RingCentral AI Assistant Privacy Datasheet
At RingCentral, the protection of personal data is taken very seriously. This document describes how RingCentral processes personal data when providing RingCentral AI Assistant (the “Service” or “RingCentral AI Assistant”). The purpose is to help customers and partners understand how the Service complies with privacy requirements and to provide background information for privacy reviews or privacy impact assessments. This document should be read in combination with the RingEX Service Privacy Datasheet.
RingCentral processes personal data both as a controller and as a processor. Processing activities performed by RingCentral acting as controller are subject to the RingCentral Privacy Notice. Additional information related to RingCentral acting as controller is provided in RingCentral as a Data Controller. Processing activities performed by RingCentral acting as processor on behalf of its customers are governed by the RingCentral Data Processing Addendum incorporated into the RingCentral Master Service Agreement.
Service Description
RingCentral AI Assistant is part of the functionalities of RingEX and provides AI-powered capabilities for RingEX users. RingCentral AI Assistant generates call summaries, notes, and action items after calls. It can aid in drafting messages, summarize unread messages, and provide closed caption and live transcription. RingEX administrators can disable or enable this feature for each user on the customer account.
Data Subjects
The data subjects involved in RingCentral AI Assistant include RingEX users (“Users”) and guests who are participants in communications (“AI Assistant Guest”).
Personal Data Collection
RingCentral AI Assistant processes personal data through various RingEX-supported methods:
Phone calls
RingEX Users may activate the AI notes feature during a phone call, initiating the real-time generation of notes and action items. Through the audio recording and transcript, the feature summarizes important parts of the call and generates action items for the RingEX User. The transcripts and the call notes are stored and available for the RingEX User. The audio stream is discarded after being transcribed.
Messages and SMS
Once a user activates the summaries button in RingEX messaging or SMS, RingCentral AI Assistant processes the content of messages and SMS received by the RingEX User to provide a summary of unread messages and SMS. The service also processes the content of messages or SMS drafted by the RingEX User to provide new proposed content that the RingEX User may choose to use, edit, or discard. This may involve processing of messages between RingEX Users and AI Assistant Guests to the conversation. After the summaries are read, the summaries are deleted and not stored. The draft messages and SMS are also not stored.
Video meetings
During video meetings, RingEX Users may enable closed captions or live transcriptions, both of which require processing of the content of the video meeting. The transcript is stored and available for the RingEX User. The audio stream is discarded after being transcribed.
Special Categories of Personal Data Processed by the Service
The Service is not designed to process or use voiceprints or other biometric data.
The Service is not designed to recognize and/or classify data as:
- Special categories of data or sensitive data (as defined in the GDPR or in other applicable data protection laws)
- Personal data concerning children or minors
- Data related to criminal convictions and offenses
Insofar as customers process special categories of personal data, customers undertake to process these categories of personal data lawfully, and in particular to rely on a valid legal basis in accordance with applicable data protection laws.
Use of Artificial Intelligence
RingCentral AI Assistant leverages third-party AI services to provide certain features of the Service, including speech-to-text and providing AI-generated notes, transcriptions, and summaries. For example, during a call for which the AI notes tool is initiated, RingCentral AI Assistant uses speech-to-text technology to turn audio stream segments into text, and uses AI to summarize the text into notes and action items. RingCentral AI Assistant provides visual indicators to allow users to know when they are activating a generative AI tool within RingCentral AI Assistant.
RingCentral does not use customer personal data to train its models. RingCentral does not allow third parties to use customer personal data to train their AI models. Where available (including through the subprocessor), RingCentral implements a zero data retention policy, whereby the requests and responses are not persisted to any logging mechanism and exist only in memory in order to serve the request.
Please see the RingCentral Subprocessor List for more information on the third parties and see the RingCentral AI Transparency Whitepaper for more information about RingCentral's approach to trustworthy AI.
Restricted Administrative Access by RingCentral
RingCentral employs strict access control mechanisms which limit access to personal data to only those trained and authorized RingCentral and subprocessors' personnel who have a business need to access said data in order to enable RingCentral to perform its obligations towards customers. Such controls include multi-factor authentication (MFA), which is implemented for administrative access to the production environment, and Identity Access Management (IAM), which tightly controls access to RingCentral production environments.
How RingCentral Service Data Processing Fits with Data Protection Laws
Data Subject Rights
The Service provides technical means to enable Users to take appropriate actions to update or delete their accounts. Users may also exercise their data subject rights by using the RingCentral Data Subject Access Request form.
Subprocessors
RingCentral uses other RingCentral affiliates and third party service providers to assist in delivering the Service. RingCentral contracts only with third-party service providers that provide equivalent levels of data protection and security as provided by RingCentral.
Please see the RingCentral Subprocessor List for a current list of our subprocessors.
Data Deletion and Retention
User personal data will be processed for the duration of the term of the Service, or as otherwise required by law or agreed with the customers. Upon termination an account will be disabled on the last day of the billing cycle. Once the account is disabled, the account will be deleted within 30 days, unless otherwise agreed with our customer.
Location of Data Storage
RingCentral AI Assistant functions as a complement to RingEX and only stores customer-generated content. RingCentral AI Assistant relies on account data and usage data stored by RingEX. RingCentral AI Assistant stores customer-generated content in the following countries, depending on the location of the customer account.
| Customer account location* | Customer-generated content storage location |
|---|---|
| United States | United States |
| Canada | Canada |
| United Kingdom | United Kingdom |
| Australia | Australia |
| European Union | Germany |
Cross-Border Transfers
RingCentral may transfer and process customer personal data outside the European Economic Area (EEA), Switzerland, or the United Kingdom, to locations where RingCentral, its affiliates or its sub-processors maintain data processing operations. Please see the RingCentral Personal Data Transfer FAQ for more information.
With respect to transfers out of the EEA, United Kingdom, and Switzerland to the United States, RingCentral has self-certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles), the UK Extension to the EU-U.S. DPF (UK Extension), and the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles), respectively. Please see RingCentral's Notice of Certification for more information.
To the extent that RingCentral processes (or causes to be processed) any personal data originating from the EEA, Switzerland, or the United Kingdom in a country that has not been recognized by competent authorities as providing an adequate level of protection for personal data, RingCentral relies on the European Commission's Standard Contractual Clauses, its additional safeguards, and the additional Swiss and UK-specific clauses, to transfer such personal data.
Automated Decision-Making
The Service is not designed to make decisions based solely on automated processing, particularly those that produce legal effects on individuals.
Security Measures
RingCentral is committed to security and has implemented technical, organizational, and contractual safeguards to protect the data of customers. Please see our Security Addendum and our Trust Center for information on the commitments we make to our customers about security.
About This Datasheet
The information provided in this Datasheet does not constitute legal or professional advice, warranty of fitness for a particular purpose or compliance with applicable laws. RingCentral reserves the right to update this datasheet from time-to-time.
© 2025 RingCentral, Inc. All rights reserved. RingCentral, the RingCentral logo, and all trademarks identified by the ® or ™ symbol are registered trademarks of RingCentral, Inc. Other third-party marks and logos displayed in this document are the trademarks of their respective owners.
