Last updated on 21 Feb 2026
Note: These Terms and Conditions apply to customers outside the DACH region (Germany, Austria, Switzerland). Customers in the DACH region are subject to the German-language Allgemeine Geschäftsbedingungen (AGB), available at hanc.ai/de/terms.
These Terms and Conditions (hereinafter “Terms” or “ToS”) govern all agreements between
Good point Global LLC 476 Riverside Ave, Ste 4 Jacksonville, FL 32202, USA EIN: 61-2211030 Email: legal@hanc.ai
(hereinafter “Provider” or “Hanc.AI”)
and the respective contracting party (hereinafter “Customer”).
The Provider operates under the brand Hanc.AI a cloud-based Software-as-a-Service (SaaS) platform for AI-powered voice agents. The Platform enables businesses to deploy AI-based phone agents for various business processes, including appointment booking, reservation management, lead qualification, customer support, order and delivery inquiries, outbound communication, and information and routing services.
The Provider delivers the service as Software-as-a-Service. The Customer does not acquire possession of or title to the software, but rather a contractual right to use the service in accordance with these Terms. The software is operated on servers of the Provider or its infrastructure partners and made accessible to the Customer via the internet.
These Terms apply exclusively to businesses, commercial entities, and professionals acting in their business capacity. Consumers are excluded from entering into agreements under these Terms. By entering into this agreement, the Customer confirms that it uses the service in the course of its business activities.
These Terms apply to all current and future business relationships between the Provider and the Customer, including consulting, implementation, and support services. Any deviating, conflicting, or supplementary terms and conditions of the Customer shall not become part of the agreement unless the Provider expressly agrees to their applicability in writing.
The agreement is formed upon the Customer’s registration on the Platform at hanc.ai and acceptance of these Terms. Registration requires the provision of complete and accurate business information. The Provider confirms the formation of the agreement by email.
For Enterprise customers, the agreement may also be formed through an individual offer by the Provider and its acceptance by the Customer. In such cases, the provisions of the individual agreement shall take precedence over the provisions of these Terms.
Offers by the Provider are non-binding and subject to change unless expressly designated as binding. A binding offer shall be valid for four (4) weeks from the date of issuance, unless a different period is specified.
The Customer consents to communication by electronic means (email, platform messages). Electronic communications from the Provider shall be deemed received when sent to the email address provided by the Customer. The Customer is obligated to keep its contact information current.
In accordance with the Electronic Signatures in Global and National Commerce Act (E-SIGN Act, 15 U.S.C. §§ 7001–7006), the Customer agrees that electronic records and signatures shall have the same legal effect as written records and handwritten signatures. The essential contract information is set forth in these Terms and in the respective service descriptions on the Platform.
The Provider makes the following core services available to the Customer:
a) AI Voice Agent Platform: Access to a cloud-based platform with up to 22 specialized agent roles, including:
b) Interaction Patterns: The voice agents support seven standardized interaction patterns: Appointment-Booking, Reservation, Lead Qualification, Support, Order & Delivery, Outbound, and Info & Routing.
c) Telephony Integration: Connection to the public switched telephone network (PSTN) via SIP trunking, including inbound and outbound calls.
d) Web Widget: Embeddable voice widget for integration on the Customer’s website.
e) Dashboard: Web-based administration and analytics dashboard for configuring agents, monitoring usage, and analyzing call data.
f) Language Support: Support for up to 25 languages, depending on the selected plan.
The Provider uses third-party services to deliver its services. The principal third-party providers are:
a) Microsoft Ireland Operations Limited (Dublin, Ireland) / Microsoft Corporation — Cloud hosting (Azure), LLM, speech-to-text, text-to-speech b) LiveKit Inc. (San Jose, USA) — Real-time voice/WebRTC infrastructure, virtual call rooms c) Twilio Ireland Limited (Dublin, Ireland) / Twilio Inc. — Telephony (SIP/PSTN) d) ElevenLabs Inc. (New York, USA) — Text-to-speech, speech-to-text (optional) e) Cartesia AI, Inc. (San Francisco, USA) — Speech-to-text, text-to-speech (optional) f) PostHog Inc. (San Francisco, USA) — Usage analytics, business intelligence g) HubSpot Ireland Ltd (Dublin, Ireland) / HubSpot Inc. — CRM & marketing cloud infrastructure h) Brevo (Sendinblue SAS) (Paris, France) — Transactional and marketing emails i) Stripe Technology Europe Limited (Dublin, Ireland) / Stripe Inc. — Payment processing j) SIP Provider — Telephony connection, phone number provisioning (the specific provider depends on the customer configuration and is listed in Annex B) k) Google Ireland Limited (Dublin, Ireland) / Google LLC — Google Calendar API (appointment management)
The Provider’s liability for third-party providers is limited to negligent selection (culpa in eligendo). The Provider selects third-party providers with due care and monitors their performance. The Provider shall not be liable for service disruptions caused exclusively by a third-party provider and beyond the Provider’s control.
A complete list of sub-processors is set forth in Annex B.
a) Credits: The Customer acquires a monthly credit balance (“Credits”) in Euros with the selected plan, which is used for the consumption of platform services. The amount of included Credits depends on the respective pricing plan.
b) Per-Minute Billing: Telephony minutes are billed per commenced minute. The per-minute rate depends on the selected plan and is set forth in the current pricing schedule at hanc.ai/preise.
c) Plan Credits (included): The monthly Credits included in each plan (“Plan Credits”) expire at the end of the billing period in which they were acquired. Plan Credits do not carry over to the following billing period. Upon termination or downgrade, Plan Credits expire on the effective date of the change.
d) Overage Credits (top-up): If the Customer’s consumption exceeds the Credits included in the plan, the excess consumption is charged against the Customer’s Overage Credit balance. Overage Credits are acquired through manual top-up or via the Auto Top-Up feature (Section 3.3(e)). Unused Overage Credits carry over indefinitely to the following billing period and do not expire.
e) Auto Top-Up: The Customer may activate the “Auto Top-Up” feature via the Dashboard. When activated, the Overage Credit balance is automatically replenished by the amount specified by the Customer once the total credit balance (Plan Credits + Overage Credits) is depleted. The charge is processed via the Customer’s payment method on file. The Customer may deactivate the Auto Top-Up feature at any time via the Dashboard.
Use of the Platform is subject to a Fair Use Policy. The Provider reserves the right to restrict access or terminate the agreement for cause in the event of obviously abusive or excessive use (e.g., automated mass dialing, use solely for call forwarding without genuine AI interaction, systematic abuse of the credit system). The Customer shall be notified prior to any such action and given the opportunity to respond, unless immediate action is required to maintain system stability or to prevent unlawful activity.
The Provider continuously develops and improves the Platform. The Provider is entitled to add, modify, or discontinue features, provided that the essential scope of services is not materially reduced. Material changes shall be communicated to the Customer with thirty (30) days’ notice by email.
The Customer is obligated to fulfill the cooperation duties necessary for the provision of services in a timely and complete manner, in particular:
a) Provision of truthful and complete business information upon registration b) Timely configuration of voice agents (conversation scripts, prompts, instructions) c) Provision of credentials required for telephony integration (SIP credentials) d) Designation of a contact person for technical and organizational matters e) Timely response to support inquiries from the Provider
Delays attributable to a breach of cooperation duties shall not be attributable to the Provider.
The Customer is responsible for the configuration of its AI voice agents. This includes in particular:
a) The content design of conversation scripts and prompts b) The review of AI-generated responses for accuracy and appropriateness c) Ensuring that information communicated through the agents is truthful and lawful d) Compliance with industry-specific disclosure requirements (e.g., healthcare advertising regulations, financial services regulations)
The Provider shall not be liable for content errors in AI-generated outputs attributable to incorrect or incomplete configuration by the Customer.
The Customer shall ensure, at its own expense, the technical prerequisites for the use of the Platform, in particular a stable internet connection and a current web browser. The Provider publishes the currently supported browser versions on its website.
The Customer commits to compliance with all applicable laws and regulations, in particular:
a) Unsolicited Call Restrictions: The use of AI voice agents for unsolicited promotional calls to persons who have not consented to receiving such calls is prohibited. The Customer shall comply with all applicable telemarketing laws, including the Telephone Consumer Protection Act (TCPA, 47 U.S.C. § 227), the CAN-SPAM Act, the GDPR (where applicable), and any other local regulations governing automated or AI-assisted calls.
b) Phone Number Registration: The Customer is responsible for the proper registration and lawful acquisition of phone numbers used for the service.
c) Recording Obligations: If calls are recorded, the Customer shall obtain the consent of the call participants and provide notice of the recording, in accordance with applicable one-party or two-party consent laws.
d) Industry-Specific Regulations: The Customer shall ensure that the use of AI voice agents is compatible with the regulations applicable to its industry.
