Last updated: 24 March 2026
Patchcalls.com provides an AI-powered receptionist service for UK tradespeople. We handle incoming calls, capture job details, and deliver lead summaries so you never miss business when you are working.
This privacy policy explains how we collect, use, store, and protect personal data in connection with the Patchcalls service. We are committed to handling your data responsibly and in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
For customer account data (your name, email, business details, billing information): the data controller is Matthew Larby, trading as Patchcalls.com.
For caller data (personal data belonging to individuals who call your business): you, the tradesperson, are the data controller. Patchcalls acts as your data processor, processing caller data on your behalf solely to provide the service. The terms of this processing relationship are set out in the Data Processing Agreement contained in our Terms and Conditions.
When you sign up and use Patchcalls, we collect:
When the Patchcalls service handles calls on your behalf, the following data is processed:
Call audio is retained for up to 90 days to support service delivery, quality assurance, and dispute resolution, after which it is automatically deleted.
All payments are processed by Paddle.com, our Merchant of Record. We do not collect, store, or have access to your card numbers, CVV, or bank details. We retain only a subscription status reference and billing history provided by Paddle.
If you consent, we collect website usage data through Google Analytics, including pages visited, time on site, and interaction data. No website analytics data is collected without your consent.
If you contact us via our website, we collect the name, email address, and message content you provide.
Under the UK GDPR, we must have a lawful basis for each processing activity:
| Processing activity | Legal basis | Details |
|---|---|---|
| Account creation and management | Contract (Art. 6(1)(b)) | Necessary to provide the service you have subscribed to |
| Call handling, transcription, and lead capture | Contract (Art. 6(1)(b)) | Necessary to deliver the core service on behalf of the tradesperson (controller) |
| Call audio retention (90 days) | Contract (Art. 6(1)(b)) | Necessary for service delivery, quality assurance, and dispute resolution |
| SMS and email call summaries | Contract (Art. 6(1)(b)) | Necessary to deliver call information to you |
| Appointment scheduling | Contract (Art. 6(1)(b)) | Necessary to deliver the booking feature |
| Service improvement and performance monitoring | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest in improving service quality and reliability |
| Fraud prevention and platform security | Legitimate interest (Art. 6(1)(f)) | Our legitimate interest in protecting the platform and its users |
| Website analytics (Google Analytics) | Consent (Art. 6(1)(a)) | Only processed if you opt in |
| Marketing emails | Consent (Art. 6(1)(a)) | Only sent if you opt in; you can unsubscribe at any time |
| Payment processing (via Paddle) | Contract (Art. 6(1)(b)) | Necessary to process your subscription payments |
We use the following cookies:
| Cookie | Purpose | Type | Duration | Consent required |
|---|---|---|---|---|
| Stytch session | Keeps you logged into your account | Essential | Session | No |
| Google Analytics (_ga, _gid) | Anonymous website usage statistics | Analytics | _ga: 2 years; _gid: 24 hours | Yes |
| Marketing pixels | Third-party advertising tracking | Marketing | Varies by provider | Yes |
If you select essential cookies only, no analytics or marketing scripts are loaded. You can change your cookie preferences at any time via the cookie banner on our website.
We share data with the following third-party processors to deliver the service:
| Processor | Purpose | Data shared | Location |
|---|---|---|---|
| Twilio | Telephony and SMS delivery | Caller phone numbers, SMS content | United States |
| LiveKit | Real-time audio processing | Call audio (transient, not stored) | United States |
| Anthropic (Claude) | AI language processing | Call audio and transcript data (real-time) | United States |
| Stytch | Account authentication | Email address, login sessions | United States |
| Resend | Transactional email delivery | Email address, call summary content | United States |
| Paddle | Payment processing (Merchant of Record) | Name, email, payment details | UK / European Union |
| Google Analytics | Website analytics (with consent only) | Anonymised website usage data | United States |
We have appropriate contractual arrangements in place with each processor to ensure they handle data in accordance with UK data protection law.
Anthropic provides the AI language model that powers the Patchcalls receptionist. Call data is sent to Anthropic’s API for real-time processing. Anthropic does not use your call data to train its AI models. Anthropic’s data processing practices are described in their privacy policy at anthropic.com/privacy.
We may use anonymised and aggregated call data — from which all personal identifiers have been irreversibly removed — to improve the Patchcalls service, including AI improvement. Once data has been anonymised, it is no longer personal data and is not subject to UK GDPR. We do not use identifiable caller personal data for any purpose other than providing the service on behalf of the tradesperson.
Several of our processors are based in the United States. When personal data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place as required by Chapter V of the UK GDPR.
For transfers to the United States, we rely on Standard Contractual Clauses (SCCs) as approved by the UK Secretary of State under S.119A of the Data Protection Act 2018, together with supplementary measures where appropriate.
The UK has issued adequacy regulations for the EU/EEA, meaning transfers to Paddle’s EU-based operations do not require additional safeguards.
If you would like further details about the transfer mechanisms we rely on, please contact us at privacy@patchcalls.com.
| Data type | Retention period |
|---|---|
| Call audio | 90 days from the date of the call, then automatically deleted |
| Call transcripts and lead data | 12 months from the date of the call, then automatically deleted |
| Customer account data | Duration of your account plus 6 months after closure |
| Contact form submissions | Until resolved, then deleted within 6 months |
| Website analytics data | 14 months (Google Analytics standard retention) |
| Payment records | As required by tax and accounting obligations (typically 6 years) |
You may request deletion of your data at any time by contacting privacy@patchcalls.com. Where we are required by law to retain certain data (for example, billing records for tax purposes), we will explain this to you.
Under the UK GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, contact us at privacy@patchcalls.com. We will respond within one month. If your request is complex, we may extend this by a further two months, but we will inform you within the first month if this is necessary.
There is no fee for exercising your rights in most circumstances. If a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse the request, and we will explain our reasons.
We implement appropriate technical and organisational measures to protect personal data, including encryption of data in transit (TLS) and at rest, access controls, and regular security reviews.
No system is completely secure. If we become aware of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner’s Office (ICO) within 72 hours and will notify you without undue delay where the breach is likely to result in a high risk to your rights and freedoms.
The Patchcalls service is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a person under 18, we will delete it promptly.
We may update this privacy policy from time to time. If we make material changes, we will notify you by email. The “Last updated” date at the top of this page reflects the most recent revision.
If you are unhappy with how we have handled your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us at privacy@patchcalls.com in the first instance.
For any questions about this privacy policy or how we handle your data: