Privacy Policy

Agntic.ai Voice Agent Platform

Version 1.0 | Effective: March 2026

Agntic Pty Ltd | ABN 53 680 307 680

This Privacy Policy explains how Agntic Pty Ltd collects, uses, stores, discloses, and protects personal information in connection with the Agntic.ai platform. It applies to all users of the Platform, including account holders, authorised users, and individuals whose personal information is processed through the Platform (such as callers who interact with AI voice agents). This policy is available at https://agntic.ai/legal/privacy and forms part of the Agntic.ai End User Licence Agreement.

1. Who We Are

Agntic Pty Ltd (ABN 53 680 307 680) (“Agntic”, “we”, “us”, or “our”) operates the Agntic.ai platform, a software-as-a-service product that enables businesses to create, configure, and deploy AI-powered voice agents. Our registered address is Carlton VIC 3053, Melbourne, Victoria, Australia.

We are committed to protecting the privacy and security of personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

For privacy enquiries, contact our Privacy Officer at privacy@agntic.ai.

2. Scope of This Policy

This Privacy Policy applies to:

• Account holders who sign up to use the Agntic.ai platform;

• Authorised users invited to an account by the account holder;

• Visitors to our website at https://agntic.ai;

• Callers and other individuals whose personal information is collected, processed, or generated through AI voice agents deployed on the Platform; and

• Individuals who contact us directly (for example, via email or support channels).

This policy does not cover the privacy practices of our customers who deploy AI voice agents using the Platform. Our customers are responsible for their own privacy notices and for ensuring that their use of the Platform complies with applicable privacy laws, including obtaining any required consents from callers.

3. Information We Collect

3.1 Information You Provide to Us

When you create an account, subscribe to a plan, or use the Platform, we may collect:

Category	Examples
Account information	Name, email address, phone number, business name, ABN/ACN, billing address
Payment information	Credit card details (processed by our payment provider; we do not store full card numbers), billing history, invoices
Agent configurations	Prompts, scripts, knowledge bases, workflow settings, integration credentials, and other configuration data you create within the Platform
Support communications	Messages, emails, and attachments you send to our support team
Feedback	Product feedback, feature requests, and survey responses

3.2 Information Generated Through Platform Use

When AI voice agents are deployed and active, the Platform may collect or generate the following information about callers and interactions:

Category	Examples
Voice recordings	Audio recordings of voice interactions between callers and AI agents (where recording is enabled by the customer)
Transcripts	Text transcriptions of voice interactions generated by speech-to-text processing
Call metadata	Phone numbers (inbound and outbound), call duration, timestamps, call status, and routing data
AI outputs	Agent responses, conversation summaries, sentiment analysis, intent classification, and other outputs generated by the AI during or after a voice interaction
Caller information	Any personal information a caller provides during a voice interaction (such as their name, contact details, booking information, or enquiry details)

Important: The personal information of callers is collected by our customers through their deployed AI agents. Our customers are the primary data controllers for this information and are responsible for providing appropriate privacy notices to callers and obtaining any required consents. Agntic processes this information on behalf of its customers to provide the Platform services.

3.3 Information We Collect Automatically

When you visit our website or use the Platform, we automatically collect:

• Device and browser information (device type, operating system, browser type and version);

• IP address and approximate location;

• Pages viewed, features used, and actions taken within the Platform;

• Referring website or source;

• Cookies and similar tracking technologies (see clause 11 below).

4. How We Use Your Information

We use the personal information we collect for the following purposes:

Purpose	Legal Basis (APP Reference)
To create and manage your account and provide the Platform services	Reasonably necessary for our functions (APP 3.2(a))
To process payments and manage billing	Reasonably necessary for our functions (APP 3.2(a))
To enable AI voice agents to conduct voice interactions, generate transcripts, summaries, and other AI outputs	Reasonably necessary for our functions (APP 3.2(a))
To provide customer support and respond to enquiries	Reasonably necessary for our functions (APP 3.2(a))
To monitor, maintain, and improve the Platform, including AI model performance	Reasonably necessary for our functions (APP 3.2(a))
To detect and prevent fraud, security incidents, and misuse of the Platform	Reasonably necessary for our functions (APP 3.2(a))
To comply with legal obligations, including the Notifiable Data Breaches scheme	Required by law (APP 6.2(b))
To send you service communications (account alerts, billing notices, security notifications)	Reasonably necessary for our functions (APP 3.2(a))
To send marketing communications (only with your consent; you can opt out at any time)	Consent (APP 6.1(a))
To create anonymised and aggregated data for platform improvement, benchmarking, and product development	Information is de-identified and no longer personal information

We will not use or disclose your personal information for a purpose other than the purpose for which it was collected (the primary purpose), unless: (a) you have consented; (b) you would reasonably expect us to use or disclose the information for a related secondary purpose; or (c) the use or disclosure is required or authorised by law.