Pursuant to Art. 50 of Regulation (EU) 2024/1689 (EU AI Act), there is an obligation to disclose to natural persons that they are interacting with an AI system. The Customer commits, when using the AI voice agents for telephony, to ensure that:
a) At the beginning of each phone call, a clear notice is provided informing the caller that they are speaking with an AI-powered voice agent. b) This notice is provided in the respective language of the conversation and is clearly understandable. c) The Customer uses the standard AI disclosure announcements provided by the Platform or configures an equivalent custom announcement.
The Provider makes standard AI disclosure announcements available in all supported languages. The responsibility for activation and correct configuration lies with the Customer.
The Customer acknowledges that AI systems operate on the basis of statistical models and that generated content may, despite careful development, be erroneous, incomplete, or misleading. The Customer is responsible for:
a) Regular review and quality assurance of AI-generated responses b) Establishing appropriate escalation mechanisms for complex or sensitive inquiries c) Informing its end customers about the limitations of AI-assisted communication
The Platform may not be used for applications classified as “high-risk AI systems” pursuant to Art. 6 in conjunction with Annex III of Regulation (EU) 2024/1689, in particular not for:
a) Decisions on the creditworthiness of natural persons b) Evaluation of applicants in recruitment procedures c) Biometric identification or categorization d) Law enforcement or border control e) Critical infrastructure within the meaning of the NIS 2 Directive
The Customer acknowledges that AI language models may produce so-called “hallucinations” — statements that are grammatically correct and plausible-sounding but factually incorrect. The Provider:
a) Implements technical measures to reduce hallucinations (grounding, prompt engineering, context constraints) b) Does not warrant the factual accuracy of all AI-generated statements c) Recommends that the Customer provide for human review of critical business transactions (e.g., price commitments, contract conclusions, medical or legal information)
Liability for damages caused by AI hallucinations is governed by § 12 of these Terms.
The Customer is obligated not to input any special categories of personal data within the meaning of Art. 9 GDPR (e.g., health data, biometric data, data concerning political opinions) into the AI voice agents or to cause their processing through the Platform, unless the Customer has implemented the necessary additional safeguards and has notified the Provider in writing in advance.
The Provider grants the Customer, for the duration of the agreement, a non-exclusive, non-transferable, non-sublicensable right to use the Platform within the scope of the selected plan. Use is limited to the Customer’s business operations.
All rights to the Platform, including the underlying software, algorithms, models, designs, trademarks, and documentation, remain with the Provider or its licensors. The Customer does not acquire any intellectual property rights of the Provider beyond the right of use granted in Section 6.1.
The Customer retains all rights to its data that it inputs into the Platform or that is generated through the use of the Platform (e.g., call transcripts, configuration data). The Provider may use such data only for contract performance and — in anonymized and aggregated form — for the improvement of the Platform.
The Customer may not: a) Decompile, disassemble, or reverse-engineer the Platform, except to the extent expressly permitted by applicable law b) Sublicense, rent, lease, or transfer the Platform to third parties c) Use the Platform to develop a competing product d) Use the Platform for benchmarks or performance comparisons intended for publication without the Provider’s prior written consent
The Provider is entitled to list the Customer in reference lists, on its website, and in marketing materials as a customer. The Customer may object to such use at any time by email to legal@hanc.ai.
The Provider targets an availability of the Platform of 99.5% per calendar year, measured against total time less scheduled maintenance windows (per Section 7.6). Availability is calculated as follows:
Availability (%) = ((Total Time − Scheduled Maintenance − Unplanned Downtime) / (Total Time − Scheduled Maintenance)) × 100
Errors are classified into the following categories:
| Class | Designation | Description |
|---|---|---|
| 1 | Critical | Total platform failure; no telephony possible |
| 2 | Major | Essential functions impaired; no workaround available |
| 3 | Minor | Individual functions impaired; workaround available |
| 4 | Cosmetic | Cosmetic defects; no impact on functionality |
| Class | Response Time | Resolution Target |
|---|---|---|
| 1 | 4 hours | 24 hours |
| 2 | 8 hours | 72 hours |
| 3 | 2 business days | 4 weeks |
| 4 | 5 business days | 8 weeks |
Response times apply within service hours (Section 8.3). Error classification is at the Provider’s reasonable discretion. The Customer may request a reclassification if it disagrees with the assessment.
