Privacy Policy

---

IPPBX Cloud Edition Privacy Policy Agreement

Your continued use of IPPBX Cloud Edition means you are herein consenting to the following data procedures expressed within this agreement.

This policy only describes how IPPBX treats your information, not how other organizations treat your information. If you are using IPPBX services in a workplace or on a device or account issued to you by your employer or another organization, that company or organization likely has its own policies regarding storage, access, modification, deletion, and retention of communications and content which may apply to your use of any IPPBX service. Content that would otherwise be considered private to you or to a limited group of people may, in some cases, be accessible by your administrator. Please check with your employer or administrator about the policies it has in place regarding your communications.

Nature and purposes of processing

IPPBX Cloud Edition is a hosted telephony platform providing communication and collaboration services for Customer. IPPBX Cloud Edition processes the personal data of the individuals who participate in these communications.

Information we process

Through your usage of IPPBX Cloud Edition, IPPBX processes different kinds of information. Some of it is personally identifiable and some are non-identifying or aggregated. Here are the types of information we collect or receive:

• Personal Information – This includes all the information associated with your Extension. It includes names and full contact details for the individual or business that created the account. This is vital for PBX administrative purposes and basic call functions.
• Trunk – This is the telephone numbers of the trunks you created and used by the system for basic call functions.
• Call Detail Records (CDRs) – This is a record of the communication that has traversed the IPPBX. It typically includes source/destination name, source/destination number and other metrics. CDRs allow you to check call detail records.
• Call Recordings – Call recordings are disabled by default and are opt-in only. The stored information includes phone numbers of the call parties, IP address, and all the recorded conversation. The system also supports uploading custom prompt to notify both parties that the call is being recorded. What's more, call parties can stop/interrupt a recorded call to protect personal data from being stored. The recording files are encrypted and stored in the IPPBX Central Management server but can only be accessed from the PBX Management Portal or via API.
• Voicemail – This includes the called party's name, phone number, and all data left in the voicemail. This feature can be disabled if you do not want the system to store the above voicemail data. The system also supports uploading custom prompt to notify the party who left the voicemail about the personal data processing.
• Voicemail Transcription – The feature requires authentication with Google Cloud Speech-to-Text API. When integrated, Google STT will be used to transcribe a voicemail to text.
• Speed Dial – This includes the called party's phone number. You can choose not to use this feature.
• AutoCLIP – This includes the called party's phone number. You can choose not to use this feature.
• Blocked & Allowed Numbers – This includes the phone number you wish to block or allow and its name. You can choose not to use this feature.
• Conferencing – This includes the name and phone number of all participants in the conference call. You can choose not to use this feature. If Call Recording is enabled and opted-in, all recorded conversation will also be included.
• Chrome Extension – The extension can be downloaded from Chrome Web Store is used to capture phone number on the screen for quick dial out through Desktop Client or Web Client and can also performs call-related operations. This extension does not store any data and abides by Chrome Developer's User Data Privacy.
• SMTP Server – An SMTP server is required for sending out email notifications as designated by PBX administrator and other emails as needed. IPPBX or the Service Provider provide a default SMTP server. The SMTP server will not store any email data. You can disable the default server or choose to use a Custom Email Server.
• Event Notifications – When Event Notification is enabled, the PBX will notify relevant contacts via email or phone number as designated by PBX administrator.
• Call Reports – Based on call activities, agent activities (login/logout, pause/unpause), the PBX provides visual reports on the performance of your PBX system.
• System Logs – When Debug log is enabled, System Log will capture call parties name and number for debugging purpose. Debug log is disabled by default.
• Operation Logs – This includes all the operation performed in the Web Management Portal and the results.
• Troubleshooting – When Ethernet Capture Tool is started, the tool will capture call parties name and number for debugging purpose.
• Company Contacts – The feature Company Contacts includes no contacts by default. Administrator can add, edit and delete external contacts' information here, and grant privilege to extensions to view and manage the Company Contacts. Each Contact will include information like Name, Company, Email, Business Number, Fax Number, Mobile Number, Home Number, and Address.
• Company Contacts Synchronization – This feature enables synchronization of company contacts information from third-party Application (e.g., Microsoft SQL) to the PBX, ensuring that incoming calls are routed to the correct destination. The Application is solely responsible for how the acquired data is secured, operated and stored. You can choose not to enable this feature.
