Privacy Policy

Last updated: 2026-04-20 · Version 0.1 (draft, pending legal review)

This policy explains how Wisky collects, uses, and protects personal data when you use our website, contact our sales team, or use the Service as a customer.

1. Data Controller

The data controller for information collected via this website and the Service is Wisky. Our operating entity and registered address are available on request and will be finalized in the Master Services Agreement with each Customer.

2. Data We Collect

2.1 When you visit the website

Standard server logs (IP address, user agent, pages visited, referer) retained for 30 days for security and abuse prevention.
Cookies and similar technologies as described in our Cookie Policy (below).

2.2 When you contact us

Name, business email, company, role, and the content of your inquiry.
Commercial correspondence, call notes, and account onboarding documentation.

2.3 When you use the Service

Account and billing information, including KYB documentation.
Call Detail Records (CDRs): source number, destination number, timestamp, duration, rating, call result.
Signaling captures (SIP headers) retained for troubleshooting and abuse prevention.
Where call recording is enabled by Customer configuration, the recorded media and associated metadata.

3. Legal Bases (GDPR Article 6)

Contract — to provide the Service you have contracted for.
Legal obligation — to comply with telecoms record-keeping, anti-money-laundering, and lawful-intercept requirements in our operating jurisdiction.
Legitimate interests — security monitoring, fraud prevention, service improvement.
Consent — for optional marketing communications, withdrawable at any time.

4. Retention

Server logs: 30 days.
Signaling captures (SIP): 90 days by default; up to 12 months for accounts under active investigation.
CDRs and billing records: retention per applicable telecom and tax law; typically 6 months to 7 years depending on jurisdiction.
Call recordings: retained per Customer configuration; default 30 days then deleted.
Sales and onboarding correspondence: 3 years from last contact.

5. Sharing

We share personal data only as necessary to deliver the Service or comply with law:

Upstream telecommunications carriers, to route calls.
Infrastructure providers (cloud hosting, monitoring, backup) under data processing agreements.
Law enforcement, in response to lawful and binding requests.

A current list of subprocessors is maintained in our Data Processing Addendum.

6. International Transfers

Personal data may be transferred outside the European Economic Area only where an adequacy decision applies or where appropriate safeguards (Standard Contractual Clauses) are in place.

7. Your Rights

Under the GDPR and equivalent regimes, you have the right to access, rectify, erase, port, restrict, and object to processing of your personal data. To exercise any right, contact privacy@wisky.com. You may also lodge a complaint with the supervisory authority in your country of residence.

8. Security

We apply administrative, technical, and physical safeguards appropriate to the sensitivity of the data: encryption in transit (TLS) and at rest, access controls, audit logging, least-privilege administration, and incident response procedures.

9. Cookies

This website uses only strictly necessary cookies for session management and security. We do not use third-party advertising or analytics cookies without explicit consent.

10. Changes

Material updates to this policy will be posted here and communicated via email to active Customers at least 30 days before they take effect.

11. Contact

Questions: privacy@wisky.com