Privacy Policy

This Privacy Policy explains how Selma AI collects, uses, stores, shares and protects your personal information, including data accessed via Google APIs.

Effective date: 10 May 2026 · Last updated: 10 May 2026

1. Who we are

Selma AI ("Selma", "we", "us", "our") is an AI-powered voice secretary service.

The data controller is:

An Estonian legal entity ("CallsFlow OÜ") is in the process of being established. This page will be updated when ownership of the service transfers to that entity.

2. What information we collect

2.1 Account information

• Email address
• Display name
• Password (stored as a bcrypt hash; we never store plaintext passwords)
• If you sign in via Google: your Google email and basic profile (name, avatar URL)

2.2 Google user data (only with your explicit consent)

If — and only if — you connect your Google account to Selma, we request the following OAuth scopes:

• https://www.googleapis.com/auth/calendar.events — read and write calendar events on your primary Google Calendar so your AI agent can schedule meetings, list upcoming events and update existing ones on your behalf.
• https://www.googleapis.com/auth/contacts.readonly — read your Google Contacts so your AI agent can resolve a name (e.g. "schedule a meeting with John") to an email address or phone number.
• https://www.googleapis.com/auth/contacts.other.readonly — read "Other contacts" (frequent correspondents who are not in your main address book) for the same lookup purpose.
• https://www.googleapis.com/auth/userinfo.email — to identify which Google account is connected.

We store the OAuth refresh token in our database (encrypted at rest) so the agent can perform actions you have requested. You can disconnect at any time, which revokes the token and deletes it from our systems.

2.3 Conversation and voice data

• Text messages exchanged with your AI agent
• If you use voice mode: an audio stream of your spoken instructions and the agent's responses
• If you use telephony features: recordings and transcripts of inbound and outbound phone calls handled by the agent

2.4 Service operations data

• IP address, user agent, request timestamps (for security and abuse prevention)
• Service logs and error reports
• Billing-related metadata (plan, usage counters)

3. How we use your information

We use the data described above only to:

• Provide the AI secretary service you signed up for — including reading and writing calendar events, looking up contacts, drafting replies, scheduling meetings, and answering phone calls on your behalf.
• Authenticate you and protect your account from unauthorised access.
• Operate, troubleshoot and improve the service (e.g. fix bugs, monitor performance).
• Respond to your support requests.
• Comply with legal obligations.

We do not use your Google user data to train generalised AI models, advertising profiles or any product unrelated to the personalised features you have enabled.

4. Limited Use of Google user data

Specifically, data obtained via Google APIs (Calendar, Contacts, user profile) is:

• Used only to provide user-facing features that are prominent in our user interface.
• Not transferred to others except as necessary to provide or improve user-facing features, comply with applicable law, or as part of a merger or acquisition (with your data protected).
• Not used to serve advertisements.
• Not read by humans, unless we have your affirmative consent for specific messages, or it is necessary for security purposes (e.g. to investigate abuse), to comply with applicable law, or for internal operations where the data has been aggregated and anonymised.

5. AI sub-processors

To deliver the service, parts of your input may be sent to the following sub-processors, each of which is contractually prohibited from using your data to train their general-purpose models without our (and your) consent:

• Anthropic, PBC — large-language-model inference (Claude family). Data sent: text of your messages.
• Google LLC — Gemini / Vertex AI inference, Google Calendar API, Google People (Contacts) API. Data sent: text of your messages, calendar event payloads, contact queries.
• Inworld AI, Inc. — voice synthesis (text-to-speech). Data sent: text the agent is about to speak.
• Deepgram, Inc. — speech-to-text. Data sent: audio of your spoken input.
• Resend, Inc. — transactional email delivery (sign-up confirmations, password resets). Data sent: your email address and message bodies.
• Hetzner Online GmbH — cloud hosting (Germany / Finland, EU). Data stored: everything described in section 2.

6. Data storage and security

Data is stored on servers physically located in the European Union. We apply industry-standard security measures:

• TLS 1.2+ for all data in transit.
• Encryption at rest for OAuth tokens, password hashes and personal data fields.
• Strict access controls; only authorised engineers have production access, and access is logged.
• Regular backups, with the same encryption standards.

No system is perfectly secure. If we become aware of a breach affecting your data, we will notify you and the relevant authorities as required by law.

7. Data retention and deletion

• Account data — kept while your account exists. Deleted within 30 days after you close the account.
• Google OAuth tokens — deleted immediately when you disconnect Google or delete your account.
• Chat history — kept for the lifetime of your account so the agent has context, unless you clear it from the in-app "🗑" button or request full deletion.
• Voice recordings — kept for 30 days for quality and dispute resolution, then automatically deleted, unless you choose to extend retention.
• Service logs — kept for up to 90 days.
• Backups — overwritten on a 30-day rolling cycle.

You can delete your data at any time:

• In-app: Settings → Delete account, or the "🗑" button in chat to clear conversation history.
• To revoke Google access: Settings → Connected services → Disconnect Google, or via your Google Account permissions page.
• By email: send a deletion request to sokhinov@gmail.com; we will action it within 30 days.

8. Your rights

Depending on your jurisdiction (EU/EEA, UK, Ukraine, California and others) you have the right to:

• Access the personal data we hold about you.
• Rectify inaccurate data.
• Delete your data ("right to be forgotten").
• Export your data in a portable format.
• Object to or restrict certain processing.
• Withdraw consent, where processing is based on consent.
• Lodge a complaint with your local data-protection authority.

To exercise any of these rights, email sokhinov@gmail.com. We respond within 30 days.

9. We do not sell your data

We do not sell your personal data, and we do not share it with third parties for their own marketing or advertising purposes.

10. Children

Selma is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

11. International transfers

Some of our sub-processors are located outside the EU/EEA (notably Anthropic, OpenAI, Inworld and Deepgram in the United States). When we transfer personal data internationally, we rely on Standard Contractual Clauses or equivalent safeguards approved by the European Commission.

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. For material changes that affect your rights, we will notify you by email and / or with an in-app notice before the change takes effect.

13. Contact

Questions, complaints, deletion requests: