Privacy Policy
1. Data Controller
SwiftCall, headquartered in Romania, is the data controller for personal data processed through swiftcall.ro. For questions, contact our Data Protection Officer at dpo@swiftcall.ro.
2. Data We Collect
- Account data: name, email, phone number, company name
- Voice data: call recordings, transcriptions (with explicit consent)
- Message data: WhatsApp, SMS, Telegram conversation content
- Calendar data: appointments, availability (via Google Calendar integration)
- Usage data: call duration, timestamps, device info, IP addresses
- Payment data: processed by Stripe (we do not store card details)
3. Legal Basis for Processing
- Consent: voice recording, AI processing of conversations
- Contract: providing the service you requested
- Legal obligation: tax records, regulatory compliance
- Legitimate interest: security, fraud prevention, service improvement
4. How We Use Your Data
We process data to: provide AI-powered communication services, book appointments, route calls, generate analytics and reports, improve service quality, ensure security, and comply with legal obligations.
5. Data Sharing
We share data with:
- AI providers: OpenAI and Anthropic, for generating responses
- Infrastructure: AWS (Frankfurt, EU), for hosting and storage
- Payments: Stripe, for payment processing
- Legal: authorities when required by law
We do NOT sell your data. We do NOT use your conversation data to train AI models without explicit consent.
6. Data Retention
Conversation data is retained for 90 days by default, unless you configure a longer period. Account data is kept until deletion. Payment records are retained for 7 years per EU financial regulations.
7. Data Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Stored on EU servers (AWS Frankfurt). Access controls, audit logging, and regular security assessments are in place.
8. Your Rights
Under GDPR, you have the right to: access, rectify, erase, restrict processing, port your data, object to processing, and not be subject to automated decision-making. Submit requests to dpo@swiftcall.ro. We respond within 30 days.
9. Cookies
We use essential cookies only. No tracking or marketing cookies. No third-party analytics.
10. International Transfers
Data is stored in AWS Frankfurt (EU). When AI providers process data, Standard Contractual Clauses (SCCs) ensure GDPR-equivalent protection.
11. Google API Services: Limited Use
SwiftCall's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Specifically, Google Calendar data obtained through our OAuth integration is used solely to display and manage calendar appointments on your behalf within SwiftCall. This data is not used for advertising, not sold to third parties, and not transferred to any other service except as strictly necessary to provide the calendar scheduling feature you have explicitly authorized.
12. Changes
We notify you of material changes via email. Continued use after notification constitutes acceptance.
13. Contact
DPO: dpo@swiftcall.ro | Supervisory authority: ANSPDCP