Turnless← Back to Turnless

Privacy Policy

Last updated: 27 May 2026.

1. Introduction

Turnless ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered phone receptionist service (the "Service").

Turnless is an Australian company and complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in that Act. Where we handle health information, we also comply with the additional obligations applicable to sensitive information under the Privacy Act.

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, business name, phone number, and payment information
  • Business Information: Business hours, services offered, pricing, and other business details you provide during onboarding
  • Communications: Messages you send to us, support requests, and feedback

2.2 Information Collected Automatically

  • Call Data: Phone numbers, call duration, timestamps, call recordings, and transcripts
  • Usage Data: How you interact with our Service, features used, and performance metrics
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Cookies: We use cookies and similar tracking technologies (see our Cookie Policy)

2.3 Information from Third Parties

  • Payment Processors: Payment confirmation and billing information from Stripe
  • Calendar Services: Appointment data from Google Calendar, Microsoft Outlook, or Apple Calendar
  • Telephony Services: Call metadata from Twilio

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process your transactions and manage your account
  • Answer incoming calls on your behalf using AI
  • Schedule appointments and manage your calendar
  • Send you service updates, security alerts, and administrative messages
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyse usage patterns and trends
  • Detect, prevent, and address technical issues and fraudulent activity
  • Comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

We do not sell your personal information. We may share your information with:

4.1 Service Providers

We engage trusted third-party service providers to operate the Service. These providers only receive the data necessary to perform their specific function and are contractually bound to protect it. Categories of providers include:

  • AI processing providers — for voice understanding and response generation during calls
  • Telephony providers — for routing and managing inbound phone calls
  • Payment processors — for handling subscription billing and transactions
  • Cloud infrastructure providers — for hosting, storage, and computing
  • Voice synthesis providers — for generating spoken responses
  • Email delivery providers — for sending transactional and notification emails
  • Calendar integration providers — for appointment scheduling (where enabled)

4.2 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).

5. Data Retention

  • Account Data: Retained while your account is active and for 90 days after closure
  • Call Recordings: Retained for 90 days unless you request deletion
  • Transaction Records: Retained for 7 years for tax and accounting purposes
  • Analytics Data: Aggregated and anonymised data may be retained indefinitely

6. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Portability: Request transfer of your data to another service
  • Objection: Object to processing of your personal data
  • Restriction: Request restriction of processing
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at hello@turnless.ai

7. Data Security

  • Encryption in transit (TLS/SSL) and at rest (AES-256)
  • Regular security audits and penetration testing
  • Access controls and authentication (including two-factor authentication)
  • Employee training on data protection
  • Incident response procedures

No method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

8. International Data Transfers

All primary data — including customer records, calls, transcripts, appointments, and bookings — is stored exclusively in Australia (AWS Sydney, ap-southeast-2) and does not leave Australia.

During active call sessions only, audio and transcript data is processed transiently by offshore AI service providers in the United States for the purpose of real-time voice understanding and response generation. This processing is in-memory only — no personal data is stored on offshore servers. Once the call session ends, all data returns to and remains in Australia.

Inbound call routing is handled through our telephony provider's Australian regional infrastructure. Call metadata (caller number, call duration) required for routing is processed within Australia.

All offshore service providers are bound by data processing agreements and maintain enterprise-grade security standards. Before disclosing personal information overseas, we take reasonable steps to ensure recipients treat your information in accordance with the Australian Privacy Act 1988 (Cth).

9. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date. For material changes, we will provide additional notice via email.

11. Contact Us

Email: hello@turnless.ai

Data Protection Officer: hello@turnless.ai

You have the right to lodge a complaint with your local data protection authority.