If the actual availability falls below the guaranteed availability of 99.5% in a calendar month, the Customer is entitled to a service credit:
| Monthly Availability | Credit (% of Monthly Fee) |
|---|---|
| < 99.5% to ≥ 99.0% | 5% |
| < 99.0% to ≥ 98.0% | 10% |
| < 98.0% to ≥ 95.0% | 20% |
| < 95.0% | 30% |
Credits are capped at a maximum of 30% of the net monthly fee for the affected month. Credits are applied against the next invoice. Credit claims must be submitted in writing or by email within thirty (30) days after the end of the affected month.
The service credit constitutes the exclusive remedy for availability shortfalls, unless the Provider has acted with willful misconduct or gross negligence.
The Provider makes information available to the Customer regarding the current operational status of the Platform, planned maintenance, and past incidents. The method of delivery (e.g., status page, email notifications, dashboard notices) is at the Provider’s discretion.
Scheduled maintenance is announced at least 48 hours in advance on the status page and by email. The regular maintenance window is Saturday, 02:00–06:00 CET/CEST. Emergency maintenance required to maintain the security or stability of the Platform may also be performed outside this window and will be communicated as promptly as possible.
The Provider maintains an online knowledge base (documentation, FAQ, tutorials) at docs.hanc.ai. This is updated regularly and available to the Customer at no additional cost.
The Customer may submit support requests by email to support@hanc.ai. Requests are processed within service hours. An automatic acknowledgment of receipt is sent. The substantive processing time depends on the error class (Section 7.3).
Support is provided during the following hours:
| Plan | Service Hours |
|---|---|
| Free, Starter | Mon–Fri, 09:00–17:00 CET |
| Pro, Business | Mon–Fri, 08:00–20:00 CET |
| Agency, Enterprise | By individual agreement |
Public holidays at the Provider’s principal place of business are excluded from service hours. All times are stated in Central European Time (CET/CEST).
Support is offered in English and German.
The Provider offers the Platform under the following pricing plans:
| Plan | Monthly Fee | Included Credits | Target Audience |
|---|---|---|---|
| Free | € 0.00 | € 10.00 (one-time) | Trial use |
| Starter | € 29.95 | € 30.00 | Sole traders, micro-enterprises |
| Pro | € 99.95 | € 100.00 | SME (10–50 employees) |
| Business | € 249.95 | € 250.00 | Mid-market |
| Agency | € 799.95 | White Label | Agencies (white-label solution) |
| Enterprise | Individual | Individual | Large corporations |
All prices are stated in Euros (EUR) exclusive of applicable taxes. The current pricing schedule with per-minute rates is available at hanc.ai/preise.
a) Plan Credits (included): Each plan includes a monthly credit allowance (“Plan Credits”) as set forth in the table above. Plan Credits are consumed for telephony minutes, web widget minutes, and SMS messages. Plan Credits expire at the end of the respective billing period without carry-over (cf. Section 3.3(c)).
b) Overage Credits (top-up): Credits acquired beyond the plan allowance (manually or via Auto Top-Up) carry over indefinitely to the next billing period and do not expire (cf. Section 3.3(d)).
c) Credits on Plan Change: Upon an upgrade, existing Overage Credits are retained; Plan Credits of the prior plan expire. Upon a downgrade, all unused Plan Credits expire on the effective date of the downgrade.
d) No Refund: Upon termination, no refund is provided for unused Credits. The Customer may use remaining Credits until the end of the paid billing period.
If the Customer consumes more Credits than included in the plan, the excess consumption is charged against the Customer’s Overage Credit balance. If no Overage Credit balance is available and the Auto Top-Up feature is not activated, the service will be restricted until the next Plan Credit allocation or until Overage Credits are manually added. The Customer may acquire Overage Credits manually via the Dashboard at any time or activate the Auto Top-Up feature (Section 3.3(e)) to ensure uninterrupted use.
a) Due Date: Invoices are due for payment within seven (7) days of the invoice date.
b) Payment Methods: Payment is made by direct debit, credit card, or bank transfer via the payment service provider Stripe Inc. (cf. Section 3.2).
c) Invoicing: Invoices are issued monthly in electronic form (PDF by email) and made available via the Dashboard.
d) Set-Off: The Customer may only set off claims against the Provider’s claims with undisputed or legally established counterclaims.
The Provider is entitled to adjust prices (including plan fees, per-minute rates, and overage rates) at any time with effect for the future. Price adjustments are communicated to the Customer at least thirty (30) days before taking effect by email and published on the pricing page at hanc.ai/preise. The adjusted prices take effect from the next billing period after expiry of the notice period. If the Customer continues to use the Platform after the price adjustment takes effect without having objected, this shall constitute acceptance of the adjusted prices.
a) If the Customer is in default of payment, the Provider is entitled to charge interest on the overdue amount at the rate of 1.5% per month (18% per annum) or the maximum rate permitted by applicable law, whichever is lower.
b) The Provider is further entitled, upon payment default exceeding fourteen (14) days, to temporarily suspend access to the Platform until the outstanding amount is settled. The Customer shall be notified by email before suspension and granted a grace period of seven (7) days.
c) Reasonable pre-judicial collection costs incurred by the Provider in connection with the recovery of overdue payments shall be borne by the Customer.
a) Monthly Term: The agreement is entered into for an indefinite period with a monthly billing cycle. The minimum term is one (1) month.
b) Annual Term: Alternatively, the Customer may choose an annual billing cycle, which is associated with a price advantage. The minimum term in this case is twelve (12) months.
c) Enterprise Agreements: The term of Enterprise agreements is negotiated individually.
a) For monthly terms, either party may terminate the agreement with fourteen (14) days’ notice to the end of the current billing period.
b) For annual terms, either party may terminate the agreement with thirty (30) days’ notice to the end of the respective contract term. If no timely notice of termination is given, the agreement automatically renews for one (1) additional month.
c) Termination must be in writing. Termination by email to legal@hanc.ai or via the termination function in the Dashboard is sufficient. The Provider shall confirm receipt and the effective date of the termination by email.
Either party is entitled to terminate the agreement for cause without notice. Cause exists in particular if:
a) The other party fails to fulfill a material contractual obligation despite written notice and a reasonable cure period of fourteen (14) days b) Insolvency proceedings are initiated against the other party or the initiation thereof is denied due to insufficient assets c) The Customer uses the Platform for unlawful purposes (in particular violations of Section 4.4 or 5.3) d) The Customer is in default of payment for more than sixty (60) days
a) After the termination becomes effective, the Customer has a period of thirty (30) days to download its data via the export function in the Dashboard. Export is provided in machine-readable standard formats (CSV, JSON).
b) The Provider ensures that the Customer has access to its data during this period, even if active use of the Platform has already ceased.
c) After expiry of the export period, the Customer’s data is deleted in accordance with Section 10.5.
After expiry of the export period (Section 10.4) and subject to applicable statutory retention obligations (including, where applicable, § 132(1) BAO — seven years under Austrian law, or IRS record retention requirements under U.S. law), all personal data of the Customer and its end users shall be completely and irrevocably deleted. The Provider shall confirm deletion upon the Customer’s request in writing.
The processing of personal data by the Provider is governed by the Privacy Policy, available at hanc.ai/privacy.
To the extent that the Provider processes personal data on behalf of the Customer in the course of service delivery, the provisions of the Data Processing Agreement in Annex A of these Terms shall apply. Annex A is an integral part of this agreement. To the extent that the provisions of Annex A deviate from the remaining provisions of these Terms, the provisions of Annex A shall prevail.
a) The Provider shall be liable to the Customer only for damages attributable to willful misconduct or gross negligence of the Provider, its legal representatives, or agents.
b) In cases of simple negligence, the Provider shall be liable only for breach of material contractual obligations (cardinal obligations). In such cases, liability is limited to the foreseeable, contract-typical damage.
c) Liability for indirect damages, lost profits, data loss (to the extent not covered by the Provider’s backup obligations), business interruption, and consequential damages is excluded, except in cases of willful misconduct or gross negligence.
The aggregate liability of the Provider for all claims of the Customer arising out of or in connection with this agreement is — regardless of the legal basis — limited to the sum of net fees actually paid by the Customer in the twelve (12) months preceding the event giving rise to the claim (Liability Cap).
This limitation does not apply to: a) Damages resulting from willful misconduct b) Personal injury (injury to life, body, or health) c) Claims under applicable product liability laws d) Breach of data protection obligations where a limitation of liability is excluded by law
The Customer bears sole responsibility for the use of AI-generated content vis-à-vis its end users and third parties. The Provider shall not be liable for damages arising from erroneous, incomplete, or misleading AI outputs, provided the Provider has implemented the technical measures to reduce hallucinations described in Section 5.4.
