Disabling cookies may affect functionality. Essential cookies cannot be disabled as they are necessary for the platform to function.

9. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (TLS/SSL) and at rest
  • Password hashing using bcrypt
  • Role-based access control (RBAC)
  • Regular security audits and monitoring
  • Secure API authentication with JWT tokens
  • Regular backups and disaster recovery procedures

However, no method of transmission over the Internet is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

10. Children's Privacy

Our service is not intended for children under 16 (or under 13 in the U.S.). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

11. AI and Data Processing

Our platform uses AI technologies (Google Gemini, Vertex AI) to power conversational agents. Please note:

  • Conversation data may be processed by Google Cloud AI services for real-time responses
  • We do not use your data to train third-party AI models without your consent
  • AI-generated content is subject to review and may not always be accurate
  • You retain ownership of your uploaded content and configuration data

12. Third-Party Links and Integrations

Our platform may contain links to third-party websites (e.g., WhatsApp, Stripe, Twilio) and integrations with external services. We are not responsible for the privacy practices or content of these third parties. We encourage you to review their privacy policies before providing any personal information.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on our platform

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

15. Data Protection Officer

For EU/UK users, if you have concerns about how we handle your personal data, you may contact our Data Protection Officer at hello@livetok.ai.