Privacy Policy
Last updated: January 2025
1. Who We Are
Sainer is a service provided by Kwartiermakers Pioniers B.V., a company registered in the Netherlands.
- Chamber of Commerce (KvK): 99256010
- Address: Marie Baronstraat 1, 5026 CG, Tilburg, The Netherlands
- Privacy Contact: privacy@sainer.nl
We provide an AI-powered phone operator service that helps businesses handle customer calls automatically. This privacy policy explains how we collect, use, and protect your personal data when you use our service or when someone calls a business using Sainer.
2. What Data We Collect
Call Data (when someone makes or receives a call through Sainer)
- Phone numbers (caller and recipient)
- Call recordings (audio)
- Transcriptions of calls (text versions of what was said)
- AI-generated summaries and analysis of calls
- Date, time, and duration of calls
Account Data (for businesses using our service)
- Name and email address
- Password (stored securely, we cannot see it)
- Company name and details
- Phone numbers you connect to our service
Payment Data
- Billing name and address
- Payment method details (processed securely by our payment provider Mollie)
- Transaction history
Usage Data
- How you use our dashboard
- Call statistics and service usage
- Feature preferences and settings
Technical Data
- IP address when accessing our dashboard
- Browser type and device information
- Email open and click tracking for service communications
3. How We Use Your Data
We use your data to:
- Provide our service: Answer calls, create transcriptions, and generate AI summaries
- Process payments: Bill you for the service and handle transactions
- Improve our service: Understand how our service is used and make it better
- Communicate with you: Send service updates, invoices, and support responses
- Meet legal requirements: Keep records required by law, prevent fraud
We do not sell your personal data to anyone.
4. How Our AI Works
Sainer uses artificial intelligence (specifically Google Cloud's Gemini) to:
- Understand what callers are saying
- Respond to callers in a natural, helpful way
- Create summaries of calls
- Identify action items and important information
Important things to know about our AI:
- The AI assists humans, it doesn't replace them: Our AI handles routine calls, but you can always set up transfers to human staff for complex situations
- No automated decisions with major consequences: Our AI doesn't make decisions that significantly affect people's legal rights or similar important matters without human review
- You stay in control: You configure what the AI can and cannot do, and you can review all AI-generated content
- Transparency: Callers are informed they are speaking with an AI-powered system
How we handle AI and your data
We do NOT use your conversation data to train AI models. This is an important distinction:
- No model training: Your conversations and transcripts are not used to train or fine-tune the underlying AI model (Google Gemini). Google Gemini is used as an existing service without your data contributing to model improvements.
- Service improvements: We do analyze conversations to improve our service, such as:
- Optimizing prompt templates (instructions that help the AI respond better)
- Identifying common scenarios to provide better default configurations
- Improving the user experience in our dashboard
- Knowledge sharing via templates: Insights from conversation analysis may result in improved prompt templates that can also be used by other customers. These templates contain no personal data, only general instruction patterns.
Example: If we notice certain phrasings work better for appointment scheduling, we may incorporate that knowledge into an improved template. The actual conversations that led to this insight are not shared.
This approach complies with the EU AI Act's requirements for transparency and human oversight.
5. Our Legal Basis for Processing (GDPR)
Under EU law, we need a legal reason to process your data. Here's what applies:
| Data Type | Legal Basis |
|---|---|
| Call data | Contract: Needed to provide the service you're paying for |
| Account data | Contract: Needed to manage your account |
| Payment data | Contract and Legal obligation: Process payments and keep tax records |
| Usage data | Legitimate interest: Improve and secure our service |
| Technical data | Legitimate interest: Security and service operation |
For callers (people who call businesses using Sainer): The business using our service is responsible for informing callers about call recording and AI processing. We process this data as a "processor" on behalf of the business.
6. Who We Share Data With
We work with trusted partners to provide our service:
| Partner | Purpose | Location |
|---|---|---|
| Google Cloud | AI processing and hosting | EU (Belgium, Netherlands) |
| Mollie | Payment processing | Netherlands |
| Mailgun | Sending email notifications | EU |
| Sinch | SMS and WhatsApp notifications | EU |
All partners are bound by strict data protection agreements. We do not share data with partners for their own marketing purposes.
7. How Long We Keep Data
| Data Type | Retention Period |
|---|---|
| Call recordings and transcripts | As configured by the business (default: 90 days) |
| Account data | While your account is active, plus 2 years |
| Payment records | 7 years (required by Dutch tax law) |
| Technical logs | 90 days |
When data is no longer needed, we securely delete it.
8. Your Rights
Under GDPR, you have the right to:
- Access: Get a copy of the personal data we hold about you
- Correction: Fix any inaccurate information
- Deletion: Ask us to delete your data (with some exceptions for legal requirements)
- Data portability: Receive your data in a portable format
- Restrict processing: Limit how we use your data
- Object: Object to certain uses of your data
- Withdraw consent: If we process data based on your consent, you can withdraw it
How to exercise your rights: Email us at privacy@sainer.nl. We'll respond within 30 days.
Right to complain: If you're unhappy with how we handle your data, you can complain to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at www.autoriteitpersoonsgegevens.nl.
9. Data Security
We protect your data with:
- Encryption: All data is encrypted when stored and when transmitted
- Access controls: Only authorized staff can access personal data
- Security monitoring: We monitor for suspicious activity
- Regular testing: We regularly test our security measures
- Secure infrastructure: We use enterprise-grade cloud security (Google Cloud)
10. International Data Transfers
Your data is primarily stored and processed within the European Union (Google Cloud's EU data centers in Belgium and the Netherlands).
If any data needs to be transferred outside the EU, we ensure it's protected by:
- Standard Contractual Clauses approved by the EU
- Adequacy decisions (for countries with equivalent privacy laws)
11. Cookies
Our website and dashboard use cookies (small text files stored on your device) to function properly and improve your experience.
Types of cookies we use
| Type | Purpose | Consent required |
|---|---|---|
| Necessary | Essential for the website/dashboard to work (login sessions, security) | No |
| Analytical | Help us understand how visitors use our site (e.g., Google Analytics with IP anonymization) | Yes |
| Marketing | Track effectiveness of our advertising (e.g., LinkedIn) | Yes |
Managing cookies
- Cookie banner: When you first visit, you can accept or reject non-essential cookies
- Change preferences: You can update your cookie preferences anytime via the cookie settings link in our website footer
- Browser settings: You can also block cookies in your browser, though this may affect functionality
Note
Rejecting analytical and marketing cookies doesn't affect your ability to use our service.
12. Changes to This Policy
We may update this privacy policy at any time. How we notify you depends on the type of change:
- Minor changes (clarifications, formatting, typos): We update the policy and the "Last updated" date. No individual notification.
- Material changes (new data uses, new sharing partners, changes to your rights): We post the updated policy on our website at least 14 days before the changes take effect.
- Legally required changes: May take effect immediately.
Your continued use of our service after changes means you accept the updated policy. We recommend checking this page periodically.
13. Contact Us
For any privacy questions or to exercise your rights:
- Email: privacy@sainer.nl
- Mail: Kwartiermakers Pioniers B.V., Marie Baronstraat 1, 5026 CG, Tilburg, The Netherlands
We aim to respond to all inquiries within 30 days.
This privacy policy is designed to be clear and understandable. If anything is unclear, please contact us and we'll be happy to explain.