Spectrity

Legal

Privacy Policy

Effective date: 1 June 2025  ·  Last updated: 1 June 2025

Spectrity Technologies Private Limited (“Spectrity”, “we”, “our”, or “us”) is committed to protecting the privacy of every individual whose data we handle. This Privacy Policy explains what personal data we collect, how we use and store it, and the rights available to you under the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian laws.

1. Data We Collect

We collect personal data in the following categories depending on how you interact with our platform:

Call Recordings & Transcripts

When our voice AI agents handle calls on your behalf, audio recordings and machine-generated transcripts are created. These may include the names, phone numbers, and spoken content of end-users who interact with the agent.

Form & Contact Data

Information you submit via our website forms — including name, business email, phone number, company name, and the nature of your enquiry.

Usage & Technical Data

IP address, browser type, device identifiers, pages visited, time spent, and interaction events collected automatically through cookies and analytics tools.

CRM & Integration Data

Data exchanged with third-party CRM systems (e.g., Salesforce, HubSpot, Zoho) that you authorise us to access as part of your deployment configuration.

2. How We Use Your Data

  • To operate and improve our voice AI platform and services
  • To train and fine-tune AI models — only on anonymised or aggregated data, never raw call recordings without explicit written consent
  • To communicate with you about your account, support requests, and product updates
  • To comply with legal obligations under Indian law, including the DPDP Act 2023 and Information Technology Act, 2000
  • To detect fraud and ensure platform security

3. DPDP Act 2023 Compliance

Spectrity operates as a Data Fiduciary under the DPDP Act 2023. We process personal data only on a lawful basis, which includes:

  • Consent — freely given, specific, and informed consent obtained before processing sensitive personal data
  • Legitimate Use — processing necessary to perform a contract with you or to respond to an enquiry you initiated
  • Legal Obligation — processing required under applicable Indian law

We appoint a Consent Manager and will publish the details in this policy once the DPDP Rules are notified by the Government of India.

4. Data Storage & Location

All personal data is stored on servers located within India on India-region cloud infrastructure. Cross-border transfers, if any, are conducted only to countries notified by the Central Government under the DPDP Act and with appropriate contractual safeguards in place.

5. Third-Party Services

We work with carefully selected sub-processors to deliver our services:

  • Analytics — We use privacy-respecting analytics tools to understand how visitors use our website. Data is anonymised before transmission.
  • CRM Integrations — Your deployment may connect to CRM platforms you choose. We act as a data processor for such integrations.
  • Communication & Notifications — WhatsApp Business API and SMS gateways are used to send post-call summaries and follow-ups as configured by you.
  • Cloud Infrastructure — India-region cloud providers for compute, storage, and networking.

All third parties are bound by Data Processing Agreements (DPAs) that align with the DPDP Act requirements.

6. Your Rights

Under the DPDP Act 2023, you have the following rights as a Data Principal:

Right to Access

Request a summary of the personal data we hold about you and how it is being used.

Right to Correction

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data when it is no longer necessary for the purpose it was collected, subject to legal retention requirements.

Right to Grievance Redressal

Lodge a complaint with us if your rights have been violated. If unresolved, escalate to the Data Protection Board of India.

Right to Nominate

Nominate another individual to exercise rights on your behalf in the event of death or incapacity.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected:

  • Call Recordings — retained for 90 days by default; configurable to shorter periods on enterprise plans
  • Transcripts & Logs — retained for up to 12 months for quality assurance and dispute resolution
  • Form Submissions — retained for the duration of the commercial relationship plus 3 years
  • Website Analytics — anonymised data retained indefinitely; raw data purged after 90 days

8. Cookies

We use strictly necessary cookies to operate our website and optional analytics cookies to understand usage patterns. You can manage your cookie preferences using the banner displayed on your first visit. Withdrawing consent will not affect the lawfulness of prior processing.

9. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be notified via email (if you have an account) or a prominent notice on our website at least 30 days before they take effect.

10. Contact Us

To exercise your rights, raise a grievance, or ask questions about this policy, please contact our Data Protection Officer:

Spectrity Technologies Private Limited

Email: privacy@spectrity.com

India

We aim to respond to all requests within 30 days. If your concern remains unresolved, you may approach the Data Protection Board of India.