Yes. We’re fully compliant with UK GDPR and only collect what’s needed to deliver and support the training experience.

All data (including call recordings) is stored securely in the UK using Microsoft Azure infrastructure.

We retain all call recordings for 30 days. After that, they’re automatically deleted from our systems.

Nope. We only use corporate phone numbers and email addresses that you provide. All training takes place via web app and our test calls only go to the numbers you share with us. 

We collect:

• Corporate names, emails, phone numbers (provided by you)

• Audio recordings of training calls

• Basic behavioural response data (e.g. whether someone answered or shared info)

We don’t collect passwords, financial info, or anything sensitive... and if they’re said aloud during a call, they’re automatically anonymised.

• You = Data Controller

• CTRL+Vish = Data Processor

We process your data only according to your instructions... including deletion, access, and opt-out requests.

We use both VAPI and ElevenLabs to process our synthetic voices - these services do not store any data. 

All call recordings are held securely within Microsoft Azure in a UK-based data centre. 

Hubspot and MailChimp are used to process email addresses and names so we can effectively communicate with you about changes and updates to our services.

Yes... but only with full consent. Cloned voices are only used for your scenarios and deleted if your subscription ends.

• Call recordings are deleted after 30 days

• Your other data is retained for up to 30 days post-subscription, then deleted

• Voice clones are deleted unless you renew (we can recreate them... but charges may apply)

Absolutely! Just drop us a line to privacy@ctrlvish.co.uk and we'll get our template over to you!