Get started

Privacy Policy

Last updated: 29 March 2026

This Privacy Notice for Xdroid International N.V. (“we,” “us,” or “our”), describes how we process personal data in connection with our website, sales activities, customer relationships, support services, and our voice analytics software-as-a-service platform (the “Services”). It applies to business customers, prospective customers, website visitors, account administrators, authorised users, billing contacts, support contacts, and individuals whose personal data is included in Customer Data, such as employees, contractors, agents, end users, and call participants. This Policy is intended to be read together with our Terms, our Data Processing Agreement where applicable, and our separate Cookie Policy. 

 

TABLE OF CONTENTS

  1. WHAT INFORMATION DO WE COLLECT?
  2. HOW DO WE PROCESS YOUR INFORMATION?
  3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
  4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
  5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
  6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
  7. HOW LONG DO WE KEEP YOUR INFORMATION?
  8. HOW DO WE KEEP YOUR INFORMATION SAFE?
  9. DO WE COLLECT INFORMATION FROM MINORS?
  10.  WHAT ARE YOUR PRIVACY RIGHTS?
  11. CONTROLS FOR DO-NOT-TRACK FEATURES
  12. DO WE MAKE UPDATES TO THIS NOTICE?
  13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
  14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

 

1. WHAT INFORMATION DO WE COLLECT?

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Depending on how you interact with us and the Services, we may process the following categories of personal data:

  • Account and profile data, such as name, business email address, business telephone number, job title, username, password or authentication credentials, and account preferences.
  • Customer relationship data, such as company name, contract details, onboarding information, correspondence, meeting notes, and communications with our sales, customer success, or support teams.
  • Billing and transaction data, such as billing contact details, invoicing details, payment status, purchase history, and limited payment-related information received from payment providers.
  • Website and device data, such as IP address, browser type, device identifiers, operating system, referring pages, timestamps, cookie identifiers, and information about how users interact with our website or platform.
  • Support and operational data, such as tickets, chat transcripts, call notes, bug reports, diagnostic data, and troubleshooting records.
  • Customer Data processed through the Services, such as uploaded or streamed voice recordings, call audio, call metadata, transcripts, timestamps, speaker labels, speaker metadata, CRM-linked data, tags, notes, search queries, and other content submitted by or on behalf of customers.
  • Derived analytics and AI outputs, such as summaries, classifications, sentiment or quality indicators, topics, keywords, extracted action items, coaching prompts, alerts, reports, indexes, and similar outputs generated from Customer Data. These outputs may remain personal data where they relate to an identified or identifiable individual.
  • Security and audit data, such as access logs, administrator actions, permission changes, authentication events, API activity, and records used to protect the Services and investigate misuse.
  • Payment Data. We may collect data necessary to process your payment if you choose to make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is handled and stored by STRIPE. You may find their privacy notice link(s) here: https://stripe.com/nl/privacy.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in our Cookie Notice: legal@xdroidinsights.com

Information collected from other sources

In order to enhance our ability to provide relevant marketing, offers, and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, and from other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for purposes of targeted advertising and event promotion.

 

2. HOW DO WE PROCESS YOUR INFORMATION?

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

  • To provide, configure, administer, and maintain the Services.
  • To create and manage accounts, authenticate users, and enforce permissions.
  • To host, store, transmit, transcribe, analyse, search, summarise, classify, and report on voice and conversation data in accordance with customer instructions and product configuration.
  • To provide customer support, technical assistance, and service communications.
  • To process payments, manage subscriptions, issue invoices, and maintain financial records.
  • To secure our website, platform, systems, and customers’ environments, including monitoring, fraud prevention, abuse detection, incident response, and audit logging.
  • To improve service reliability, performance, usability, and features using product telemetry, diagnostics, and other operational data.
  • To communicate with prospective customers and business contacts, including direct marketing where permitted by law.
  • To comply with legal obligations, respond to lawful requests, protect rights, and manage corporate transactions.
  • To generate aggregated or de-identified statistics where this can be done in a way that does not reasonably identify individuals. Where data remains linkable or attributable to individuals, we continue to treat it as personal data.

 

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

The General Data Protection Regulation (GDPR) requires us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

  • Consent. We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. 
  • Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
  • Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to:
  • Send users information about special offers and discounts on our products and services
  • Develop and display personalized and relevant advertising content for our users
  • Analyze how our Services are used so we can improve them to engage and retain users
  • Diagnose problems and/or prevent fraudulent activities
  • Understand how our users use our products and services so we can improve user experience
  • Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
  • Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

Where we process Customer Data on behalf of a business customer, the customer is usually the controller for that Customer Data and is responsible for determining the applicable legal basis. In those cases, we act primarily as the customer’s processor under their documented instructions, except where we use limited data for our own independent purposes such as security, billing, legal compliance, or defending claims.

 

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents (“third parties”) who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will also not share your personal information with any organization apart from us. They also commit to protecting the data they hold on our behalf and to retaining it for the period we instruct. 

