Privacy Policy
Last updated: 6 July 2026. This policy explains what personal data CallNudge collects, why we collect it, how long different copies are kept, and your rights under UK law.
1. Who we are
CallNudge is a trading name and missed-call answering service operated by OmniAssist AI Ltd, company number 16388166, registered in England and Wales. Our registered office is 124-128 City Rd, London, England, EC1V 2NX.
Our service uses an AI call assistant to answer calls forwarded from a business customer's existing number when they are unavailable. It collects the caller's details and delivers a written summary by email. If a call is marked urgent and the business has agreed to receive operational texts, we also send an SMS alert to its chosen mobile number.
The business you called is normally the data controller for caller data and for the email and SMS copies delivered into its accounts. We act as its data processor when handling caller data to provide CallNudge. OmniAssist AI Ltd is a data controller for its own customer-account, security, support, and legal records.
If you book a call with us, we send appointment reminders about that booking: by email through TidyCal, and, where you provide a mobile number, by SMS through Twilio (using the Meeting Reminders add-on). These are service messages about your booking, not marketing. You can reply STOP to any reminder SMS to opt out of further reminder texts.
2. What information we collect
Information about callers
When a call is forwarded to CallNudge, our system may collect:
- The caller's phone number, where supplied by the telephone network
- The caller's name, if they provide it
- Details about their enquiry and any other information they choose to share
- An audio recording and AI-generated transcript of the call
- A structured summary and call analysis
- The date, time, duration, and technical details of the call
Information about business customers
When a business signs up for CallNudge, we may collect:
- The owner's name and business name
- Email address, phone number, and service preferences
- Billing and transaction records. Full card details are handled by the payment provider and are not stored by us
- Phone-forwarding and call-assistant configuration details
Website and enquiry data
When someone visits our website or submits an enquiry, we may receive contact details, the enquiry content, IP address, browser information, pages visited, and referral information.
3. Call recording and AI transcription
Calls handled by CallNudge are recorded and transcribed by AI. At the start of each call, the assistant says that it is an AI receptionist, that the call is recorded, and that the caller's details will be passed to the business they called. A caller can choose not to continue.
Recordings, transcripts, and analysis are used to provide the call summary and operate the service. Authorised staff may access relevant call material when needed for support, quality review, security, or a complaint. We do not use identifiable call content to train a general-purpose AI model or for advertising.
The service generates summaries automatically, but it does not make automated decisions that have legal or similarly significant effects on a caller. The business decides how to respond. Callers may volunteer information that is sensitive or outside what is needed. The assistant is designed not to seek unnecessary sensitive information, and regulated or high-risk sectors are outside the first-version service unless additional safeguards are agreed.
4. How we use information
We use personal data to:
- Answer forwarded calls, capture messages, and deliver summaries and urgent alerts
- Schedule calls with prospective and current customers, and send booking confirmations and appointment reminders
- Set up, manage, secure, and support customer accounts
- Process payments and maintain accounting records
- Investigate service problems, complaints, misuse, or security incidents
- Meet legal and regulatory obligations
- Send optional updates where the recipient has agreed to receive them
We do not sell personal data or use caller data for advertising.
5. Lawful basis for processing
The business customer decides the appropriate lawful basis for its use of caller data and instructs us as its processor. Depending on the context, that may include legitimate interests, performance of a contract, legal obligation, or consent. Call recording laws and any sector-specific duties remain the business customer's responsibility.
For processing where OmniAssist AI Ltd is the controller, we may rely on:
- Contract, to set up and provide the subscribed service
- Legitimate interests, to secure, support, troubleshoot, and improve the reliability of the service without using identifiable call content for unrelated product training
- Legal obligation, for records we must keep or disclosures required by law
- Consent, for optional marketing communications
6. How long different copies are kept
Call data is copied into several systems, so it does not all follow one deletion clock. We schedule and routinely carry out deletion as follows:
- Retell voice service: call recordings, transcripts, analysis, and related call artefacts are currently scheduled for deletion after 90 days
- Internal Google call log: active call-log rows are checked weekly and removed from 60 days after the call, before they reach 90 days under the routine schedule
- Resend email delivery: the current Free plan advertises retention of email content and event data for 30 days
- Twilio urgent SMS: message-body content may be retained for up to 30 days, while message address fields may be retained for up to 120 days
- TidyCal booking records: booking details are retained in TidyCal for as long as needed to arrange and follow up the call, and then removed in line with our routine review
- Delivered email and SMS copies: once a copy reaches the business customer's inbox, phone, or its own systems, that business controls the copy and its retention
Restricted backups, revision history, security logs, or provider recovery copies may persist for longer than the active copy and may not be available for routine individual deletion. They are not used as ordinary working records, and a deleted item restored during recovery will be deleted again. We may keep specific records longer where reasonably necessary for a legal claim, dispute, fraud investigation, security incident, or legal obligation.
