GDPR Compliance Statement
PriorityLine.ai
Last updated: 03/12/2025
At PriorityLine.ai, we are committed to protecting the privacy, security, and rights of all individuals whose data we process. As a provider of AI-powered voice automation and call-classification tools for care organisations and service businesses, we implement industry-leading data protection standards in line with the General Data Protection Regulation (EU GDPR) and the UK GDPR.
This statement outlines the principles, processes, and safeguards that guide how we handle personal data.
1. Our Role as a Data Controller and Processor
PriorityLine.ai may act as:
Controller - when we process data for our own business purposes
(e.g., website analytics, lead generation, customer communication).
Processor - when our clients use our AI voice services and provide audio recordings or call metadata for processing.
In these cases, we follow our clients’ documented instructions and enter into Data Processing Agreements (DPAs) as required by GDPR and UK GDPR.
2. Lawful Basis for Processing
We rely on the following legal bases:
- Consent (e.g., cookies, optional analytics)
- Contractual necessity (e.g., providing the PriorityLine.ai service)
- Legitimate interest (e.g., improving product performance, security monitoring)
- Legal obligation (e.g., tax or regulatory requirements)
3. Data Protection Principles
We follow all GDPR/UK GDPR principles:
- Lawfulness, fairness, transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
4. Data We Process
Depending on how our services are used, we may process:
- Audio data for AI classification
- Caller metadata (time, date, phone number if applicable)
- Customer account information
- Support correspondence
- Website analytics (with consent in the EU/UK)
We do not use customer data for model training unless explicitly permitted.
5. Security Measures
We apply robust technical and organisational measures, including:
- Encryption in transit and at rest
- Access controls and least-privilege principles
- Regular security updates and patching
- Monitoring and incident detection
- Employee confidentiality obligations
- Secure data centres and approved subprocessors
6. International Data Transfers
If data is transferred outside the EU/UK, we ensure compliance using:
- Standard Contractual Clauses (SCCs)
- UK International Data Transfer Addendum
- Vendor compliance reviews
7. Data Retention
We retain personal data only as long as necessary for the purposes collected or as required by law. Client audio data is retained strictly according to the client’s chosen retention settings.
8. Subprocessors
We use carefully selected subprocessors for hosting, infrastructure, analytics, and communication tools. All subprocessors are subject to strict contractual obligations under GDPR and UK GDPR.
9. Data Subject Rights
Individuals have the right to:
- Access their data
- Correct inaccuracies
- Request erasure
- Object to processing
- Withdraw consent
- Request data portability
Requests can be made by contacting: [email protected]
10. Contact Details
For data protection enquiries:
PriorityLine.ai
Email: [email protected]
Registered Office:
PriortyLine is operated
by CS Platforms Ltd.
488 Upper Brentwood Road
RM2 6JA Gidea Park
Essex
UK