5. AI-Specific Data Practices

5.1 Voice Recordings and Transcripts

Voice recordings and transcripts are processed to enable the core functionality of the Platform, including real-time AI agent responses, call transcription, and post-call summaries. Recordings are stored securely and retained in accordance with clause 8 below.

We do not use customer voice recordings to train our general-purpose AI models unless the customer has provided explicit written consent and all applicable consents have been obtained from the individuals whose voices are recorded.

5.2 AI Model Training

Our AI models are trained on proprietary and licensed datasets. We may use anonymised, aggregated, and de-identified interaction data (which does not identify any individual) to improve the performance, accuracy, and quality of the Platform. This de-identified data cannot be used to reconstruct individual voice interactions or identify callers.

5.3 Automated Decision-Making

The Platform uses AI to generate responses to callers in real time. These responses are generated automatically by machine learning models and are not reviewed by a human before delivery. The Platform may also generate sentiment analysis scores, intent classifications, and other analytical outputs. These outputs are tools to assist our customers and are not used by Agntic to make decisions that have a legal or similarly significant effect on any individual.

Our customers are responsible for determining how AI outputs are used within their business and for ensuring that appropriate human oversight is in place, particularly for decisions that affect individuals.

5.4 Caller Awareness

Under our End User Licence Agreement, customers are required to ensure that their AI agents disclose their AI nature at the start of every voice interaction. Customers are also required to inform callers that calls may be recorded and to provide callers with the option to request a human representative.

6. Who We Share Your Information With

We may share personal information with the following categories of recipients:

Recipient	Purpose	Safeguards
Cloud infrastructure provider (AWS)	Hosting, storage, and processing of Platform data	Data hosted in AWS Asia-Pacific (Sydney) region; AWS maintains SOC 2 and ISO 27001 certifications
Payment processor (Stripe)	Processing subscription payments	PCI DSS Level 1 certified; we do not store full card numbers
AI model providers	Processing voice interactions and generating AI outputs	Sub-processor agreements in place; data processed in accordance with our instructions
Telephony providers	Routing voice calls to and from AI agents	Telecommunications carrier agreements in place
Analytics providers	Website and Platform usage analytics	De-identified and aggregated data only; no voice recordings or transcripts shared
Professional advisers	Legal, accounting, and compliance advice	Subject to professional confidentiality obligations
Law enforcement or regulators	Where required by law or lawful request	We will comply with valid legal process; we will notify you where lawfully permitted

A current list of our sub-processors is available at https://agntic.ai/legal/sub-processors. We will update this list when we add or change sub-processors and will provide notice of material changes.

We do not sell personal information. We do not share personal information with third parties for their own marketing purposes.

7. Overseas Disclosure of Personal Information

Some of our sub-processors may process personal information outside Australia. In particular, AI model providers may process data in the United States. Where personal information is disclosed to an overseas recipient, we take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to that information, in accordance with APP 8.

We will disclose the countries in which our sub-processors are located in our sub-processor list at https://agntic.ai/legal/sub-processors.

8. Data Retention

We retain personal information only for as long as reasonably necessary for the purposes for which it was collected, or as required by law. Our standard retention periods are:

Data Type	Retention Period
Account information	For the life of the account, plus 12 months after account closure
Payment and billing records	7 years from the date of the transaction (as required by Australian tax law)
Voice recordings	As configured by the customer (default: 90 days), after which recordings are automatically deleted unless the customer has configured a longer retention period
Transcripts and AI outputs	As configured by the customer (default: 12 months), or until the customer deletes them, whichever is earlier
Call metadata	12 months from the date of the interaction
Platform usage logs	12 months from the date of activity
Support communications	3 years from the date of the last communication
Website analytics	26 months (anonymised)

When your account is terminated or expires, we retain your data for 30 days to allow you to export it. After that period, we will delete or de-identify your personal information in accordance with this policy, except where retention is required by law.