The Provider’s liability for the third-party providers listed in Section 3.2 is limited to negligent selection. The Provider selects third-party providers based on criteria of reliability, technical suitability, and data protection compliance and monitors their performance within reasonable bounds. Liability for service disruptions lying exclusively within the third-party provider’s area of responsibility is excluded.
For free services (in particular the Free plan, beta features, and trial periods), the Provider’s liability is limited to willful misconduct. THE FREE SERVICES ARE PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTY OF ANY KIND. ANY FURTHER LIABILITY IS EXCLUDED TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW.
a) The Provider warrants that the Platform exhibits the characteristics set forth in the respective service description and the SLA (§ 7).
b) The Customer shall report defects promptly, no later than fourteen (14) days after discovery, in writing or by email to support@hanc.ai (duty to notify). The notice should describe the defect in a comprehensible manner and, where possible, include steps to reproduce it.
c) In the event of valid defects, the Provider shall first have the right to cure the defect (bug fix). If the cure fails twice, the Customer may request a reasonable reduction of the fees or — in the case of material defects — terminate the agreement for cause.
d) TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, THE PROVIDER DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. THE PLATFORM IS PROVIDED ON AN “AS IS” BASIS WITH RESPECT TO FEATURES AND FUNCTIONALITY NOT EXPRESSLY WARRANTED IN SECTION 12.6(a).
Warranty claims shall be time-barred — to the extent permitted by applicable law — one (1) year after knowledge of the defect, but in no event later than two (2) years after the provision of the service.
Both parties commit to treating confidential information of the respective other party that becomes known to them in the course of the contractual relationship as confidential and to using it exclusively for the performance of the agreement. This obligation shall survive the termination of the agreement for a period of three (3) years.
Confidential information includes in particular: a) Business plans, strategies, and financial data b) Technical specifications and architecture data c) Customer data and usage statistics d) Pricing conditions and individual arrangements
The confidentiality obligation does not apply to information that: a) Was already publicly known at the time of disclosure or becomes publicly known without fault of the receiving party b) Was already known to the receiving party prior to disclosure c) Was lawfully obtained from a third party without confidentiality obligation d) Must be disclosed due to statutory requirements, governmental order, or court decision — in such case, the disclosing party shall be notified without delay
During the term of the agreement and for a period of two (2) years after its termination, both parties commit not to solicit or induce the resignation of any employees of the respective other party who have been involved in the performance of the agreement. In the event of a violation of this prohibition, a contractual penalty in the amount of six (6) gross monthly salaries of the affected employee shall become due. The right to claim damages exceeding this amount remains unaffected.
This agreement shall be governed by and construed in accordance with the laws of the State of Florida, USA, without regard to its conflict of laws principles. The United Nations Convention on Contracts for the International Sale of Goods (CISG) is expressly excluded.
Any disputes arising out of or in connection with this agreement shall be subject to the exclusive jurisdiction of the state and federal courts located in Duval County, Florida, USA. Both parties consent to the personal jurisdiction of such courts. This shall not apply where exclusive jurisdiction is mandatorily prescribed by statute.
If any provision of these Terms is or becomes invalid or unenforceable, the validity of the remaining provisions shall not be affected. The invalid provision shall be replaced by a valid provision that most closely approximates the economic purpose of the invalid provision. The same shall apply to any gaps in these Terms.
Amendments and supplements to this agreement must be in writing (including email), unless otherwise provided in these Terms. In accordance with the E-SIGN Act, electronic communications (including email) shall satisfy any writing requirement under these Terms. The waiver of this writing requirement itself requires written form.
In the event of conflicts between different components of the agreement, the following order of precedence shall apply:
a) The Provider is entitled to amend these Terms with effect for the future. Amendments shall be communicated to the Customer at least thirty (30) days before taking effect by email.
b) The Customer has the right to object to the amendment within the thirty (30) day notice period in writing or by email. In the event of an objection, the prior Terms shall continue to apply until the next ordinary termination date. The Customer shall in such case have a special right of termination effective as of the date the amendment takes effect.
c) If the Customer continues to use the Platform after the amendment takes effect without having objected, this shall constitute acceptance of the amended Terms.
d) Amendments that operate exclusively to the benefit of the Customer (e.g., expansion of the scope of services, price reductions) shall take effect without an objection period.
Assignment of rights and obligations under this agreement by the Customer requires the prior written consent of the Provider. The Provider is entitled to assign its rights and obligations under the agreement to an affiliated company or, in the course of a business transfer, to a successor. The Customer shall be notified of any such assignment without delay.
