HelloCall.ai

Privacy Policy

Last updated: 10 June 2026

This Privacy Policy explains how Crawlink Networks Pvt Ltd, a private limited company incorporated under the laws of India ("Crawlink", "we", "us", or "our"), collects, uses, discloses, and protects personal data when you use HelloCall.ai and its related websites, applications, APIs, and services (the "Services"). Our registered office address and corporate information are published at crawlink.com. By using the Services, you acknowledge the practices described in this Policy.

1. Scope & Roles

This Policy applies to personal data we process when you visit our websites, create an account, use the Services, contact support, or otherwise interact with us. It is designed to meet the requirements of applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (India), the Information Technology Act, 2000 and rules thereunder, and, where applicable to our users, the EU/UK General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA/CPRA).

Two roles. For account, billing, and usage data of our customers, Crawlink acts as the data fiduciary/controller. For Customer Content that our customers submit through the Services (such as their contact lists, call recordings, and end-user data), the customer is the controller/data fiduciary and Crawlink processes that data on the customer's behalf and instructions. If you are an end user of one of our customers, please direct privacy requests to that customer first; we will support them in responding.

2. Information We Collect

2.1 Information you provide

  • Account data: name, email address, password (stored hashed), organization name, role, and profile details.
  • Billing data: billing contact, plan, transaction history, and payment details (card data is handled by our payment processors; we do not store full card numbers).
  • Customer Content: contacts, call recordings, transcripts, messages, prompts, and other materials you or your users submit through the Services.
  • Communications: support requests, survey responses, and other correspondence with us.

2.2 Information collected automatically

  • Usage data: features used, pages viewed, API calls, timestamps, and interaction logs.
  • Device and connection data: IP address, browser type, operating system, device identifiers, language, time zone, and approximate location derived from IP.
  • Security data: sign-in events, device fingerprints, token issuance and refresh events, and audit logs used to protect accounts.
  • Cookies and similar technologies: as described in Section 5.

2.3 Information from third parties

  • Sign-in providers: if you sign in with Google or another identity provider, we receive your name, email, and profile identifier from that provider as permitted by your settings.
  • Service providers and partners: payment confirmation from processors, fraud signals, and analytics data.

3. How We Use Information

  • to provide, operate, maintain, and secure the Services, including authentication, session management, and fraud prevention;
  • to process transactions, manage subscriptions, and send invoices and billing notices;
  • to provide customer support and respond to enquiries;
  • to monitor, analyse, and improve the performance, reliability, and usability of the Services;
  • to develop new features and, where lawful, to improve our models and automated systems using aggregated or de-identified data;
  • to send service, security, and administrative communications;
  • to send marketing communications where permitted, with the ability to opt out at any time;
  • to comply with legal obligations, enforce our Terms of Service, and protect the rights, property, and safety of Crawlink, our users, and the public;
  • for any other purpose disclosed to you at the time of collection or with your consent.

5. Cookies & Tracking Technologies

We use cookies and similar technologies that are strictly necessary for the Services to function — in particular, secure, HttpOnly authentication cookies that keep your session active across HelloCall applications. These cookies are used for sign-in and security only, never for advertising. We may also use analytics tools to understand how the Services are used; where required by law, we will obtain your consent before setting non-essential cookies. You can manage cookies through your browser settings, but disabling essential cookies may prevent the Services from working.

6. AI Processing

The Services use artificial intelligence to power features such as voice agents, transcription, and content generation. Audio, transcripts, and prompts you submit may be processed by our AI systems and by vetted AI infrastructure providers under contractual confidentiality and data protection obligations, solely to provide the Services. Where we use data to improve models, we use aggregated or de-identified data, or obtain the permissions required by applicable law. You are responsible for informing your end users about AI interactions and call recording where the law requires such notices.

