Privacy Policy

Last Updated: 5 March 2026

Company Registration No. 13308651

Registered Office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

United Kingdom

Effective Date: 5 March 2026

1. Introduction

Dial360.ai Ltd ("Dial360", "we", "us", "our") is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, share, and protect personal data in connection with our AI-powered call centre platform and associated Services.

We are registered in England and Wales (Company No. 13308651) and act as a data controller in respect of the personal data we collect directly from our Customers and website visitors. Where we process personal data on behalf of our Customers, we act as a data processor.

This Policy applies to all individuals whose personal data we process, including: Customers and their authorised Users; visitors to our website and marketing pages; and individuals who contact us by email, telephone, or live chat.

2. Our Legal Bases for Processing

2.1 UK and EEA Users

We process personal data under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our legal bases for processing include:

Contract: Processing necessary to perform our contract with you, including providing the Services and managing your Account.

Legitimate Interests: Processing necessary for our legitimate business interests, such as improving the Platform, preventing fraud, and marketing our Services to business contacts.

Legal Obligation: Processing necessary to comply with our legal obligations under UK law.

Consent: Where we rely on your consent, you have the right to withdraw it at any time.

2.2 US Users

For users in the United States, we process personal data in accordance with applicable federal and state privacy laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for California residents. US-specific rights are set out in Section 9.

3. Information We Collect

3.1 Information You Provide

We collect information that you provide directly to us, including:

Account and registration information: name, job title, company name, email address, telephone number, and billing information.

Communications: messages, support tickets, and feedback you send to us.

Customer Data: call recordings, transcripts, chat logs, emails, and other customer interaction data processed through the Platform on your behalf.

3.2 Information Collected Automatically

When you use our Platform or visit our website, we automatically collect:

Usage data: features accessed, actions taken, session duration, and error logs.

Device and technical data: IP address, browser type, operating system, and device identifiers.

Cookies and similar technologies: as described in our Cookie Policy.

3.3 Information from Third Parties

We may receive information about you from third parties, including:

Marketing and analytics providers who help us understand how visitors find our website.

Payment processors for billing and fraud prevention purposes.

Integration partners, where you have connected third-party tools to your Dial360 account.

4. How We Use Your Information

We use personal data for the following purposes:

Providing the Services: operating, maintaining, and improving the Platform; providing customer support; processing payments.

AI and Automation Features: generating call summaries, QA scores, and template suggestions. These features process Customer Data strictly to deliver the contracted Services. We do not use Customer Data to train shared AI models without your explicit consent.

Security and Fraud Prevention: monitoring for suspicious activity, protecting our systems, and verifying identities.

Marketing and Communications: sending product updates, newsletters, and promotional materials to business contacts where we have a legitimate interest or your consent. You may opt out at any time.

Legal Compliance: complying with our legal and regulatory obligations, including responding to lawful requests from authorities.

Analytics and Improvement: analysing usage patterns to improve the Platform and develop new features, using aggregated or anonymised data where possible.

5. Call Recording and AI Transcription

The Dial360 Platform includes telephony features that enable call recording and AI-powered transcription. These features have significant data protection implications:

5.1 Your Obligations as a Customer

Where you use call recording or transcription features, you are responsible for:

Obtaining all legally required consents from call participants, including employees, contractors, and end customers.

Complying with the Investigatory Powers Act 2016 and the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 in the UK.

Complying with applicable US federal and state recording consent laws. Note: some US states (including California, Florida, and Illinois) require all-party consent for call recording.

Providing appropriate notices to individuals that calls may be recorded and transcribed.

5.2 Our Role

We provide the technical infrastructure for recording and transcription. We process this data as a data processor on your instructions. We do not listen to, review, or use call recordings for any purpose other than providing the contracted Services, unless required by law.

6. Data Sharing and Disclosure

We do not sell personal data. We share personal data only in the following circumstances:

Service Providers: we engage trusted third-party providers to assist in delivering the Services, including cloud infrastructure providers (such as AWS or Google Cloud), payment processors, and analytics providers. All service providers are bound by data processing agreements and may only use data for the specified purpose.

