Privacy Policy

Effective 2026-05-08

Transcenda Voice (“we”, “us”, “the app”) is a multi-tenant softphone for businesses on Transcenda's telephony platform. This policy describes what we collect, how we use it, who we share it with, and the rights you have over your data. We process personal data on behalf of your employer (the “tenant”) — see our DPA for the controller-processor split.

What we collect

• Account identifiers — your work email, display name, role, and a Transcenda ID (Keycloak) user id provided by your tenant admin.
• SIP credentials — your extension number and a randomly-generated SIP password we provision on your tenant's FusionPBX. Never sent to third parties.
• Push tokens — APNs (iOS) and FCM (Android) device tokens we use solely to deliver incoming-call rings and voicemail notifications.
• Call metadata — call detail records (CDRs): from/to numbers (or extensions), start/end timestamps, direction, disposition, and duration. Retained for 24 months for billing and compliance.
• Voicemail recordings — audio files left for you on your extension. Stored on your tenant's FusionPBX domain. You can delete individual messages at any time.
• Call recordings (Pro+ tiers, when explicitly enabled by tenant) — recorded only when the tenant has enabled recording AND you and your counterparty have been notified at the start of the call.
• Diagnostic data — crash reports (if enabled), basic device info (OS, app version, device label like “iPhone · Safari”) used to keep the app stable.
• Session log — IP, user-agent, last-seen timestamp for each device sign-in. Visible to you under Settings → Sessions; you can revoke any session.

What we do NOT collect

• Audio of live calls. Voice media flows over WebRTC (SRTP) directly between your device and your tenant's FusionPBX; we do not record or store it unless you or your tenant explicitly enable call recording.
• Your phone's contacts, unless you grant the contacts permission and explicitly choose to import.
• Tracking/advertising identifiers. We do not use Apple ATT, do not embed advertising SDKs, and do not sell or share data for advertising.

How we use it

• To register your softphone with your tenant's FusionPBX and place / receive calls.
• To deliver incoming-call notifications via APNs and FCM.
• To show your call history, voicemail list, and active sessions.
• To detect and respond to abuse (rate-limited login attempts, etc.).
• To bill your tenant according to their subscription plan.

Who we share it with (sub-processors)

• Apple — APNs delivers iOS push. Apple Privacy Policy.
• Google — FCM delivers Android push. Google Privacy Policy.
• Twilio (or BYO trunk) — outbound PSTN minutes are routed through Twilio (or your tenant's configured carrier). They see the called/calling phone numbers and call audio. Twilio Privacy Notice.
• Cloudflare — TLS termination and DDoS protection for our public endpoints. Cloudflare does not retain call audio.
• Sentry — crash reporting (when crash data is enabled). PII is filtered before send.

Where data is stored

Tenant data lives on Transcenda infrastructure in Frankfurt (EU) and Singapore. Backups are encrypted at rest and stored in Hostinger / Contabo data centers in the same regions. Push tokens are stored at edge regions of Apple and Google.

Retention

• Account + SIP credentials: until your tenant admin removes you, OR you self-delete (see below).
• Call detail records: 24 months from the call end (legal/billing requirement).
• Voicemail audio: until you delete it, or until your account is deleted.
• Diagnostic data: 90 days.

Your rights

You can request access, rectification, portability, restriction, or erasure of your personal data:

• From inside the app: Settings → Privacy → Delete my account (immediate access revoke + 30-day grace before hard deletion).
• From the public form: /account-deletion — works even if you've uninstalled the app.
• By email: privacy@transcenda.io.

EU/UK residents may also lodge a complaint with their local data-protection authority. UAE residents may contact the UAE Data Office (PDPL).

Emergency calls (E911 / 999 / 112)

Transcenda Voice is a softphone running over the internet. It cannot reliably reach emergency services from a mobile device — your device's native dialer must be used in emergencies. The app will warn you if you try to dial an emergency-pattern number; some tenants disable emergency dialing entirely.

Children

The app is intended for business use and not for children under 13 (US) / under 16 (EU). We do not knowingly collect data from children.

Changes

We post material changes here with an updated effective date. We notify the tenant admin by email at least 14 days before any change to the categories of data collected or sub-processors used.

Contact

Transcenda — privacy@transcenda.io · DPO: dpo@transcenda.io · Postal: Transcenda DMCC, Dubai, UAE.