SalesGhost logo
SalesGhost

Last updated 21 January 2026

Privacy Policy

This policy explains the personal data SalesGhost collects, how we use it, the choices you have, and the safeguards we apply across our web application, macOS companion, and supporting services.

1. Who we are

SalesGhost is an AI copilot that supports revenue teams during live calls and follow-up workflows. This privacy policy applies whenever you visit our websites, use our applications, receive communications from us, or interact with our teams.

When SalesGhost determines the purposes and means of processing, we act as the data controller. When we process personal data on behalf of a customer (for example, calendar content or meeting transcripts), we act as a data processor and follow the customer's instructions.

Contact details:
SalesGhost
88 Pentney Road, Balham, SW12 0NY, United Kingdom
Email: privacy@salesghost.app
ICO registration: ZC039812

2. Data we collect

The data we collect depends on how you interact with SalesGhost:

  • Account & Contact Data — Name, role, team, email address, and authentication identifiers from WorkOS or SSO providers
  • Usage Data — Feature interactions, call outcomes, device information, IP address, browser type, and time zone
  • Payment & Billing Data — Subscription tier, invoicing details, and payment metadata via Stripe (we never store full card numbers)
  • Calendar Data — Meeting titles, descriptions, times, locations, attendee lists, and meeting links from connected calendars
  • Audio & Transcript Data — System audio streams, transcriptions, highlights, and coaching artifacts captured with participant consent
  • Support Data — Information you provide when engaging with support, including attachments and feedback

We may create aggregated or de-identified insights for analytics and product improvements.

3. How we collect data

  • Direct interactions — When you sign up, complete onboarding, participate in research, or contact us
  • Automated technologies — Cookies, SDKs, and similar technologies when you use our sites or apps
  • Connected services — When you link calendars, CRMs, or collaboration platforms via OAuth (we never store third-party passwords)
  • Partners and public sources — Business contact data from partners or public sources to keep records accurate

4. How we use data

We process personal data where we have a lawful basis:

  • Providing services — Creating accounts, delivering coaching, generating notes, operating the knowledge base (contractual necessity)
  • Improving the product — Analyzing usage, measuring adoption, developing features (legitimate interests)
  • Communicating — Sending onboarding tips, updates, billing notices, and support responses (legitimate interests / consent for marketing)
  • Compliance & safety — Preventing abuse, detecting incidents, meeting legal obligations (legal obligation / legitimate interests)

We do not sell personal data. Where we rely on consent, you may withdraw it at any time.

5. AI and third-party sharing

AI processing

SalesGhost uses third-party AI infrastructure for transcription, summarization, and recommendations. We share only the minimum data needed—primarily audio snippets, transcripts, and prompts. Our AI vendors are required to honor confidentiality and are instructed not to use your data to train generalized models.

Third-party integrations

When you connect a calendar, CRM, or knowledge source, we access content you authorize to surface context inside SalesGhost. Those providers process your data under their own privacy terms. Revoke access anytime from SalesGhost or the connected service's security settings.

Processors & sub-processors

We use vetted providers for hosting (AWS), identity management (WorkOS), analytics, and payments (Stripe). Each is bound by data protection terms requiring them to act on our instructions and maintain security.

Consent requirements

You are responsible for obtaining required notices or consents from call participants before capturing audio or uploading their data. Our onboarding guides include recommended language.

6. Google Calendar data

Linking Google Calendar is optional. When you connect, you grant SalesGhost access via OAuth. We comply with the Google API Services User Data Policy including Limited Use requirements.

Scopes requested

We request read-only access:

  • calendar.readonly — To access calendar event metadata
  • userinfo.email — To identify your account

What we access

We ingest event metadata (titles, descriptions, times, locations, attendees, meeting links) to detect relevant meetings and match transcriptions to events. We store metadata in encrypted databases and refresh via webhooks. We never write to or edit your Google Calendar.

Disconnecting

Disconnect anytime from SalesGhost settings or Google account permissions. This removes stored tokens and cached events.

7. International transfers

Personal data may be transferred outside your home country. We rely on Standard Contractual Clauses, Data Privacy Framework certifications, or equivalent legal mechanisms for international transfers.

We may disclose data to:

  • Service providers — For hosting, security, support, analytics, and payments
  • Professional advisors — Legal, tax, and compliance experts
  • Corporate transactions — In mergers, acquisitions, or asset sales under confidentiality
  • Legal requests — When required by law or to protect rights and safety

8. Data security

We protect your data with:

  • Encryption in transit (TLS 1.2+) and at rest
  • Role-based access controls and mandatory security training
  • Continuous monitoring, logging, and alerting
  • Regular penetration testing and secure development practices

No system is 100% secure. If we detect a breach posing risk to your rights, we will notify affected customers and regulators as required by law.

9. Data retention

We retain data only as long as necessary:

  • Account data — While your workspace is active, plus a reasonable period for recovery
  • Audio recordings — Discarded after transcripts and summaries are generated, unless you opt into extended retention
  • Knowledge base documents — Until you delete them or request removal
  • Support and billing — At least seven years for audit compliance

When data is no longer needed, we delete or anonymize it. Archived backups are isolated until deletion is feasible.

10. Your rights

Depending on your location, you may have rights to:

  • Access — Request confirmation and copies of your data
  • Correction — Update inaccurate or incomplete data
  • Deletion — Request deletion when no longer necessary
  • Restriction — Limit processing during disputes
  • Portability — Receive data in a structured format
  • Objection — Object to processing for direct marketing
  • Withdraw consent — If we rely on consent, withdraw anytime

To exercise rights, email privacy@salesghost.app with enough detail to verify your identity. We aim to respond within one month.

11. Updates to this policy

We review this policy when we ship material changes or adjust data practices. We'll notify customers of substantial updates by email or in-app messaging. Continuing to use SalesGhost after updates means you acknowledge the revised policy.

12. Contact

SalesGhost Privacy Team
88 Pentney Road, Balham, SW12 0NY, United Kingdom
Email: privacy@salesghost.app
Website: salesghost.app

UK residents can escalate unresolved complaints to the ICO at ico.org.uk/make-a-complaint or by calling 0303 123 1113.