Privacy Policy

Last Updated:

1. Introduction

Welcome to KnoxCall ("we," "our," or "us"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our API gateway and secrets management platform (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, phone number, and password
  • Billing Information: Payment card details, billing address (processed through Stripe)
  • Profile Data: Timezone preferences, date format preferences, and other account settings
  • Communication Data: Information you provide when contacting our support team

2.2 Information Collected Automatically

  • Usage Data: API requests, routes accessed, client connections, and feature usage
  • Log Data: IP addresses, browser type, operating system, timestamps, and request/response data
  • Device Information: Device identifiers, network information, and location data
  • Cookies and Tracking: Session tokens, authentication cookies, and analytics data

2.3 Sensitive Data

  • API Keys and Secrets: Encrypted and stored securely using industry-standard encryption
  • OAuth Tokens: Stored encrypted and never logged in plain text
  • Client Configurations: Headers, query parameters, and routing configurations

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain our Service
  • Process your transactions and manage your subscriptions
  • Send you technical notices, updates, and security alerts
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyze usage patterns to improve our Service
  • Detect, prevent, and address technical issues and security vulnerabilities
  • Comply with legal obligations and enforce our terms of service
  • Send you marketing communications (with your consent)

4. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

  • Account Data: Retained while your account is active and for 90 days after account deletion
  • Log Data: Retained based on your subscription plan (7-90 days)
  • Backup Data: Retained for 30 days for disaster recovery
  • Billing Records: Retained for 7 years for tax and legal compliance
  • Deleted Data: Permanently purged after retention periods expire

5. How We Share Your Information

We may share your information with:

  • Service Providers: Third-party vendors who perform services on our behalf (payment processing, email delivery, hosting)
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Legal Requirements: When required by law, subpoena, or to protect our rights
  • With Your Consent: When you explicitly authorize us to share your data
Note: We never sell your personal data to third parties for marketing purposes.

6. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
  • Access Controls: Role-based access control and multi-factor authentication
  • Monitoring: 24/7 security monitoring and intrusion detection
  • Regular Audits: Periodic security assessments and penetration testing
  • Incident Response: Documented procedures for security breach notification

While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal data we hold
  • Correction: Update or correct inaccurate personal data
  • Deletion: Request deletion of your personal data (subject to legal obligations)
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing of your data for certain purposes
  • Restriction: Request restriction of processing your personal data
  • Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, please contact us at [email protected]

8. International Data Transfers

Your data is stored in data centers located in your selected region. We support data residency in:

  • United States (US)
  • New Zealand (NZ)
  • European Union (planned)

If we transfer data across borders, we ensure appropriate safeguards are in place through standard contractual clauses and other legal mechanisms.

9. Cookies and Tracking Technologies

We use cookies and similar technologies for:

  • Essential Cookies: Authentication and security (required for Service functionality)
  • Analytics Cookies: Understanding usage patterns and improving our Service
  • Preference Cookies: Remembering your settings and preferences

You can control cookies through your browser settings, but disabling essential cookies may affect Service functionality.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

11. Third-Party Services

Our Service integrates with third-party services:

  • Stripe: Payment processing (see Stripe's privacy policy)
  • Cloudflare: DNS and CDN services
  • Klaviyo: Email marketing and communication

These third parties have their own privacy policies. We are not responsible for their practices.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending you an email notification (for significant changes)
  • Displaying a notice in our Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: [email protected]

Support: [email protected]

Website: https://knoxcall.com

14. Region-Specific Rights

14.1 European Union (GDPR)

If you are located in the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to lodge a complaint with a supervisory authority
  • Right to data portability in a machine-readable format
  • Right to object to automated decision-making

14.2 California (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your rights
‹ Go Back Home