--- title: "Privacy Policy — KrosAI" description: "How KrosAI collects, uses and protects information when you use our AI phone infrastructure services." url: "https://krosai.com/privacy" updated_at: "2026-05-24" --- # Privacy Policy — KrosAI > How KrosAI collects, uses and protects information when you use our AI phone infrastructure services. _Last updated: December 2024_ ## 1. Introduction KrosWeb Enterprise Inc. ("KrosAI", "we", "us", or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and protect information when you use our AI-native phone infrastructure services ("Services"). By using our Services, you consent to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Services. ## 2. Information We Collect ### 2.1 Information You Provide - **Account Information:** Name, email address, company name, billing address, and payment information when you register for an account - **Communication Data:** Content of emails, support tickets, and other communications you send to us - **API Credentials:** Authentication tokens and API keys generated for your account - **Business Information:** Company size, industry, and intended use cases provided during onboarding ### 2.2 Information Collected Automatically - **Usage Data:** API calls, call logs, call duration, phone numbers dialed, and feature usage patterns - **Technical Data:** IP addresses, browser type, device information, operating system, and access times - **Log Data:** Server logs, error reports, and performance metrics - **Cookies and Tracking:** Information collected through cookies, web beacons, and similar technologies ### 2.3 Call Data When you use our voice services, we may collect metadata about calls including: - Originating and destination phone numbers - Call start and end times - Call duration and connection status - Audio streams (only when explicitly enabled by you for AI processing) - Transcriptions (only when explicitly enabled by you) ## 3. How We Use Your Information ### 3.1 Service Delivery - Provision and maintain our telecommunications infrastructure - Process and route calls through our network - Enable AI agent integrations as configured by you - Generate invoices and process payments ### 3.2 Service Improvement - Analyze usage patterns to improve service quality - Optimize network performance and reduce latency - Develop new features and capabilities - Conduct internal research and development ### 3.3 Communication - Send service updates, security alerts, and maintenance notices - Respond to support requests and inquiries - Provide product announcements and newsletters (with your consent) ### 3.4 Legal and Compliance - Comply with applicable laws, regulations, and legal processes - Enforce our Terms of Service and other agreements - Detect, prevent, and address fraud, security issues, and technical problems - Maintain call detail records as required by telecommunications regulations ## 4. Data Sharing and Disclosure **We do not sell your personal information.** We may share information in the following circumstances: ### 4.1 Service Providers We share information with third-party service providers who perform services on our behalf, including: - Telecommunications carriers for call routing and number provisioning - Cloud infrastructure providers for data hosting - Payment processors for billing operations - Analytics providers for service improvement All service providers are bound by contractual obligations to protect your data and use it only for the specified purposes. ### 4.2 Legal Requirements We may disclose information when required to: - Comply with applicable law, regulation, or legal process - Respond to lawful requests from government authorities - Protect the rights, property, or safety of KrosAI, our users, or others - Investigate potential violations of our Terms of Service ### 4.3 Business Transfers In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and any choices you may have regarding your information. ### 4.4 With Your Consent We may share information with third parties when you explicitly consent to such sharing. ## 5. Data Security We implement industry-standard security measures to protect your data: - **Encryption:** All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption - **Access Controls:** Role-based access controls and multi-factor authentication for internal systems - **Network Security:** Firewalls, intrusion detection systems, and DDoS protection - **Monitoring:** 24/7 security monitoring and logging of access to sensitive data - **Audits:** Regular security assessments and penetration testing - **Employee Training:** Security awareness training for all personnel While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. ## 6. Data Retention We retain your information for the following periods: - **Account Information:** Retained for the duration of your account and for 2 years after account closure - **Call Detail Records:** Retained for 7 years as required by telecommunications regulations - **Call Recordings/Transcriptions:** Retained according to your account settings, default is 30 days - **Usage Logs:** Retained for 1 year for operational purposes - **Billing Records:** Retained for 7 years for tax and accounting purposes You may request earlier deletion of certain data, subject to our legal and regulatory obligations. ## 7. Your Rights and Choices Depending on your location, you may have the following rights regarding your personal data: ### 7.1 Access and Portability You have the right to request a copy of the personal data we hold about you in a structured, commonly used format. ### 7.2 Correction You may request that we correct inaccurate or incomplete personal data. ### 7.3 Deletion You may request deletion of your personal data, subject to our legal retention obligations. ### 7.4 Restriction and Objection You may request that we restrict processing of your data or object to certain processing activities. ### 7.5 Marketing Opt-Out You may opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly. To exercise any of these rights, please contact us at privacy@krosai.com. We will respond to your request within 30 days. ## 8. International Data Transfers Your data may be transferred to and processed in countries other than your own, including the United States. We ensure appropriate safeguards are in place for such transfers, including: - Standard Contractual Clauses approved by the European Commission - Data processing agreements with all service providers - Compliance with applicable data protection frameworks ## 9. Cookies and Tracking Technologies We use cookies and similar technologies to: - **Essential Cookies:** Required for the operation of our website and dashboard - **Analytics Cookies:** Help us understand how visitors interact with our website - **Preference Cookies:** Remember your settings and preferences You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Services. ## 10. Children's Privacy Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information. ## 11. Region-Specific Provisions ### 11.1 European Economic Area (GDPR) If you are located in the EEA, our legal basis for processing your data includes: performance of contract, legitimate interests, compliance with legal obligations, and your consent where applicable. You have the right to lodge a complaint with your local data protection authority. ### 11.2 California (CCPA) California residents have additional rights under the CCPA, including the right to know what personal information we collect, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information. ### 11.3 Nigeria (NDPR) For users in Nigeria, we process data in accordance with the Nigeria Data Protection Regulation. Our Data Protection Officer can be contacted at dpo@krosai.com. ## 12. Changes to This Policy We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, where appropriate, sending you an email notification. Your continued use of the Services after changes become effective constitutes acceptance of the updated policy. ## 13. Contact Us If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: - **KrosWeb Enterprise Inc.** — Privacy Team - Email: privacy@krosai.com - Data Protection Officer: dpo@krosai.com - Website: