Privacy Policy

mello.ai provides an AI voice receptionist (Mello Voice), a booking-rules engine (Mello Book), and a WhatsApp confirmation layer (Mello Chat) to sports and recreational facilities in India.

When you call a facility powered by mello, you are interacting with our service on behalf of that facility operator. The facility is the data controller; mello is the data processor.

• Your phone number — provided automatically by your carrier when you call. Used to verify membership, process your booking, and send your WhatsApp confirmation.
• Call transcript — a text record of what was said during the call. Never the audio itself (see §03).
• Booking details — sport, date, time, duration, and your name, if you made a booking.
• Payment metadata — the amount and whether a payment link was sent. We never store card numbers, UPI IDs, or any payment credentials.

Audio is never stored. Your voice is transcribed in real time as it arrives; the audio stream is discarded within 60 seconds of your call ending. We cannot replay, share, or analyse your voice — there is nothing to retrieve.

We do not collect location data, device identifiers, browsing history, or any information beyond what you provide during the call.

• To check court availability and create your booking.
• To send a WhatsApp confirmation with your booking details (including the assigned court — the only place the court number appears).
• To verify whether you are a member of that facility and apply the correct pricing.
• To improve the quality of responses for that facility only — for example, learning which slots are frequently requested so Mello can proactively suggest them. This analysis is scoped to the single facility you called. We never pool your data across facilities.

We never sell your data, share it with advertisers, or use it to train models outside the scope described above.

• Audio — destroyed within 60 seconds.
• Transcripts — automatically purged after 90 days. This runs on every server boot and daily thereafter.
• Bookings — retained as long as the facility operator requires for their records, subject to your deletion request (see §06).
• Audit log — retained to fulfil our security and compliance obligations.

Right to delete — say it on the call.At any point during a call, tell Mello “delete my data.” Mello will immediately erase your call transcript, tool-call records, and booking history for that facility and confirm the deletion verbally.

You can also email hello@mello.ai with your phone number and the facility name, and we will process the request within 72 hours.

Facility admins can trigger a full data purge for any caller from the Mello dashboard.

All data is stored in India using Supabase (PostgreSQL). Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Each facility’s data is isolated using Row-Level Security — no facility can access another facility’s records.

For a detailed breakdown of our security controls, see our Security page.

If we make material changes, we will update the effective date at the top of this page. Continued use of any mello-powered service after the updated date constitutes acceptance.

Questions about this policy? Email us at hello@mello.ai.

mello.ai  ·  Mumbai, India