Last updated: March 4, 2026
This Privacy Policy describes how CPI Technologies GmbH (“we”, “us”, “our”), the operator of PowerSetter.ai, collects, uses, stores, shares, and protects personal data. PowerSetter.ai is an AI-powered appointment scheduling platform that makes automated phone calls to book meetings on behalf of our users.
CPI Technologies GmbH
Brüsseler Str. 1-3
60327 Frankfurt am Main
Germany
Telefon: +49 6131 48 99 003
E-Mail: kontakt@cpitech.io
When you register, we collect: name, email address, company name, password (stored encrypted), IP address, and registration timestamp.
For each call made by our AI, we store: recipient phone number, recipient name and email (if provided by user), call status and duration, full conversation transcripts, audio recordings of the conversation, booking details (date, time, type), and metadata such as source and language.
We collect billing address, company name, VAT ID, and payment method information. Credit card data is never stored on our servers — it is processed exclusively by our payment provider Stripe.
When you connect third-party services (Google Calendar, HubSpot, Microsoft Exchange), we store OAuth access tokens, refresh tokens, token expiration times, and the email address associated with the connected account.
We automatically collect: browser type and version, operating system, IP address, referrer URL, pages visited, date and time of access.
We use your data for the following purposes:
This section describes how PowerSetter.ai handles Google user data when you connect your Google Calendar account.
We request the following Google OAuth scopes:
Google user data is not sold, rented, or used for advertising purposes. Google Calendar data is not used for AI/ML model training. Access to Google data is solely for the purpose of providing the appointment scheduling functionality you requested.
We only store OAuth tokens (access and refresh tokens) to access the calendar on behalf of the user, and the email address of the connected Google account. Calendar contents (events, free/busy data) are not stored on our servers.
You can revoke Google Calendar access at any time via: (1) the integration settings in your PowerSetter.ai account, or (2) the “Third-party apps” page in your Google Account at https://myaccount.google.com/permissions. Upon revocation, stored OAuth tokens are immediately deleted from our system.
When you connect your HubSpot account, we request the following permissions:
HubSpot data is not shared with any additional third parties and is used solely for providing the CRM integration functionality.
We use the following third-party services to operate our platform. Data is shared only to the extent necessary for each purpose:
Purpose: Conducting automated phone calls using an AI voice agent. Data shared: recipient phone number, name, company name, language, product description, call ID. Data received: conversation transcript, call status and duration, voicemail detection. ElevenLabs processes voice data in real-time and stores conversation recordings in accordance with their own privacy policy.
Purpose: Delivering phone calls. Twilio is used by ElevenLabs as the telephony provider. Data shared: phone numbers, audio data of conversations. Data processing is governed by Twilio’s privacy policy.
Purpose: Payment processing and subscription management. Data shared: email, name, billing address, VAT ID, payment method. Credit card data is processed exclusively by Stripe and never stored on our servers. Stripe is PCI DSS Level 1 certified.
Purpose: Sending booking confirmations, email verifications, and password resets. Data shared: recipient email address, name, appointment details, calendar invitations (.ics files).
Purpose: Generating objection handling suggestions based on the user’s product description. Data shared: only the product description entered by the user. No personal data is transmitted to OpenAI.
Purpose: Hosting the web application and collecting anonymized performance metrics. Data collected: page views, Core Web Vitals, anonymized usage data.
Purpose: Measuring the effectiveness of our TikTok advertising campaigns and optimizing our marketing. On our landing page, we use the TikTok Pixel, a JavaScript code provided by TikTok Technology Limited (Ireland) and TikTok Inc. (USA).
Data collected and transmitted:
The collected data is transferred to TikTok servers in the USA and other countries. TikTok uses the data to serve relevant advertisements and to build Custom Audiences and Lookalike Audiences. Data transfers to third countries (USA) are carried out on the basis of Standard Contractual Clauses pursuant to Art. 46 GDPR.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in measuring and optimizing our marketing activities). The TikTok Pixel is used exclusively on the public landing page, not in the logged-in app area.
