CaillteAI — GDPR Compliance Overview
Irish AI Automations • "Never lost. Never missed."
Who we are. CaillteAI LTD ("CaillteAI") provides AI-powered reception, missed-call recovery, chat systems and lead-handling for Irish SMEs. This page is a plain-English summary of our GDPR posture. It's guidance, not legal advice.
You are the Data Controller. CaillteAI operates as your Data Processor and follows your written instructions.
Name, phone, email, message/call content (if enabled), booking details, timestamps, and basic technical metadata.
Legitimate interests (service enquiries), Contract/pre-contractual (bookings & support), and Consent (marketing only, managed by the Controller).
Encryption in transit, role-based access, least-privilege staff permissions, reputable sub-processors, and activity logging where supported.
Export/deletion on request; configurable retention; disable recordings; approve new sub-processors as needed.
Go High Level/Hexona, Vapi, Twilio, Meta, Google, OpenAI, n8n, Readdy.ai, Squarespace. We reserve the right to change providers.
Transcripts 3–12 months; operational logs 3–6 months; CRM lead data 12–24 months; billing 6–7 years (legal).
Callers/visitors may interact with AI assistants and can ask for a human at any time. We don't use AI to make legal or similarly significant decisions.
Access, rectification, erasure, restriction, portability, and objection. We assist Controllers within a reasonable timeframe.
If we become aware of a personal-data breach affecting a client, we notify the Controller without undue delay and share available details.
CaillteAI LTD — 4 Longview Sq, Millers Glen, Swords, Dublin • hello@caillteai.com