Privacy Policy | VestaCall

Vestacall Limited ("VestaCall," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud communication platform, website, and related services (collectively, the "Services").

1. Information We Collect

1.1 Information You Provide

Account Information: Name, email address, phone number, company name, billing address, and payment details when you create an account or subscribe to our Services.
Communication Data: Call logs, message metadata, and voicemail transcriptions generated through your use of our platform.
Support Data: Information you provide when contacting our support team, including chat transcripts and support tickets.

1.2 Information Collected Automatically

Usage Data: IP addresses, browser type, device identifiers, pages visited, and interaction patterns on our website and platform.
Cookies and Tracking: We use cookies and similar technologies to improve user experience, analyze traffic, and personalize content. You can manage cookie preferences through your browser settings.
Call Quality Data: Technical metrics such as latency, jitter, and packet loss to maintain and improve service quality.

2. How We Use Your Information

We use your information for the following purposes:

Providing, maintaining, and improving our cloud communication Services
Processing transactions and sending billing notifications
Responding to support requests and providing customer service
Sending service-related announcements and product updates
Analyzing usage patterns to improve platform performance and features
Complying with legal obligations and enforcing our terms
Preventing fraud, abuse, and unauthorized access

3. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

Service Providers: Third-party vendors that assist with payment processing, analytics, hosting, and customer support, bound by contractual data protection obligations.
Telecommunications Partners: Carrier networks necessary to route calls and messages through our platform.
Legal Requirements: When required by law, court order, or government request, or to protect the rights, safety, or property of VestaCall and its users.
Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice provided to affected users.

4. Data Security

We implement industry-standard security measures to protect your data:

AES-256 encryption for data at rest
TLS 1.3 for data in transit and SRTP for voice media streams
SOC 2 Type II certified data centers with 24/7 security monitoring
Role-based access controls and multi-factor authentication
Regular penetration testing and vulnerability assessments

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide Services. Call records and logs are retained for the period specified in your service agreement. You may request deletion of your data at any time, subject to legal retention requirements.

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data ("right to be forgotten").
Portability: Receive your data in a structured, machine-readable format.
Objection: Object to processing based on legitimate interests or for direct marketing.
Restriction: Request that we limit the processing of your data.

To exercise these rights, contact us here.

7. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, to protect your data during international transfers.

8. GDPR Compliance

For users in the European Economic Area (EEA), we process personal data under the following legal bases: performance of a contract, legitimate interests, consent, and compliance with legal obligations. Our Data Protection Officer can be reached via our contact page.

9. CCPA Rights

California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information. To submit a request, contact us here.

10. Children's Privacy

Our Services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date above. Continued use of our Services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

Contact: vestacall.com/contact
Address: Vestacall Limited, London, United Kingdom