Legal

Privacy Policy

Last updated: June 2026

Cambrix ("Cambrix", "we", "us") provides AI voice agents that handle inbound and outbound calls for businesses. This policy explains what personal data we collect, why we collect it, how we use it, and the rights you have over it under the EU General Data Protection Regulation (GDPR) and applicable data protection law.

1. Who we are

Cambrix is the data controller for personal data collected through our website and the data processor for personal data processed on behalf of our customers through our voice agent services. For any privacy matter, contact us at privacy@cambrix.ai.

2. Data we collect

Depending on how you interact with us, we may collect:

Contact details — name, email, company, phone number and job title you submit through our demo or contact forms.
Call data — when our agents handle calls on behalf of a customer, this may include call recordings, transcripts, and information shared during the conversation.
Technical data — IP address, browser type, device information, and usage data collected automatically when you visit our website.

3. How we use your data

We process personal data to:

Respond to demo requests and enquiries;
Provide, operate, and improve our voice agent services;
Route, transcribe, and analyse calls as instructed by our customers;
Comply with legal and regulatory obligations;
Protect against fraud and secure our systems.

4. Legal basis for processing

We rely on the following legal bases under GDPR: your consent (which you can withdraw at any time), the performance of a contract, our legitimate interests in operating and improving our services, and compliance with legal obligations.

5. Data sharing and sub-processors

We use trusted third-party providers to deliver our service, including telephony, voice synthesis, language models, and cloud hosting. These providers process data only on our instructions and under contractual data protection terms. We do not sell your personal data to anyone.

6. Data residency and transfers

Where required, customer call data can be configured to remain within the European Union. Where data is transferred outside the EU, we rely on appropriate safeguards such as Standard Contractual Clauses.

7. Data retention

We retain personal data only for as long as necessary for the purposes described in this policy, or as required by law. Call recordings and transcripts are retained according to the retention period agreed with each customer, after which they are deleted.

8. Your rights

Under GDPR, you have the right to:

Access the personal data we hold about you;
Request correction of inaccurate or incomplete data;
Request deletion of your data;
Object to or restrict our processing of your data;
Receive your data in a portable, machine-readable format;
Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, email privacy@cambrix.ai. You also have the right to lodge a complaint with your local data protection authority.

9. Security

We apply appropriate technical and organisational measures to protect personal data, including encryption, least-privilege access controls, and audit logging. No system is perfectly secure, but we work continuously to safeguard the data entrusted to us.

10. Changes to this policy

We may update this policy from time to time. The latest version will always be available on this page, with the "last updated" date revised accordingly.

11. Contact

Questions about this policy or your personal data? Email us at privacy@cambrix.ai.