Privacy Policy

Last updated: 1 May 2026  |  STOAIX Ltd, London, UK

STOAIX Ltd ("STOAIX", "we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect information when you use our website at stoaix.com and our AI receptionist platform (together, the "Services").

1. Who We Are

STOAIX Ltd is a company registered in England and Wales. We provide an AI-powered voice, chat, and lead management platform for healthcare clinics and businesses. Our contact email is hello@stoaix.com.

2. Information We Collect

We collect the following categories of personal data:

• Account data: name, email address, company name, phone number when you register.
• Usage data: pages visited, features used, browser type, IP address, and timestamps.
• Communications: messages, call recordings, and chat logs processed through our platform on behalf of our clients.
• Payment data: billing details processed securely by our payment provider (Stripe). We do not store card numbers.
• Cookies: see our Cookie Policy for details.

3. How We Use Your Data

• To provide, operate, and improve the Services.
• To send transactional emails (account confirmations, invoices, alerts).
• To send marketing communications where you have given consent.
• To comply with legal obligations.
• To detect and prevent fraud or abuse.

4. Legal Basis for Processing (GDPR)

We process personal data under the following lawful bases:

• Contract: to deliver the Services you have signed up for.
• Legitimate interests: to improve the platform, ensure security, and conduct marketing analytics.
• Consent: for marketing emails and cookies where required.
• Legal obligation: to comply with applicable law.

5. Data Sharing

We do not sell your personal data. We share data only with:

• Trusted sub-processors (cloud hosting, analytics, payment processing) under data processing agreements.
• Law enforcement or regulators when required by law.
• Successor entities in the event of a merger or acquisition (you will be notified).

6. Data Retention

We retain personal data for as long as your account is active, plus up to 7 years for legal and financial records. Call recordings and chat logs are retained for up to 90 days unless otherwise agreed with your clinic.

7. Your Rights

Under the UK GDPR and Data Protection Act 2018, you have the right to:

• Access your personal data.
• Correct inaccurate data.
• Request deletion ("right to be forgotten").
• Object to or restrict processing.
• Data portability.
• Withdraw consent at any time.

To exercise any right, email us at hello@stoaix.com. We will respond within 30 days.

8. Cookies

We use cookies and similar tracking technologies. See our Cookie Policy for full details.

9. International Transfers

Your data may be processed outside the UK/EEA by our sub-processors. Where this occurs, we ensure adequate safeguards are in place (such as Standard Contractual Clauses).

10. Security

We use industry-standard encryption (TLS in transit, AES-256 at rest) and access controls to protect your data. We conduct regular security reviews.

11. Changes to This Policy

We may update this policy periodically. We will notify you of material changes by email or a prominent notice on our website. Continued use of the Services after changes constitutes acceptance.

12. Contact Us

Questions about this policy? Contact us at hello@stoaix.com or write to: STOAIX Ltd, London, United Kingdom.