Neither party shall be liable for the non-performance or delayed performance of its obligations under this agreement to the extent that such non-performance or delay is caused by circumstances of force majeure. Force majeure events include, but are not limited to: natural disasters, war, terrorism, pandemics, epidemics, strikes, governmental orders, sanctions, embargoes, failure or disruption of essential cloud infrastructure or telecommunications networks (to the extent not attributable to the affected party), cyberattacks, and other circumstances beyond the reasonable control of the affected party.
The affected party shall notify the other party without delay of the occurrence and expected duration of the force majeure event and shall take all reasonable measures to mitigate the impact of the event.
If the force majeure event persists for more than thirty (30) consecutive days, either party shall be entitled to terminate the agreement with immediate effect. In such case, any prepaid fees shall be refunded on a pro-rata basis.
Neither party shall be liable to the other party for any damages, losses, or costs arising from or in connection with a force majeure event, except for payment obligations that arose prior to the force majeure event.
pursuant to Art. 28(3) of Regulation (EU) 2016/679 (GDPR)
between the Customer (hereinafter “Controller”) and Good point Global LLC (hereinafter “Processor”)
a) This Data Processing Agreement governs the obligations of the Processor when processing personal data on behalf of the Controller in the course of providing the services described in § 1.2 of the Terms.
b) The duration of the data processing corresponds to the term of the main agreement (§ 10 of the Terms) plus the export period (§ 10.4 of the Terms) and applicable statutory retention periods.
c) The Processor shall process personal data exclusively within the territory of the European Union and the European Economic Area, with the exception of the third-country transfers set forth in Section A.9.
The processing is carried out for the purpose of providing the Hanc.AI AI voice agent platform, in particular:
a) Receiving and conducting phone calls through AI voice agents b) Processing and storage of call content (transcripts, summaries) c) Analysis and statistical evaluation of call data (dashboard, reports) d) Forwarding of information to recipients defined by the Controller (e.g., CRM integration, email notifications) e) Storage and management of the Controller’s configuration data
The types of processing include: collection, recording, organization, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, alignment, combination, restriction, erasure, and destruction.
The following categories of personal data may be processed:
a) Caller master data: Name, phone number, email address (to the extent disclosed during the call) b) Call content: Transcripts, summaries, extracted information (appointments, order numbers, inquiries) c) Metadata: Time, duration, and direction of the call, IP address (for web widget) d) Configuration data: Business information stored by the Controller, conversation scripts, prompts e) Usage data: Login data, access logs, dashboard activities of the Controller
a) Callers and call participants of the AI voice agents (end customers, prospects, business partners of the Controller) b) Employees and authorized persons of the Controller (dashboard users)
The Processor implements the following technical and organizational measures pursuant to Art. 32 GDPR:
a) Confidentiality:
b) Integrity:
c) Availability and Resilience:
d) Procedures for Regular Review:
a) The Controller grants the Processor general authorization to engage sub-processors in accordance with the list set forth in Annex B.
b) The Processor shall inform the Controller of any intended change regarding the addition or replacement of sub-processors at least thirty (30) days before the change by email. The Controller may object to the change within fourteen (14) days.
c) In the event of a justified objection, the Processor shall not proceed with the sub-processing in question. If the service cannot be provided without the sub-processor, either party shall have a special right of termination.
d) The Processor shall contractually require each sub-processor to comply with equivalent data protection obligations.
The Controller is obligated to:
a) Ensure the lawfulness of data processing (in particular a legal basis pursuant to Art. 6 GDPR) b) Inform data subjects about the processing (Art. 13, 14 GDPR) c) Not process special categories of personal data (Art. 9 GDPR) without prior written coordination with the Processor (cf. Section 5.5 of the Terms) d) Issue instructions regarding data processing in writing e) Notify the Processor without delay if the Controller identifies errors or irregularities in the data processing
a) The Controller has the right to verify compliance with the provisions of this DPA and the technical and organizational measures (audit).
b) Audits shall be conducted with reasonable advance notice (at least 30 days) and with due regard to the business interests of the Processor (in particular confidentiality vis-à-vis other customers).
c) The Processor may alternatively make available to the Controller current certifications (e.g., ISO 27001, SOC 2) or audit reports by independent auditors.
d) The costs of the audit shall be borne by the Controller, unless the audit reveals material violations.