9. Security of Your Information

We take the security of personal information seriously and implement reasonable technical and organisational measures to protect it against unauthorised access, loss, destruction, or alteration. Our security measures include:

• Encryption of data in transit (TLS 1.2+) and at rest (AES-256);

• Role-based access controls and multi-factor authentication for Platform administration;

• Regular vulnerability assessments and penetration testing;

• Incident detection and response procedures, including a documented incident response plan;

• Business continuity and disaster recovery measures;

• Employee and contractor security awareness training; and

• Access logging and audit trails for sensitive data.

No method of electronic transmission or storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

10. Your Rights

Under the Privacy Act 1988 and the APPs, you have the following rights in relation to your personal information:

10.1 Access (APP 12)

You have the right to request access to the personal information we hold about you. We will respond to your request within 30 days. In most cases, we will provide the information free of charge, but we may charge a reasonable fee for requests that are manifestly unfounded or excessive.

10.2 Correction (APP 13)

You have the right to request that we correct any personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading. If we correct information that we have previously disclosed to a third party, we will take reasonable steps to notify the third party of the correction.

10.3 Complaints

If you believe that we have breached the APPs or handled your personal information inappropriately, you may lodge a complaint with us by emailing privacy@agntic.ai. We will acknowledge your complaint within 5 business days and will investigate and respond within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

10.4 Anonymity and Pseudonymity (APP 2)

Where it is lawful and practicable, you have the option of not identifying yourself, or of using a pseudonym, when dealing with us. However, this option is generally not available when you create an account (as we need to verify your identity) or when you contact us about an existing account.

10.5 Data Deletion

You may request that we delete your personal information. We will comply with your request unless we are required to retain the information by law, or the information is necessary for us to establish, exercise, or defend a legal claim. Account holders can delete their account at any time through the Platform settings, which will trigger the data retention and deletion process described in clause 8.

10.6 Rights of Callers

If you are a caller who has interacted with an AI voice agent deployed by one of our customers, your primary point of contact for privacy enquiries is the business that deployed the agent. That business is the data controller for the personal information collected during your interaction. However, you may also contact us at privacy@agntic.ai if you have concerns about how the Platform has processed your information, and we will work with the relevant customer to address your enquiry.

11. Cookies and Tracking Technologies

Our website and Platform use cookies and similar technologies to provide functionality, analyse usage, and improve the user experience. The types of cookies we use are:

Type	Purpose	Duration
Essential cookies	Required for the Platform to function (authentication, session management, security)	Session or up to 12 months
Analytics cookies	Help us understand how users interact with our website and Platform (page views, feature usage, errors)	Up to 26 months
Preference cookies	Remember your settings and preferences (language, dashboard layout)	Up to 12 months

We do not use advertising or behavioural tracking cookies. We do not serve third-party advertisements on the Platform.

You can manage your cookie preferences through your browser settings. Disabling essential cookies may affect the functionality of the Platform.

12. Marketing Communications

We may send you marketing communications about our products, features, and services where you have consented to receive them or where we have an existing business relationship with you and the communications relate to similar products or services (in accordance with APP 7).

You can opt out of marketing communications at any time by: (a) clicking the “unsubscribe” link in any marketing email; (b) updating your communication preferences in your account settings; or (c) emailing us at privacy@agntic.ai.

Opting out of marketing communications will not affect service-related communications (such as billing notices, security alerts, and essential platform updates).

13. Children’s Privacy

The Platform is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without appropriate parental consent, we will take steps to delete that information. If you believe a child has provided us with personal information, please contact us at privacy@agntic.ai.

14. Data Breach Notification

We comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988. If we experience an eligible data breach that is likely to result in serious harm to affected individuals, we will: (a) notify the OAIC; (b) notify affected individuals as soon as practicable; and (c) provide information about the breach and the steps individuals can take to protect themselves.

If you are a customer and we detect a security incident affecting your data, we will notify you in accordance with the terms of our EULA (within 72 hours of becoming aware of the incident).

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will: (a) update the “Effective Date” at the top of this policy; (b) post the updated policy at https://agntic.ai/legal/privacy; and (c) notify account holders by email at least 30 days before the changes take effect.

Your continued use of the Platform after the effective date of any changes constitutes your acceptance of the updated policy.

16. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your privacy rights, or want to make a complaint, please contact us:

Privacy Officer

Agntic Pty Ltd

Email: privacy@agntic.ai

Phone: +61 402 844 523

Web: https://agntic.ai

If you are not satisfied with our response to a privacy complaint, you may contact the Office of the Australian Information Commissioner:

Website: www.oaic.gov.au

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

Agntic Pty Ltd | ABN 53 680 307 680

This Privacy Policy was last updated in March 2026.