Legal · last updated 25 May 2026

Privacy Policy

This document is the public-facing scaffold. A licensed Indian DPDP / US/EU privacy counsel review is in flight before general availability. Where this scaffold conflicts with the final reviewed text, the reviewed text wins.

1 · Who we are

CallFunnel.ai is a product of Tradetron Inc. Our Data Protection Officer is reachable at dpo@callfunnel.ai.

2 · What we collect

From you (the operator)

• Account: email, password hash (argon2id), full name, country, IP at signup
• Billing: top-up amounts, payment-processor tokens (we never store full card data — our payment processor holds those)
• Provider credentials (BYOK): your Twilio / Anthropic / Cartesia / Deepgram API keys, AES-256-GCM encrypted at rest

About your customers (the people you call)

• Phone numbers + any CSV columns you upload (names, variables)
• Call recordings + transcripts (retained per your settings; default 90 days)
• Timeline events: voice calls, transcripts, dispositions, Slack interactions
• Risk + disposition labels generated by our models

3 · Why we collect it

• To run the calls you configure (lawful basis: contract)
• To bill you (lawful basis: contract)
• To detect abuse / fraud (lawful basis: legitimate interest)
• To meet TCPA / DPDP / TRAI DLT obligations (lawful basis: legal)

4 · Who we share with

• Sub-processors: Twilio, Exotel, Anthropic, Cartesia, Deepgram, Elastic Email, Slack, AWS, Cloudflare. Each operates under their own DPA.
• Law enforcement: only on valid legal process (court order / DPDP-aligned notice).
• We do not sell personal data. Not now, not ever — codified in our Terms.

5 · Where data lives

Operator account data + ledger + tenant metadata lives in our SQLite database on our infrastructure provider. Call transcripts + timeline events live in MongoDB on the same infrastructure. We do not transfer data outside the region you signed up in unless required by a sub-processor (e.g. Anthropic processes prompts in the US; Cartesia in the US).

6 · Your rights

Whether you're our customer or one of your customers' end-users, you can exercise the following rights via dpo@callfunnel.ai or via the /dsr/export and /dsr/erase endpoints (see DPDP rights page).

• Right to access — get a copy of your data within 30 days
• Right to correction — fix anything inaccurate
• Right to erasure — we delete on request, subject to the legal-retention exceptions below
• Right to data portability — JSON export of everything
• Right to object — to processing for direct marketing (we don't do this anyway)
• Right to lodge a complaint — with your local data-protection authority

7 · Retention

Default retention: 90 days for call recordings + transcripts, indefinite for ledger + tenant metadata. Account deletion erases everything except what we must retain by law (typically 7 years for financial records in India).

8 · Security

• Passwords: argon2id (OWASP 2024-recommended parameters)
• Provider credentials: AES-256-GCM, master key not in DB
• JWT sessions: HS256, 7-day TTL, HttpOnly + Secure cookies
• TLS-only on all public endpoints (Cloudflare-fronted)
• Multi-tenant isolation enforced at every query — no row leaks across tenants

9 · Children

CallFunnel is not for users under 18. We do not knowingly collect data from minors. If you believe we have, write to dpo@callfunnel.ai and we'll delete it.

10 · Changes to this policy

We'll notify you by email at least 14 days before any material change. Trivial wording changes — typos, clarifications — get published without notice but logged in our public changelog.