a) To the extent that sub-processors are located in third countries (outside the EEA), data transfers are carried out on the basis of the following legal mechanisms:
b) The Processor ensures that the respective sub-processors hold a valid DPF certification and monitors their certification status. In the event of loss of DPF certification, EU Standard Contractual Clauses shall be implemented without delay.
c) The Controller may inquire about the currently applicable transfer mechanisms from the Processor at any time.
a) The Processor shall notify the Controller of any personal data breach without undue delay, no later than twenty-four (24) hours after becoming aware of the breach.
b) The notification shall contain at a minimum:
c) The Processor shall assist the Controller in fulfilling its notification obligations pursuant to Art. 33 and 34 GDPR.
a) Upon termination of the data processing, the Processor shall delete all personal data processed on behalf of the Controller, subject to the deadlines set forth in Sections 10.4 and 10.5 of the Terms.
b) Where statutory retention obligations prevent deletion, the affected data shall be restricted and deleted upon expiry of the retention period.
c) The Processor shall confirm complete deletion upon the Controller’s request in writing.
| No. | Company | Address | Purpose | Transfer Mechanism | Server Location |
|---|---|---|---|---|---|
| 1 | Microsoft Ireland Operations Limited (Microsoft Corporation) | One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland | Cloud hosting (Azure), LLM, speech-to-text, text-to-speech | EU-US DPF / SCC | EU — Hanc.AI selects the most privacy-friendly configuration; data does not leave the European region through use of the EU Data Boundary. |
| 2 | LiveKit Inc. | 4285 Payne Avenue, Suite 9154, San Jose, CA 95157, USA | Real-time voice/WebRTC infrastructure, virtual call rooms | EU SCC | EU — Hanc.AI selects the most privacy-friendly configuration; data does not leave the European region through Region Pinning. |
| 3 | Twilio Ireland Limited (Twilio Inc.) | 25-28 North Wall Quay, D01 H104, Dublin, Ireland | Telephony (SIP/PSTN) | EU-US DPF / Twilio BCR / SCC | EU — Hanc.AI selects the most privacy-friendly configuration; data does not leave the European region through use of the Ireland region. |
| 4 | ElevenLabs Inc. | 169 Madison Ave #2484, New York, NY 10016, USA | Text-to-speech, speech-to-text (optional) | EU-US DPF / SCC | EU (BE) — Under an enterprise agreement, all data remains exclusively within Europe; Zero Data Retention after audio generation. |
| 5 | Cartesia AI, Inc. | 1766 18th Street, Suite 1200, San Francisco, CA 94103, USA | Speech-to-text, text-to-speech (optional) | GDPR / SCC | Optional — Hanc.AI selects the most privacy-friendly configuration. |
| 6 | PostHog Inc. | 2261 Market Street #4008, San Francisco, CA 94114, USA | Usage analytics, business intelligence | EU-US DPF / SCC | EU — Hanc.AI uses the European server location. |
| 7 | HubSpot Ireland Ltd (HubSpot Inc.) | 2 Dawson Street, Dublin D02 Y448, Ireland | CRM & marketing cloud infrastructure | EU-US DPF / SCC | EU (DE) |
| 8 | Brevo (Sendinblue SAS) | 55 rue d’Amsterdam, 75008 Paris, France | Transactional emails, marketing emails | — (EU company) | EU (FR/DE) — No third-country transfer. |
| 9 | Stripe Technology Europe Limited (Stripe Inc.) | 1 Grand Canal Street Lower, Grand Canal Dock, Dublin 2, D02 H210, Ireland | Payment processing | EU-US DPF / SCC | EU (IE) + USA |
| 10 | SIP Provider | (depends on customer configuration — see docs.hanc.ai/sip) | Telephony connection (PSTN), phone number provisioning | — | EU (DE/AT) — Exclusively EU-based providers. |
| 11 | Google Ireland Limited (Google LLC) | Gordon House, Barrow Street, Dublin 4, D04 E5W5, Ireland | Google Calendar API (appointment management) | EU-US DPF / SCC | EU — Data is processed within the European region. |
Hanc.AI selects the most privacy-friendly settings for all sub-processors and prefers server locations within the EU. The Provider updates this list upon changes and notifies the Controller in accordance with Section A.6 of this DPA.
Good point Global LLC 476 Riverside Ave, Ste 4 Jacksonville, FL 32202, USA EIN: 61-2211030 Email: legal@hanc.ai Web: hanc.ai
Date: February 21, 2026 — Version 1.0 These Terms supersede all prior versions.