Privacy Policy. How we handle personal data for people who use Phone.inc.

This policy explains how Phone Incorporated ApS ("Phone.inc", "we", "us") collects, uses, and shares personal data about people who use Phone.inc — including account holders, employees on a company account, and visitors to our website. By using Phone.inc, you acknowledge this policy and our Terms of Service.

This policy does not cover calls, call recordings, transcriptions, text messages, or other data relating to your customers, callers, or other third parties. For that data, your business is the data controller and Phone.inc acts as a data processor. How we handle it is described in our Data Processing Agreement. Email [email protected] to request a copy.

Questions? Email [email protected].

Phone Incorporated ApS, CVR DK-46213564, Højbro Plads 10, 1200 Copenhagen K, Denmark, is the data controller for the personal data described in this policy — that is, data about people who use Phone.inc themselves, such as account holders, employees on a company account, and website visitors.

Phone.inc is not the data controller for calls, call recordings, transcriptions, text messages, or other data generated through your use of the service about your customers, callers, or other third parties. For that data, your business is the data controller and Phone.inc acts as a data processor on your instructions.

The controller–processor relationship, including how we collect, store, use, share, retain, and delete customer call and messaging data, is set out in our Data Processing Agreement. To obtain a copy, email [email protected].

We collect personal data you give us, data generated when you use Phone.inc, and data we receive from others. Depending on how you use the service, this may include:

• Account and profile data — name, email address, password (stored hashed), company name, job role, and account settings.
• Business and billing data — business address, tax or VAT identifiers, billing details, subscription status, invoices, and payment information processed by our payment provider (we do not store full card numbers).
• Identity and verification data — information you provide for Know Your Customer (KYC) checks, proof of address, or fraud prevention, when we request it.
• Contacts and integration data — contacts you store in Phone.inc, and information retrieved from third-party services you connect — such as CRM systems or Shopify — to provide caller context and related features.
• Usage and device data — logins, IP address, browser or app version, device identifiers, push notification tokens, signaling data, and how you interact with our website, dashboard, and mobile apps.
• Communications metadata — call and message timestamps, durations, phone numbers, routing information, voicemail metadata, and similar telephony records needed to provide and bill for the service.
• Communications content — voicemails, greetings you configure, message content where messaging features are available, and — where enabled — call recordings and transcriptions. These can contain sensitive personal information about you and the people you speak with.
• Support and correspondence — messages you send us, feedback, and records of support interactions.
• Website and marketing data — waitlist sign-ups, cookie preferences where applicable, and analytics data from our website.

Call recordings and transcriptions are among the most sensitive data we handle. We treat them accordingly and apply stricter access controls than we do for routine account data. Where that content relates to your customers, callers, or other third parties, your business — not Phone.inc — is the data controller, as described in §01 and our Data Processing Agreement.

We may combine data from these sources and update it over time as you use Phone.inc or as we receive updated information from you, your organization, or our service providers.

We use personal data to:

• Provide, operate, maintain, and improve Phone.inc
• Create and manage your account and authenticate you
• Route calls and messages, deliver voicemails, and provide the features you configure
• Process payments, manage subscriptions, and handle billing disputes
• Verify identity, prevent fraud — including payment and account fraud detection through our service providers — and enforce our Terms of Service
• Monitor usage for abuse, unlawful activity, and compliance with telecommunications regulations — including robocall mitigation and traceback cooperation
• Respond to support requests and communicate with you about the service
• Send service-related notices, security alerts, and administrative messages
• Analyze usage trends and diagnose technical problems
• Comply with legal obligations and respond to lawful requests from authorities
• Protect the rights, property, and safety of Phone.inc, our users, and others

Phone.inc uses AI to power certain features — such as call notes, transcriptions, and caller context. We use your communications content only to provide these features to you. We do not use your call recordings, transcriptions, voicemails, or other communications content to train AI models. Our AI providers process this data on our instructions to deliver the service, not to improve their general models with your content.

Where call recording or transcription is enabled, those features may capture personal data about you and the people you speak with. You are responsible for informing participants that a call is being recorded or transcribed, where the law requires you to do so.

We may use aggregated or de-identified data that no longer identifies you for analytics, product development, and reporting.