7. How We Share Information

We do not sell personal data. We share personal data only:

  • With service providers (processors): hosting and cloud infrastructure, telephony carriers, payment processors, email delivery, analytics, and customer support tools, bound by contracts that restrict their use of the data to providing services to us;
  • Within our corporate group: with affiliates of Crawlink Networks Pvt Ltd for the purposes described in this Policy;
  • For legal reasons: when required by law, regulation, legal process, or enforceable governmental request, or to protect the rights, property, or safety of Crawlink, our users, or the public;
  • In business transfers: in connection with a merger, acquisition, financing, reorganisation, or sale of assets, subject to confidentiality protections and notice where required;
  • With your direction or consent: for example, integrations you enable.

8. International Data Transfers

We are based in India and use infrastructure providers that may store or process data in other countries. Where personal data is transferred across borders, we take steps designed to ensure it receives an adequate level of protection, including contractual safeguards such as standard contractual clauses where required, and we transfer data only to jurisdictions permitted under applicable law, including the Digital Personal Data Protection Act, 2023.

9. Data Retention

We retain personal data for as long as needed to provide the Services and for legitimate business or legal purposes, such as maintaining accounts, complying with tax and accounting obligations, resolving disputes, and enforcing agreements. Customer Content is retained while your account is active; after termination, you may request export for a limited period as described in our Terms of Service, after which we delete or de-identify it within a reasonable time, unless retention is required by law. Security and audit logs are kept for limited periods appropriate to their purpose.

10. Security

We implement reasonable technical and organisational security practices designed to protect personal data, including encryption in transit, hashed passwords, HttpOnly and Secure session cookies, token rotation, device-bound refresh flows, access controls, and audit logging. No method of transmission or storage is completely secure, so we cannot guarantee absolute security; you are responsible for keeping your credentials confidential and for the security of devices you use to access the Services.

11. Your Rights

Subject to applicable law, you may have the right to:

  • access the personal data we hold about you and receive a summary of processing;
  • correct inaccurate or incomplete personal data;
  • delete or erase your personal data;
  • receive a portable copy of personal data you provided;
  • object to or restrict certain processing, including direct marketing;
  • withdraw consent at any time where processing is based on consent;
  • nominate, in accordance with Indian law, another individual to exercise your rights in case of death or incapacity;
  • lodge a complaint with a supervisory or data protection authority, including the Data Protection Board of India, your EU/UK supervisory authority, or your state attorney general, as applicable.

To exercise these rights, contact us at support@hellocall.ai. We may need to verify your identity before acting on a request, and we will respond within the timelines required by applicable law. We will not discriminate against you for exercising your rights.

12. Children's Privacy

The Services are intended for business use by adults and are not directed to children under 18. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us and we will delete it.

13. Third-Party Links & Services

The Services may contain links to, or interoperate with, third-party websites and services that we do not control. This Policy does not apply to those third parties, and we encourage you to review their privacy policies before providing them with personal data.

14. Marketing Communications

Where permitted, we may send you information about features, offers, and updates. You can opt out at any time by using the unsubscribe link in our emails or contacting support@hellocall.ai. We will continue to send essential service and security communications, which are not promotional.

15. Data Breach Notification

In the event of a personal data breach affecting your data, we will notify the relevant authorities and affected individuals where and when required by applicable law, and will take reasonable steps to contain and remediate the incident.

16. Changes to This Policy

We may update this Policy from time to time. The "Last updated" date above reflects the latest revision. For material changes we will provide notice through the Services or by email. Your continued use of the Services after a change becomes effective constitutes acknowledgement of the revised Policy.

17. Grievance Officer & Contact

In accordance with Indian law, including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, you may contact our Grievance Officer with any concerns about this Policy or the handling of your personal data:

Grievance Officer
Crawlink Networks Pvt Ltd
Registered office and corporate details: crawlink.com
Email: support@hellocall.ai

We endeavour to acknowledge grievances promptly and to resolve them within the timelines prescribed by applicable law.