1. Introduction

Robot Staff Inc. ("Robot Staff," "we," "our," or "us") is committed to protecting the privacy and confidentiality of personal information, including personal health information, in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA), Ontario's Personal Health Information Protection Act (PHIPA), and all applicable provincial privacy legislation.

This Privacy Policy describes how we collect, use, disclose, retain, and safeguard personal information in connection with our AI automation services, including AI voice receptionists, appointment booking systems, and workflow automation tools deployed on behalf of our clients ("Services").

Our Privacy Officer is responsible for overseeing compliance with this policy and applicable privacy laws. Contact details are provided in Section 14.

2. Scope and Application

This Policy applies to:

• Personal information collected directly from visitors to robotstaff.io
• Personal information collected on behalf of our clients (clinics, healthcare providers, and other service businesses) through our AI automation systems
• Personal health information (PHI) processed when our voice receptionist and booking systems interact with patients on behalf of healthcare clients

Robot Staff acts as a data processor on behalf of our clients (the data controllers) when processing patient or end-user data. Our clients are responsible for obtaining appropriate consent from their patients and end-users for the use of our Services.

3. Information We Collect

3.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, and business address when you contact us, request a demo, or become a client.
• Business Information: Company name, industry, and size to customize our services.
• Account Credentials: Login information for our client portal.
• Communications: Records of your interactions with our team via email, phone, or chat.
• Payment Information: Billing details processed securely through Stripe. We do not store payment card numbers.

3.2 Personal Health Information Processed on Behalf of Healthcare Clients

When deployed for healthcare clients, our AI systems may process the following on behalf of the client:

• Patient names and contact information (phone number, email address)
• Appointment details (date, time, provider, appointment type)
• Basic intake information as directed by the clinic
• Voice recordings of patient calls (where Zero Data Retention mode is not enabled)

We process this information solely to provide the Services as instructed by our healthcare clients and do not use it for any independent purpose.

3.3 Automatically Collected Data

• Website usage data and analytics via cookies and tracking technologies
• System performance and error logs (containing no patient PHI)
• Workflow execution metadata for service delivery and troubleshooting

4. Legal Basis for Processing and Consent

We process personal information on the following legal bases:

• Contractual necessity: to deliver Services under our client agreements
• Legitimate interests: to operate and improve our services, prevent fraud, and ensure security
• Compliance with legal obligations: to meet requirements under PIPEDA, PHIPA, and applicable provincial laws

For healthcare deployments, our clients are responsible for obtaining informed consent from patients prior to using our AI voice and booking systems. We provide consent language templates and technical implementation guidance to assist clients in meeting their consent obligations under PHIPA and PIPEDA.

5. How We Use Personal Information

We use personal information to:

• Deliver, maintain, and improve our AI automation Services
• Process and confirm appointments on behalf of healthcare clients
• Send appointment reminders, confirmations, and follow-up communications as directed by clients
• Provide customer support and respond to inquiries
• Detect, investigate, and prevent security incidents or misuse
• Comply with legal obligations and enforce our agreements

We do not sell personal information to third parties. We do not use personal information or PHI processed on behalf of clients to train, fine-tune, or improve our AI models or those of our subprocessors, except with explicit written consent.

6. Subprocessors and Third-Party Services

We engage trusted subprocessors to deliver our services, including voice AI, language model, voice synthesis, workflow automation, and payment processing providers. All subprocessors are bound by written data protection agreements.

7. Data Retention

We retain personal information only as long as necessary for the purposes for which it was collected, or as required by law:

• Client account data: retained for the duration of the client relationship plus 7 years for legal and tax purposes
• Patient call and appointment data: retained for a maximum of 90 days, after which it is permanently deleted. For healthcare deployments with Zero Data Retention mode enabled, call transcripts and recordings are never stored.
• Workflow execution logs: automatically pruned every 30 days. Logs are configured to exclude PHI where possible.
• Website analytics: retained for 26 months in anonymized form

Upon termination of a client agreement, we will delete or return all client data within 30 days of written request, except where retention is required by applicable law.