AI Technology Partners: we use OpenAI and other AI providers to power certain AI features. Data shared with AI providers is subject to our agreements with those providers and is used only to deliver the requested AI functionality.

Legal Requirements: we may disclose personal data where required by law, court order, or regulatory authority in the UK or US.

Business Transfers: in the event of a merger, acquisition, or sale of all or part of our business, personal data may be transferred to the acquiring entity, subject to equivalent privacy protections.

With Your Consent: we may share your data in other circumstances with your explicit consent.

7. International Data Transfers

Dial360 is headquartered in the United Kingdom and operates in both the UK and the United States. Personal data may be transferred between these jurisdictions in the course of providing the Services.

For transfers of personal data from the UK to the United States or other countries not recognised as providing an adequate level of data protection, we rely on appropriate safeguards such as the International Data Transfer Agreement (IDTA) or Standard Contractual Clauses (SCCs) as adopted by the UK Information Commissioner's Office (ICO).

Where you are a US Customer and personal data is processed on servers located in the UK or EU, we ensure that such processing complies with applicable US law.

8. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, including:

Account data: retained for the duration of your Subscription and for 7 years thereafter for legal and financial record-keeping purposes.

Customer Data (call recordings, transcripts, etc.): retained for the duration of your Subscription and for 30 days following termination, unless you request earlier deletion or a longer retention period is required by law.

Marketing data: retained until you opt out or withdraw consent.

Website analytics: typically retained in aggregated or anonymised form.

9. Term and Termination

9.1 UK and EEA Residents

Under UK GDPR, you have the following rights in respect of your personal data:

Right of access: to obtain a copy of the personal data we hold about you.

Right to rectification: to have inaccurate or incomplete data corrected.

Right to erasure: to have your personal data deleted in certain circumstances.

Right to restriction: to restrict processing of your personal data in certain circumstances.

Right to data portability: to receive your personal data in a structured, machine-readable format.

Right to object: to object to processing based on legitimate interests or for direct marketing purposes.

Rights related to automated decision-making: to not be subject to decisions made solely by automated means that produce significant legal or similarly significant effects.

To exercise any of these rights, please contact us at [email protected]. We will respond within one month of receiving your request. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk.

9.2 California Residents (CCPA/CPRA)

California residents have the following additional rights:

Right to Know: to know what personal information we collect, use, disclose, and sell (we do not sell personal information).

Right to Delete: to request deletion of your personal information, subject to certain exceptions.

Right to Correct: to request correction of inaccurate personal information.

Right to Opt Out of Sale or Sharing: we do not sell or share personal information for cross-context behavioural advertising.

Right to Non-Discrimination: we will not discriminate against you for exercising your CCPA/CPRA rights.

To submit a CCPA/CPRA request, contact us at [email protected] or call our dedicated privacy line. We will verify your identity before processing requests.

9.3 Other US Residents

Residents of other US states with applicable privacy laws (including Colorado, Connecticut, Virginia, and Texas) may have similar rights under their respective state laws. We will honour such rights to the extent required by applicable law. Contact [email protected] for assistance.

10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit and at rest.

Access controls limiting data access to authorised personnel on a need-to-know basis.

Regular security assessments and penetration testing.

Incident response procedures, including notification obligations under UK GDPR (within 72 hours of becoming aware of a qualifying breach) and applicable US state breach notification laws.

No method of transmission over the internet or electronic storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

11. Cookies

Our website and Platform use cookies and similar tracking technologies to enhance functionality, analyse usage, and support marketing activities. You can manage your cookie preferences through our cookie banner or browser settings. For full details, please refer to our Cookie Policy available at www.dial360.ai/cookies.

12. Children's Privacy

The Services are intended for business use only and are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child, we will take steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Services. We will notify you of material changes by email or through the Platform. The updated Policy will be effective from the date stated at the top of this document. We encourage you to review this Policy periodically.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection contact:

Dial360.ai Ltd

Data Protection

71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

United Kingdom

Website: www.dial360.ai

For UK regulatory matters, you may also contact the Information Commissioner's Office (ICO) at www.ico.org.uk or by telephone on 0303 123 1113.

Copyright 2026. Dial360. All Rights Reserved.