Opt-out: You can object to data collection by the TikTok Pixel by disabling personalized advertising in your TikTok account settings or by visiting TikTok’s privacy policy at https://www.tiktok.com/legal/page/global/privacy-policy. You may also prevent data collection by using a browser ad blocker or by disabling third-party cookies in your browser settings.
Purpose: Measuring the effectiveness of our Google advertising campaigns and optimizing our ad spend. On our landing page and registration page, we use the Google Ads conversion tracking tag (Google Tag, formerly gtag.js), provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Data collected and transmitted:
The collected data is transferred to Google servers in the USA and other countries. Google uses the data to measure ad conversions and optimize bidding strategies. Data transfers to third countries (USA) are carried out on the basis of Standard Contractual Clauses pursuant to Art. 46 GDPR.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in measuring and optimizing our marketing activities). The Google Ads tag is active exclusively on the public landing page and registration page, not in the logged-in app area.
Opt-out: You can disable personalized Google advertising at https://adssettings.google.com. Alternatively, you can prevent data collection via the Google Analytics opt-out browser add-on (https://tools.google.com/dlpage/gaoptout) or by disabling third-party cookies in your browser. Further information can be found in Google’s privacy policy: https://policies.google.com/privacy
Purpose: Measuring the effectiveness of our Facebook and Instagram advertising campaigns and optimizing our ad spend. On our landing page and registration page, we use the Meta Pixel (Pixel ID: 2154388281488546), provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.
Data collected and transmitted:
The collected data is transferred to Meta servers in the USA and other countries. Meta uses the data to serve relevant advertisements and to build Custom Audiences and Lookalike Audiences on Facebook and Instagram. Data transfers to third countries (USA) are carried out on the basis of Standard Contractual Clauses pursuant to Art. 46 GDPR.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in measuring and optimizing our marketing activities). The Meta Pixel is active exclusively on the public landing page and registration page, not in the logged-in app area.
Opt-out: You can disable personalized Meta advertising in your Facebook settings at https://www.facebook.com/adpreferences/ad_settings. Further information can be found in Meta’s privacy policy: https://www.facebook.com/privacy/policy
Purpose: Analyzing user behavior on our website through heatmaps, session recordings, and user surveys to improve the user experience. We use Hotjar (Hotjar Ltd., Level 2, St Julian’s Business Centre, Elia Zammit Street, St Julian’s STJ 3155, Malta).
Data collected:
Hotjar does not store full IP addresses. Inputs in password and payment fields are never recorded. Data is processed on servers in the EU and USA. Data transfers to third countries are carried out on the basis of Standard Contractual Clauses pursuant to Art. 46 GDPR.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in analyzing and optimizing our user experience). Hotjar is active on all public pages.
Opt-out: You can disable Hotjar data collection at https://www.hotjar.com/legal/compliance/opt-out. Further information can be found in Hotjar’s privacy policy: https://www.hotjar.com/legal/policies/privacy
All user data is stored in a PostgreSQL database hosted by Neon in the AWS EU-Central-1 region (Frankfurt, Germany). The database connection is SSL-encrypted.
We employ the following security measures:
You may request the deletion of your data at any time by contacting us at kontakt@cpitech.io. Upon account deletion, all personal data, call recordings, transcripts, and integration tokens will be deleted within 30 days, unless legal retention obligations prevent this. OAuth tokens for connected services (Google, HubSpot, Microsoft) are deleted immediately.
As a user and data subject, you have the following rights:
To exercise these rights, please contact us at kontakt@cpitech.io. We will respond to your request within 30 days.
We use the following cookies:
No tracking or advertising cookies are used in the logged-in app area. The TikTok Pixel, Google Ads tag, and Meta Pixel are active exclusively on the public landing page and registration page.
For questions about the processing of your personal data or to exercise your rights, please contact us:
Email: kontakt@cpitech.io
Phone: +49 6131 48 99 003
CPI Technologies GmbH, Brüsseler Str. 1-3, 60327 Frankfurt am Main, Germany