← Back

Privacy Policy

Last updated: March 17, 2026

This Privacy Policy (hereinafter referred to as the Policy) applies to all information about the user that Individual Entrepreneur Arslanov Albert Maratovich, operator of Danku AI, can obtain during the use of the Danku AI software platform.

Use of the Service means unconditional consent of the User with the current Policy and the terms for processing of their personal information. In case of disagreement with these terms, the User must refrain from using the Service.

1. Definitions

  • Service — the Danku AI platform, including all related websites, APIs, and applications.
  • User — an individual or legal entity that creates an account and uses the Service.
  • Organization — a workspace within the Service created by a User to manage team members and data.
  • Conversation Data — audio recordings, transcriptions, chat messages, support tickets, and related metadata uploaded or imported by the User for analysis.
  • End Customer — a third party whose interactions are contained within Conversation Data.

2. User's personal information collected and processed

For the purposes of this Policy, "User's personal information" includes:

  1. Personal information provided by the User upon registration and during Service use, including full name and email address.
  2. Organization details provided during onboarding: organization name, industry, company description, preferred language, and currency.
  3. Security information: two-factor authentication secrets and recovery codes (stored encrypted).
  4. Data transferred automatically during Service use, including IP address, cookies, device/browser metadata, and technical session data.

3. Conversation Data processed on behalf of the User

The User may upload, import, or connect the following types of Conversation Data for AI-powered analysis:

  • Audio recordings of phone calls and voice interactions.
  • Text messages from chat conversations and support tickets.
  • Participant information: names and roles of agents and customers.
  • Metadata: timestamps, tags, departments, and custom fields.
  • Data obtained through third-party integrations (Intercom, Zoho, Kommo, HubSpot) connected by the User via OAuth.
  • Data uploaded via CSV import or submitted via the API/webhooks.

Important: The User acts as the data controller for Conversation Data and is responsible for ensuring they have a lawful basis (such as consent or legitimate interest) for processing End Customer data through the Service. The Service Provider acts as a data processor with respect to Conversation Data.

4. Purpose of data collection and processing

User's personal information is used for:

  • Account creation, authentication, and authorization.
  • Providing personalized services, including team management and organization settings.
  • Communication with the User: notifications, service updates, and support.
  • Improvement of Service quality and development of new features.

Conversation Data is processed for:

  • Audio transcription — converting audio recordings to text using AI transcription services.
  • AI-powered analysis — generating decision graphs, root-cause analysis, sentiment scores, agent quality scores, customer satisfaction scores, escalation detection, and other analytical insights.
  • Structured reporting — providing summaries, recommendations, and tags based on conversation content.

5. Third-party services and data transfers

To provide the Service, Conversation Data may be transmitted to the following third-party providers for processing:

  • ElevenLabs — for audio transcription. Audio files are sent to ElevenLabs' API for speech-to-text conversion. Please refer to ElevenLabs' Privacy Policy.
  • OpenRouter — for AI analysis. Conversation transcripts and messages are sent to language models via OpenRouter for analysis. Please refer to OpenRouter's Privacy Policy.
  • CRM/Helpdesk Integrations (Intercom, Zoho, Kommo, HubSpot) — connected by the User via OAuth to import Conversation Data. Data is fetched from these services based on User authorization.

The Service Provider may also transfer personal information to third parties in the following cases:

  • The User has expressed explicit consent.
  • To detect, prevent, and resolve issues related to fraud, security, and technical matters.
  • To respond to lawful requests from competent authorities.
  • When the transfer is required by applicable legislation as part of a lawful procedure.

6. Data storage and security

  • User data and Conversation Data are stored on secure servers with encryption at rest and in transit.
  • Integration credentials (OAuth tokens) are stored encrypted in the database.
  • Two-factor authentication secrets are stored encrypted.
  • API keys are stored as one-way hashes (SHA-256); the original key cannot be recovered.
  • Passwords are hashed using bcrypt with an appropriate cost factor.
  • The Service administration ensures the safety of data in accordance with modern international standards for data protection (including GDPR principles where applicable).

7. Data retention

  • User account data is retained while the User actively uses the Service.
  • Conversation Data (including transcriptions, analyses, and audio files) is retained for the duration of the User's active subscription.
  • Upon account deletion, data may be retained for up to 30 days for recovery purposes, after which it is permanently deleted, unless longer retention is required by law.
  • Temporary files (such as CSV imports) are deleted after processing is complete.

8. AI and automated decision-making

  • The Service uses artificial intelligence to analyze Conversation Data and produce scores, classifications, and recommendations.
  • AI-generated results are provided as analytical tools and do not constitute automated decision-making with legal or similarly significant effects on End Customers.
  • The User is solely responsible for any decisions made based on AI-generated analysis.
  • The Service Provider does not use User personal data or Conversation Data for training AI models.

9. User rights

The User has the right to:

  • Access — request a copy of personal information held by the Service.
  • Rectification — update or correct personal information via account settings.
  • Deletion — request deletion of their account and associated data.
  • Data portability — request an export of their data in a machine-readable format.
  • Withdraw consent — stop using the Service and request data deletion at any time.
  • Disconnect integrations — revoke third-party service access at any time through the Service or directly through the third-party provider.

10. Cookies

The Service uses cookies and similar technologies to maintain user sessions, remember preferences, and ensure security. These are essential for the operation of the Service. The Service does not use third-party tracking or advertising cookies.

11. Changes to this Policy

The Service Provider reserves the right to modify this Policy. Changes take effect upon posting the updated Policy on the Service. Continued use of the Service after changes constitutes acceptance of the updated Policy.

12. Contact information

Any suggestions and questions regarding this Policy should be sent to:

Individual Entrepreneur Arslanov Albert Maratovich
TIN (INN): 024204067123
PSRNSP (OGRNIP): 325028000220530