Privacy Policy

1. Introduction

Kallglot ("we", "us", "our") provides real-time voice translation and telephony services. We only collect information required to operate the service, meet legal obligations, and support customers. This Privacy Policy describes the data we collect, how we use it, how we share it, and your rights.

1.1 Data Controller

The data controller responsible for your personal data is:

Bridge Innovations LLC, 600 North Broad St, Suite 5 #4128, Middletown, DE 19709, USA

EU Representative: Derrick Yao Godslove Amenuve, C. Blas de Lezo 6, 29011 Malaga, Spain

Contact: legal@kallglot.com

2. Data We Collect

2.1 Account Information

• Name
• Email address
• Phone number
• Password (hashed)
• Organization details (if applicable)

2.2 Company Information (Onboarding)

Some countries require verification before phone numbers can be provisioned. When necessary, we collect:

• Company name
• Company address
• VAT or tax ID
• Registered business documents
• Proof of address
• Authorized representative details
• Industry and company size

This is collected only when required by telecommunication regulations.

2.3 Service Data (Telephony + Translation)

To provide real-time translation and call services we process:

• Phone numbers involved in a call
• Temporary audio streams (not stored unless recording is enabled)
• Transcripts
• Call metadata (duration, timestamps, direction)
• Agent activity logs

2.4 Billing Information

Handled primarily by Stripe. For enterprise contracts we may collect:

• Billing address
• VAT/tax ID
• Purchase order numbers
• Billing contact details
• Bank transfer details (IBAN/SWIFT)

2.5 Communication Data

Any emails, support messages, or conversations you send to us.

2.6 Cookies

We use only essential cookies required for the service to function (e.g. session cookies for authentication). We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No cookie consent banner is required because we only use strictly necessary cookies.

3. What We Don't Do

To be clear about our approach to your data:

• We do not sell your data to anyone
• We do not use your data for advertising or profiling
• We do not use your call data to train AI models
• We do not share data with data brokers
• We do not track you across other websites
• We do not use third-party analytics that track individual users

4. How We Use Data

We use data for the following purposes:

• To deliver and maintain our services
• To translate calls in real time
• To route calls and manage telephony
• To authenticate users
• To comply with telecom regulations in certain countries
• To send security alerts, updates, and support messages
• To improve stability, accuracy, and product performance
• To generate usage analytics for the organization using Kallglot

5. Legal Bases (GDPR)

We rely on:

• Contractual necessity (Art. 6(1)(b) GDPR) – to deliver the service you signed up for
• Legitimate interest (Art. 6(1)(f) GDPR) – security, fraud prevention, service improvement
• Legal obligation (Art. 6(1)(c) GDPR) – regulatory and telecom compliance
• Consent (Art. 6(1)(a) GDPR) – only where explicitly required

6. Data Sharing

6.1 Sub-processors

We use third-party providers to operate Kallglot. They are listed in the Sub-processor List and bound by DPAs.

6.2 Compliance Requirements

Some telecom providers require company documents to approve number provisioning. We share documents only when legally required.

6.3 Legal Requests

We may disclose data in response to lawful governmental or regulatory requests. We push back against overly broad or invalid requests.

7. Security

We use industry-standard security measures, including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256)
• Role-based internal access controls
• Audit logging
• Strong authentication
• EU-hosted infrastructure (Hetzner, DigitalOcean Germany, AWS Frankfurt)

8. Retention

We keep data only as long as necessary:

• Call recordings and transcripts: 30 days by default (configurable by customer)
• Account data: until account deletion
• Billing/invoice data: as required by tax law (typically 7-10 years)
• Compliance/KYC documents: only as long as required by telecom regulations
• Backups: encrypted, used for disaster recovery only, deleted within 90 days of account deletion

9. Your Rights (GDPR)

Under the GDPR, you can request:

• Access – obtain a copy of your personal data
• Correction – fix inaccurate data
• Deletion – have your data erased
• Restriction – limit how we process your data
• Objection – object to processing based on legitimate interest
• Data portability – receive your data in a machine-readable format

To exercise your rights, contact legal@kallglot.com. We will respond within 30 days.

You also have the right to lodge a complaint with a supervisory authority in your EU member state.

10. Governing Law

This Privacy Policy is governed by the laws of Spain and the European Union, including the General Data Protection Regulation (GDPR).

11. Contact

Email: legal@kallglot.com