1. Information We Collect

Personal Information

We collect personal information that you provide directly to us, including:

• Name and contact information (email, phone, address)
• Business information (company name, industry, size)
• Account credentials and preferences
• Payment and billing information
• Communication preferences

Usage Information

We automatically collect information about your use of our services:

• Call detail records (CDRs) including numbers dialed, duration, and time
• Service usage statistics and performance metrics
• IP addresses and device information
• Website analytics and interaction data
• System logs and technical diagnostics

Communications Data

In the course of providing VoIP services, we may process:

• Voice communications metadata (not content)
• Voicemail messages stored on our systems
• SMS and messaging data when applicable
• Customer support communications

2. How We Use Your Information

We use your information for the following purposes:

Service Provision

• Providing VoIP communication services
• Managing your account and user profiles
• Processing payments and billing
• Technical support and troubleshooting

Service Improvement

• Analyzing usage patterns to improve our services
• Developing new features and capabilities
• Monitoring system performance and reliability
• Conducting quality assurance testing

Communication

• Sending service notifications and updates
• Providing customer support
• Marketing communications (with consent)
• Legal and regulatory notifications

3. Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

Service Providers

We may share information with trusted third-party service providers who assist us in:

• Payment processing (Stripe)
• VoIP services infrastructure (VoIP.ms, Twilio)
• Cloud hosting and data storage
• Customer support tools
• Analytics and monitoring services

Legal Requirements

We may disclose your information when required by law or to:

• Comply with legal process or government requests
• Enforce our terms of service
• Protect the rights, property, or safety of KCVoIP, our users, or others
• Investigate fraud or security issues

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4. Data Security

We implement comprehensive security measures to protect your information:

• End-to-end encryption for voice communications
• AES-256 encryption for data at rest
• TLS 1.3 for data in transit
• Multi-factor authentication
• Regular security audits and penetration testing
• SOC 2 Type II compliance
• 24/7 security monitoring

5. Data Retention

We retain your information for different periods based on the type of data:

• Account Information: Retained while your account is active plus 7 years for tax and regulatory purposes
• Call Detail Records: Retained for 2 years as required by FCC regulations
• Voicemail Messages: Retained until deleted by user or account closure
• Payment Information: Retained per PCI DSS requirements and applicable law
• Support Communications: Retained for 3 years for quality assurance

6. Your Rights

Access and Control

You have the right to:

• Access your personal information in our systems
• Correct inaccurate or incomplete information
• Delete your personal information (subject to legal requirements)
• Export your data in a portable format
• Opt-out of marketing communications

GDPR Rights (EU Residents)

If you are an EU resident, you have additional rights under GDPR:

• Right to object to processing
• Right to restrict processing
• Right to data portability
• Right to lodge a complaint with supervisory authorities

CCPA Rights (California Residents)

If you are a California resident, you have rights under CCPA:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights

7. Cookies and Tracking

We use cookies and similar technologies to:

• Remember your preferences and settings
• Provide secure access to your account
• Analyze website usage and performance
• Deliver relevant content and advertisements

You can control cookies through your browser settings, but disabling cookies may affect service functionality.

8. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place:

• Standard Contractual Clauses for EU data transfers
• Adequacy decisions where applicable
• Binding Corporate Rules for internal transfers
• Certification schemes and codes of conduct

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will delete it promptly.

10. Changes to This Policy

We may update this privacy policy periodically. We will notify you of material changes by:

• Email notification to your registered address
• Notice in your account dashboard
• Prominent notice on our website

Your continued use of our services after changes take effect constitutes acceptance of the updated policy.

11. Contact Information

For questions about this privacy policy or to exercise your rights, contact us:

12. Regulatory Compliance

This privacy policy complies with:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Health Insurance Portability and Accountability Act (HIPAA)
• Federal Communications Commission (FCC) regulations
• Gramm-Leach-Bliley Act (GLBA)

Effective Date: January 15, 2025
Last Updated: January 15, 2025
Version: 2.1