Customer account and billing records follow their own business and legal retention periods. UK accounting and tax records may need to be kept for up to six years after the relevant financial period.
7. Requesting access, correction, or deletion
If you are a business customer
Use our contact form and select Privacy or data request, with enough information to identify the account or call. You may also write to our registered office. The form is offered for convenience and is not the only valid way to make a request. We can delete identifiable active copies we control, including a Retell call and its active internal call-log row, and will address provider copies in line with the provider's available controls and lifecycle. You remain responsible for copies delivered into your email, phone, or other systems.
If you are a caller
The business you called is normally the best first contact because it controls your enquiry and the delivered copies. You may also use our contact form, select Privacy or data request, or write to our registered office. Please include the business name and approximate date and time of the call, but do not send more personal information than necessary. We will coordinate with the relevant business.
We normally respond within one calendar month. A request may be limited where an exemption applies, identity cannot be verified, or particular records must be retained by law. We will explain any such limit.
8. Service providers and international transfers
We use providers including:
- Retell AI, for the AI call assistant, call recording, transcription, and analysis
- Twilio, for telephony, urgent operational SMS alerts, and SMS appointment reminders sent from a dedicated SMS reminder number
- Resend, for call-summary email delivery
- Google, for the restricted internal call log and operational workspace
- Vercel, for website and integration hosting
- Formspree, for website contact-form delivery
- TidyCal, for booking and scheduling calls with prospective and current business customers, and for booking confirmations and email reminders
- Meeting Reminders (meeting-reminders.com), for sending SMS appointment reminders for booked calls, using Twilio
Retell AI may process call data, including audio and transcripts, in the United States. TidyCal (a US-based provider) and other providers may also process data outside the UK. Where UK personal data is transferred internationally, we use the provider's contractual terms and appropriate restricted-transfer safeguards as required by UK data protection law.
Providers process data under their applicable contracts, security controls, and retention settings. We may also disclose data where required by law, court order, or a valid regulatory request.
9. Cookies and website analytics
We use limited website analytics to understand aggregate site usage and essential technical storage needed to operate and secure the website and contact form. We do not use advertising cookies. Browser settings can be used to restrict cookies or local storage, although doing so may affect site features.
10. Your rights under UK GDPR
Depending on the circumstances, you may have the right to:
- Request access to personal data about you
- Ask for inaccurate or incomplete data to be corrected
- Ask for data to be erased or processing to be restricted
- Object to processing based on legitimate interests
- Receive eligible data in a portable format
- Withdraw consent where consent is the lawful basis
- Complain to the Information Commissioner's Office
These rights are not absolute and may depend on which organisation is the controller. Use our contact form or write to our registered office and we will respond or help route the request. The form is offered for convenience and does not prevent you making a request by post or another valid means.
11. Security
We use reasonable technical and organisational measures to protect personal data, including encrypted connections, access controls, restricted operational accounts, and security reviews. No internet service can guarantee complete security.
If a personal-data breach must be reported under UK GDPR, the responsible controller will notify the ICO without undue delay and, where feasible, within 72 hours of becoming aware of it. Affected individuals will be informed where the law requires it.
12. Changes to this policy
We may update this policy as the service or law changes. We will update the date above and notify active customers of material changes where appropriate.
13. Contact us and how to complain
OmniAssist AI Ltd, trading as CallNudge
Company number: 16388166
Registered office: 124-128 City Rd, London, England, EC1V 2NX
Online: Contact form
If you are not satisfied with the response, you may complain to the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Telephone: 0303 123 1113