If you are in the European Economic Area, the United Kingdom, or another jurisdiction with similar requirements, we rely on one or more of the following legal bases:

• Contract — processing necessary to provide Phone.inc under our agreement with you or your organization.
• Legitimate interests — including securing our service, preventing fraud and abuse, improving the product, communicating with you about your account, and complying with industry obligations — where those interests are not overridden by your rights.
• Legal obligation — where we must process or retain data to comply with applicable law, regulators, courts, or traceback requests.
• Consent — where required, such as for certain marketing communications or non-essential cookies. You may withdraw consent at any time.

Where we rely on legitimate interests, you may object as described in §09.

We do not sell your personal data. We share it where needed to operate Phone.inc, including with:

• Service providers — companies that host our infrastructure, process payments, provide telecommunications connectivity, deliver voice and AI features, send email, provide analytics, or otherwise help us operate Phone.inc. They process data on our instructions and subject to appropriate safeguards.
• Your organization — if you use Phone.inc through a company account, account administrators may access usage data, call history, recordings, transcriptions, and other account information associated with your use of the service.
• Integrations you enable — third-party services you connect to Phone.inc, such as CRM systems or Shopify, receive data according to your configuration and their own terms.
• Professional advisers — lawyers, accountants, auditors, and insurers where reasonably necessary.
• Authorities and traceback partners — regulators, law enforcement, carriers, and industry traceback groups when required by law or reasonably necessary to investigate abuse, fraud, or unlawful communications.
• Business transfers — in connection with a merger, acquisition, financing, reorganization, or sale of assets, subject to standard confidentiality protections.

We may disclose data when we believe in good faith that disclosure is necessary to enforce our terms, protect Phone.inc or others, or respond to legal process.

Phone.inc is based in Denmark. We and our service providers may process personal data in Denmark, elsewhere in the European Economic Area, the United States, and other countries where we or our providers operate.

Where required, we use appropriate safeguards for international transfers, such as the EU Standard Contractual Clauses or equivalent mechanisms approved under applicable law.

We retain personal data for as long as necessary to provide Phone.inc, fulfill the purposes described in this policy, comply with our legal obligations, resolve disputes, and enforce our agreements.

In practice, that usually means:

• Account data is kept while your account is active and for a reasonable period afterward.
• Billing and tax records are kept for the period required by applicable law.
• Call records, messaging activity, and compliance investigation logs may be kept longer where needed for regulatory obligations, traceback requests, fraud prevention, or legal defense — as described in our Terms of Service.

When data is no longer needed, we delete or anonymize it, unless the law requires us to keep it.

We implement technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, or alteration. These include access controls, encryption in transit, and vendor security requirements appropriate to the nature of the data we handle.

No method of transmission or storage is completely secure. We cannot guarantee absolute security.

You can ask us to delete your personal data at any time, including call recordings, transcriptions, voicemails, and other communications content. Email [email protected] and we'll take care of it. We may need to verify your identity first.

Depending on where you live, you may also have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Restrict or object to certain processing, including processing based on legitimate interests
• Receive a copy of your data in a portable format where technically feasible
• Withdraw consent where processing is based on consent
• Lodge a complaint with your local data protection authority

We will respond within the time required by applicable law. Some data may be retained where our Terms of Service require it — for example, call records, messaging activity, or compliance investigation logs kept under telecommunications regulations, traceback obligations, or a regulatory hold. We delete everything else you ask us to remove.

We may use automated systems — including fraud detection tools — to help protect the service. You may object to certain processing based on legitimate interests as described above.

Our marketing website at phone.inc uses cookies and similar technologies for basic functionality and analytics. We use Fathom Analytics, a privacy-focused analytics provider, to understand how visitors use our site. Fathom does not use advertising cookies and does not track visitors across other websites.

Our logged-in application may use cookies or local storage for authentication and session management. You can control cookies through your browser settings, though some features may not work if you disable them.

Phone.inc is a business service. We do not knowingly collect personal data from anyone under 18. If you believe we have, contact us at [email protected] and we will delete it.

If you are a resident of a U.S. state with a comprehensive privacy law, you may have additional rights regarding access, deletion, correction, and opting out of certain processing. Phone.inc does not sell personal data or use it for cross-context behavioral advertising.

To exercise rights under applicable state law, email [email protected]. We will not discriminate against you for exercising your rights.

We may update this policy at any time by posting the revised version at phone.inc/privacy. The date at the top shows when it last changed. If you keep using Phone.inc after a change takes effect, you accept the updated policy.

If we make a change that materially reduces your privacy rights, we will make reasonable efforts to notify you — for example by email or an in-app notice. We may make other changes without advance notice when required by law or when reasonably necessary to reflect how the service works.