8. Data Security

We implement administrative, technical, and physical safeguards to protect personal information:

• Encryption in transit: all data transmitted between our systems and subprocessors uses TLS 1.2 or higher
• Encryption at rest: workflow and credential data are encrypted using AES-256 at the infrastructure level
• Access controls: role-based access controls limit data access to personnel with a need to know
• Multi-factor authentication: enforced on all administrative accounts and remote access systems
• Credential management: API keys and secrets are stored in a dedicated secrets manager, isolated from production data
• Network security: production systems operate within private network configurations inaccessible to the public internet
• Security monitoring: continuous monitoring of infrastructure with automated alerts

While we take all reasonable precautions, no system is 100% secure. We encourage clients to contact us immediately if they suspect a security incident.

9. AI and Automated Decision-Making Disclosures

Our Services involve AI and machine learning technologies. In the interest of transparency, we disclose the following:

• AI voice systems: our voice receptionists use speech-to-text, large language model (LLM) inference, and text-to-speech technologies to conduct conversations with patients and callers on behalf of our clients
• No clinical decision-making: our AI systems do not make clinical decisions, diagnoses, or medical recommendations. All clinical decisions remain with qualified healthcare providers.
• Human review: appointment bookings and other outputs generated by our AI systems are confirmed in the client's existing EMR system, providing a human review layer before any clinical workflow is affected
• No training on PHI: patient data and PHI processed through our systems is never used to train, fine-tune, or evaluate AI models, whether ours or those of our subprocessors
• Model governance: we maintain documentation of the AI models used, their intended purpose, known limitations, and monitoring controls. This documentation is available to clients upon request.
• Caller disclosure: our AI voice systems are configured to disclose that the caller is speaking with an AI assistant when asked directly

10. Data Transfers

Our subprocessors may operate infrastructure located in the United States or other jurisdictions. When transferring personal information, we ensure:

• Contractual protections: written data processing agreements with all subprocessors that impose equivalent privacy and security obligations
• Data minimization: only the minimum necessary data is transmitted to each subprocessor for the specific purpose of service delivery
• No secondary use: subprocessors are contractually prohibited from using data for purposes beyond providing the contracted service
• Breach notification: subprocessors are obligated to notify us promptly of any security incidents involving our data

Clients in regulated healthcare settings should be aware that patient data processed through our voice systems may transit cloud infrastructure hosted in the United States. We can provide detailed data flow documentation upon request to assist clients with their own privacy and compliance assessments.

11. Your Privacy Rights

Individuals whose personal information we hold have the following rights:

• Access: request a copy of personal information we hold about you
• Correction: request correction of inaccurate or incomplete information
• Withdrawal of consent: withdraw consent for processing where consent is the legal basis (subject to legal and contractual limitations)
• Deletion: request deletion of personal information, subject to legal retention requirements

For patients of our healthcare clients: your primary relationship is with the clinic or healthcare provider, not with Robot Staff. For requests relating to your health information, please contact your healthcare provider directly. Robot Staff will cooperate with such requests as directed by the client.

To exercise your rights, contact our Privacy Officer at privacy@robotstaff.io.

12. Privacy Breach Notification

In the event of a privacy breach involving personal information under our control or processed by our subprocessors:

• We will notify affected clients within 24 hours of discovering a breach involving their client or patient data
• We will notify the Office of the Privacy Commissioner of Canada where required under PIPEDA (breaches that create a real risk of significant harm)
• We will notify affected individuals as required by applicable law and in cooperation with the affected client
• We maintain a breach register documenting all incidents, including those that do not meet the reporting threshold

Our breach response procedure is documented and tested, and all personnel with access to personal information are trained on incident identification and escalation.

13. Cookies and Website Tracking

Our website (robotstaff.io) uses cookies and analytics tools to understand visitor behaviour and improve our services. We do not use website cookies to collect personal health information.

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality. We do not use targeting or advertising cookies.

14. Privacy Officer and Contact Information

Questions, requests, or concerns regarding this Privacy Policy or our data practices should be directed to:

We will respond to all privacy inquiries within 10 business days.

If you are not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada at 1-800-282-1376 or priv.gc.ca.

15. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. We will notify active clients of material changes by email at least 30 days before the changes take effect. The current version will always be available at robotstaff.io/privacy.