The third parties we may share personal information with are as follows:

  • cloud hosting and infrastructure providers;
  • subprocessors that help us provide transcription, AI, storage, communications, logging, support, or security functionality;
  • customer-authorised integrations and third-party systems connected by the customer;
  • payment processors and billing service providers;
  • professional advisers, auditors, insurers, and finance providers;
  • analytics, website, and consent-management providers;
  • law enforcement, regulators, courts, or other competent authorities where required by law or necessary to protect rights; and
  • prospective buyers, investors, or transaction counterparties in connection with a merger, acquisition, restructuring, or sale of assets.

 

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders (depending on your communication preferences). The third parties and service providers use their technology to provide advertising about products and services tailored to your interests, which may appear either on our Services or on other websites.

Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice: legal@xdroidinsights.com

Google Analytics

We may share your information with Google Analytics to track and analyze the use of the Services. To opt out of being tracked by Google Analytics across the Services, visit Google Analytics Opt-out Browser Add-on Download Page. For more information on the privacy practices of Google, please visit the Google Privacy & Terms page.

 

6. IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

Our servers are located in Germany and Hungary. Where personal data is transferred outside the EEA, we will use a lawful transfer mechanism, such as an adequacy decision, the European Commission’s Standard Contractual Clauses, or another recognised safeguard, together with supplementary measures where appropriate.

European Commission’s Standard Contractual Clauses:

We have implemented measures to protect your personal information, including by using the European Commission’s Standard Contractual Clauses for transfers of personal information outside of the EEA. These clauses require all recipients to protect all personal information that they process originating from the EEA  in accordance with European data protection laws and regulations. Our Standard Contractual Clauses can be provided upon request. 

 

7. HOW LONG DO WE KEEP YOUR INFORMATION?

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information for longer than thirty-six (36) months past the termination of the user’s account.

When we have no ongoing legitimate business need to process your personal information, we will delete such information.

 

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include role-based access controls, logical segregation in our multi-tenant environment, authentication controls, audit logging, vendor due diligence, incident handling procedures, confidentiality obligations, and backup and recovery processes. Public descriptions of our security measures are necessarily general and do not describe every control in detail.

No system can be guaranteed to be completely secure. Customers and users should also use appropriate safeguards, such as protecting credentials, enabling suitable account controls, and limiting uploads to data that is necessary for the intended use case.

 

9. DO WE COLLECT INFORMATION FROM MINORS?

The Services are intended for business use and are not directed to children. We do not knowingly collect personal data directly from children through our website or general business operations. Customers must not use the Services to process children’s personal data unless they have ensured that doing so is lawful, necessary, and appropriately documented for the relevant use case. If you become aware of any data we may have collected from children under age 18, please contact us at DPO@xdroid.com.

 

10. WHAT ARE YOUR PRIVACY RIGHTS?

Where the GDPR applies, and we act as controller, individuals may have the right to request access to their personal data, rectification of inaccurate data, erasure, restriction of processing, objection to processing, and data portability. Where we rely on consent, individuals may withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

Individuals may also have the right not to be subject to a decision based solely on automated processing that produces legal effects or similarly significant effects, subject to the conditions and exceptions in applicable law.

If we process personal data solely as a processor on behalf of a customer, requests relating to that Customer Data should usually be directed to the relevant customer as controller. We will assist our customers with such requests where required by our contractual and legal obligations

If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your Member State data protection authority.

However, please note that this will not affect the lawfulness of the processing before its withdrawal nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

Marketing communications

Where permitted by law, we may send business-to-business marketing communications about our Services, events, updates, or related content. We rely on consent where required, and otherwise on our legitimate interests in promoting our business to professional contacts in a proportionate way.

You can opt out of marketing emails at any time by using the unsubscribe link in the message or by contacting us at DPO@xdroid.com. Service, billing, legal, and other non-marketing communications will still be sent where necessary.

You can exercise your rights by contacting us at DPO@xdroid.com. We may need to verify your identity and request additional information to process your request. If your request relates to Customer Data that we handle on behalf of a business customer, we may direct you to that customer or pass your request to them, as appropriate.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can:

  • Log in to your account settings and update your user account.

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

Cookies and similar technologies: We use cookies and similar technologies on our website and, where relevant, in our online Services. Some of these technologies are strictly necessary for the operation of the site or the specific service requested by the user. Others are used for analytics, functionality, performance, or advertising and will be used only where permitted by applicable law and, where required, on the basis of consent.

Further details about the categories of cookies we use, how long they remain on your device, and how to manage your preferences are set out in our separate Cookie Policy and cookie preference tools. In broad terms, our cookie categories may include Necessary, Analytics, Functionality, Advertising, and Performance cookies.

You can change your cookie preferences at any time through our cookie settings tool, where available, or through your browser settings. Refusing non-essential cookies may affect certain site features but should not prevent access to core website functions that rely only on strictly necessary technologies. 

For further information, please see our Cookie Notice: legal@xdroidinsights.com

 

11. DO WE MAKE UPDATES TO THIS NOTICE?

We may update this Privacy Policy from time to time to reflect changes in our Services, our processing practices, or applicable law. Where appropriate, we will update the Effective Date above. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

 

13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO) by email at DPO@xdroid.com, or contact us by post at:

Xdroid International NV

Data Protection Officer

Hendrik Consciencestraat 1B

2800 Mechelen

Belgium

 

14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request a review, update, or delete of your personal information, please fill out and submit a data subject access request.