We respect your privacy and are committed to protecting your personal data when you use our website crococalls.com (including the mobile version) (hereinafter collectively the “Website”), as well as any other products or services we provide, including our official pages/representations on social media (hereinafter collectively the “Services”).
This Privacy Policy (hereinafter the “Policy”) describes how we collect, use, store, and share your personal data when you visit the Website or use the Services, and explains your privacy rights.
When providing the Services, we may act either as a Controller or as a Processor of personal data, depending on the circumstances.
Where our customers use our communications platform, they may interact and communicate with end users through various communication channels. We transmit/deliver such messages and connections via communications service providers.
In such cases, we act as a Processor of personal data under applicable data protection laws, because we process end users’ personal data only on behalf of and in accordance with the instructions of our customers. This means that our customers remain the Controllers of their end users’ personal data.
We process personal data only to the extent necessary to provide the Services and do not independently determine the purposes and means of processing end users’ personal data.
Important: This Policy does not apply where we process end users’ personal data as a Processor on behalf of our customers. In such cases, our customers’ privacy policies/terms apply.
Where we independently determine the purposes and means of processing (i.e., why and how processing is carried out) and do not act on behalf of another party, we act as a Controller.
For example, we typically act as a Controller when we process personal data of our customers and their representatives/employees/officers/agents who interact with us as contact persons.
Any references in this Policy to “you” or “your” refer to all individuals whose personal data we collect and process as a Controller when providing the Services.
Crococalls is the Controller of your personal data related to your use of the Website and the Services.
In this Policy, “we”, “us”, and “our” refer to Crococalls.
Contact email address: [email protected]
Below are the categories of personal data we may collect, or that you provide to us when interacting with us or using the Services.
When you create an account, you provide information that may include your first name, last name, and login credentials (username, password, API token), as well as information about your organisation’s representatives and contact persons.
When you create an account, request a demo, or subscribe to our newsletter, you provide us with an email address and/or a phone number. If we work with an organisation, we may collect contact details of its representatives/employees who act as contact persons.
We may process organisational registration and legal data (as needed), such as: legal entity name and type, registration number, country of incorporation, address, website, and authorised persons’ details (full name, position, phone number, email).
After you register and use the Services, we may process payment details/payment address, your account balance in the dashboard, payment history, receipts or other supporting documents you may upload, as well as other payment data depending on the jurisdiction and payment method.
When you use the Services, we collect data necessary for routing and providing communications/messages, such as: country/destination, type, duration, date and time, routing parameters, and other traffic metadata depending on the Services provided.
In some cases, certain traffic data may be used by us as a Controller, for example for billing, reconciliation with communications operators, etc.
This includes data that customers may transmit/upload for the provision of the Services, such as end users’ names, phone numbers, email addresses, and other end-user data — within the customer’s instructions.
We may collect technical data such as IP address, time zone, activity logs, routing information, and other technical events related to the use of the Services.
We collect information about how you use the Website, such as pages visited, time spent, and actions within features.
We use cookies to improve navigation, analyse Website usage, and support marketing. Details are described in a separate Cookie Policy available via the Website.
If you contact us via social media platforms or messengers (e.g., Facebook, WhatsApp, Messenger), we may receive the data you send us, as well as the date/time and content of your communication. We recommend reviewing the privacy policies of those platforms.
We do not intentionally collect special categories of personal data (such as data revealing race/ethnicity, political opinions, religious beliefs, health data, biometric data, etc.), nor data relating to criminal convictions and offences. However, we cannot exclude that you may, at your discretion, provide such data in your messages to us.
You are not required to provide us with personal data. However, some data is necessary for the provision of the Services. If certain information is mandatory (under a contract or by law), we will inform you at the time of collection. Failure to provide mandatory data may prevent us from providing certain Services (e.g., entering into a contract/creating an account).
Below are the main purposes of processing and typical legal bases.
We may share personal data with third parties (Controllers or Processors) only for the purposes described in Section 6.
We engage trusted providers (e.g., hosting/data storage, analytics, anti-spam/anti-fraud). We enter into agreements requiring them to protect personal data and to use it only to provide services to us.
We engage telecommunications operators and communications providers for routing and connectivity.
We may use analytics services to analyse Website usage (e.g., device data, IP address, technical parameters).
We may disclose data where necessary to comply with legal obligations or to protect our rights/users/systems.
In the event of a merger, sale, restructuring, or other transfer of business/assets, data may be transferred in accordance with law. Where required, we will request your consent if the purpose is not covered by this Policy.
We may engage service providers outside the EU. In such cases, we apply appropriate safeguards (e.g., adequacy decisions or EU Standard Contractual Clauses, where applicable).
You have rights under data protection laws, including: access, rectification, erasure, restriction of processing, objection, and data portability.
We respond to requests within the time limits set by law (usually up to 1 month).
Contact: [email protected]
We retain personal data for the duration of our business relationship with you and for an additional period thereafter where necessary to comply with legal/regulatory obligations or to protect our rights.
If the Website contains links to third-party resources, this Policy does not apply to their activities. We recommend reviewing their privacy policies.