Voicematrix.ai

Legal

GDPR Compliance

Last updated: April 21, 2026

This page summarises how Voicematrix.ai meets the requirements of the EU General Data Protection Regulation (GDPR) and the UK GDPR — and how you can exercise your rights.

1. Roles

For the data of our customers and website visitors, Voicematrix.ai is the data controller. For the data our customers process through the platform (call audio, transcripts, end-user metadata), Voicematrix.ai is a data processor; the customer is the controller.

2. Lawful bases

  • Contract: to provide the service you've signed up for.
  • Legitimate interest: to secure, debug and improve the platform.
  • Consent: for marketing emails and non-essential cookies.
  • Legal obligation: to comply with tax, audit and lawful requests.

3. Your rights

  • Access — request a copy of the personal data we hold about you.
  • Rectification — correct inaccurate or incomplete data.
  • Erasure ("right to be forgotten") — ask us to delete your data, subject to legal hold.
  • Restriction — pause processing while a dispute is resolved.
  • Portability — receive your data in a machine-readable format.
  • Objection — object to processing based on legitimate interest, including profiling.
  • Withdraw consent — for any processing based on consent, at any time.
  • Lodge a complaint — with your local supervisory authority.

4. Exercising your rights

Email privacy@voicematrix.ai from the address on your account. We respond within 30 days and never charge a fee for reasonable requests.

5. International transfers

When personal data is transferred outside the EEA or the UK, we rely on the European Commission's Standard Contractual Clauses (2021), the UK International Data Transfer Addendum, and supplementary technical measures (encryption in transit and at rest, key isolation, access logging).

6. Sub-processors

A current list of sub-processors is published with our Data Processing Agreement. We notify customers of new sub-processors at least 30 days in advance.

7. Data Protection Officer

Our DPO can be reached at dpo@voicematrix.ai. Postal: Voicematrix.ai, Rua das Janelas Verdes 32, 1200-690 Lisbon, Portugal.

8. Security incidents

We notify affected customers without undue delay, and supervisory authorities within 72 hours of becoming aware of a personal data breach, in line with Article 33.