1. Scope

This Policy applies to visitors to our website, customers who sign up for the Services, and users authorized by our customers. If you interact with a Sippet Technologies VCC customer via their use of our Services, that customer’s privacy policy also applies to your information.

Sippet Technologies VCC is established in Sofia, Bulgaria

2. Information We Collect

We collect information in the following categories:

• Account and contact data: name, email, company name, role, and account credentials.
• Service data: call metadata, call recordings, transcripts, routing rules, and configuration data you provide to operate the Services.
• Usage data: product usage, log data, device information, IP address, and diagnostics.
• Support data: communications with our team, including support tickets and feedback.
• Billing data: billing contact details and payment-related information handled by our payment processors (Stripe).

3. How We Use Information

We use information to:

• Provide, secure, and maintain the Services.
• Process transactions and manage subscriptions.
• Analyze usage and improve product performance.
• Provide support and respond to requests.
• Send service-related messages and updates.
• Comply with legal obligations and protect against misuse.

4. Legal Bases (GDPR)

Where GDPR applies, our legal bases include: performing a contract, legitimate interests (e.g., product security and improvement), compliance with legal obligations, and consent where required.

5. Analytics and Cookies

We use PostHog for product analytics in cookieless mode, configured to minimize personal data. PostHog helps us understand usage patterns and improve the Services. We do not use PostHog for advertising.

We may use strictly necessary cookies to provide core functionality such as authentication and security. You can control cookies through your browser settings.

6. Sharing of Information

We may share information with:

• Service providers: vendors who help us operate the Services (e.g., hosting, analytics, payment processing such as Stripe).
• Legal and safety: when required by law or to protect rights and safety.
• Business transfers: in connection with a merger, acquisition, or asset sale.

7. Data Retention

We retain personal information for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods may vary depending on the type of data and customer instructions.

By default, call recordings are retained for 90 days, unless a different retention period is configured or required by law.

8. International Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards such as standard contractual clauses.

9. Your Rights

Depending on your location, you may have rights to access, correct, delete, or object to certain processing of your information. To exercise these rights, contact us at privacy@sippet.ai .

10. Security

We implement reasonable technical and organizational measures to protect data. No system is 100% secure, and we cannot guarantee absolute security.

11. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice as required by law.

13. Contact Us

For privacy questions, contact us at privacy@sippet.ai .