• Personal Contacts – The feature Personal Contacts includes no contacts by default. Extensions can add, edit, and delete external contacts' information here; the administrator and other extensions will have no access to the extensions' Personal Contacts. Each Contact will include information like Name, Company, Email, Business Number, Fax Number, Mobile Number, Home Number, and Address.
• Instant Messaging Service – Instant Messaging Service (IM Service) is disabled by default. It includes messages, graphics, documents, or any other materials submitted by using this IM Service. All information is the sole responsibility of the person from whom such Data originated. You are wholly responsible for all download, uploaded or otherwise transmitted via the IM Service. IPPBX neither store nor is responsible for the Data that you submit to the IM Service.
• Web Audio/Video Call – Based on WebRTC, the feature supports 1-to-1 audio or video call from a browser. All communication is transmitted over an encrypted connection (secure web traffic using HTTPS) and the transmitted media streams are encrypted via Datagram Transport Layer Security (DTLS) and Secure Real-time Transport Protocol (SRTP). The video communication is only visible to participants on the call, and is not recorded or stored on any server. Recording of the audio follows the Call Recordings privacy rule.
• Video Conferencing – The feature is provided through IPPBX and is hosted by Agora who are compliant with GDPR. A unique URL will be generated for all participants to join the meeting via a browser. All communication is transmitted over an encrypted connection (secure web traffic using HTTPS) and the transmitted media streams are encrypted via Datagram Transport Layer Security (DTLS) and Secure Real-time Transport Protocol (SRTP). Participants can choose whether to enable microphone and camera for the browser. Other information processed include Name (extension name for internal participant and display name generated by external participant), participant's microphone and camera information, and technical logs if the participant click Upload Log (will only contain information such as Log ID, UID, but no personal data). All communication is only visible to participants, and is not recorded or stored on any server.
• Asterisk Manager Interface (AMI) – The feature is disabled by default. With the AMI, 3rd-party Application with an authorized IP address and correct credentials will be able to access the call data, e.g. names and phone numbers. The Application is solely responsible for how the acquired data is secured, operated and stored.
• Application Programming Interface (API) – The feature is disabled by default. With the API, authorized 3rd-party Application will be able to access information in CDR, call recording files, Extension, Company Contacts, and Phonebook. The Application is solely responsible for how the acquired data is secured, operated and stored.
• Database Grant – The feature is disabled by default. With the feature enabled, 3rd-party Application with an authorized IP address and correct credentials will be able to access the CDR. The Application is solely responsible for how the acquired data is secured, operated and stored.
• CRM Integration – The feature requires authentication with the CRM. When a supported CRM (e.g. Zoho CRM, Salesforce, Hubspot, and Bitrix24) is integrated with the system, Web Client will display a known contact's number on the call pop-up window. After the call ends, the contact's phone number will be recorded in the CDR. Users can decide whether to synchronize CRM contacts to the PBX's phonebook, which will also show a contact's name in the call pop-up window and record it in the CDR.
• Helpdesk Integration – The feature requires authentication with the Helpdesk system. When a supported Helpdesk (e.g. Zendesk and Zoho Desk) is integrated with the system, Web Client will display a known contact's number on the call pop-up window. After the call ends, the contact's phone number will be recorded in the CDR. Users can decide whether to synchronize Helpdesk contacts to the PBX's phonebook, which will store user name, user email, and other customer information to the system.
• Popup URL – The feature is disabled by default. When enabled, the incoming caller's name and number will be passed to the configured 3rd party popup URL.
• AD Integration – The feature requires authentication with Active Directory. The integration is used to sync users from AD and perform identity authentication on the PBX. Information including name, email, mobile number, job title will be synchronized to the PBX.
• Microsoft 365 Integration – The feature requires authentication with Azure Active Directory. The integration is used to sync users and contacts from Microsoft 365 and perform identity authentication on the PBX. Information including users and contact's name, email, mobile number, job title will be synchronized to the PBX.
• Outlook Integration – When Outlook is integrated with Windows Desktop Client, client will be able to display a known contact's Contact page. After the call ends, the CDR , and only the number, will be recorded in the CDR on PBX and Call History on client. Users can also decide whether to record the call logs in the Notes and whether to save an unknown number as a new Outlook Contact.
• Client SDK – The feature is disabled by default. With the SDK, authorized 3rd-party Application will be able to access all information in the system. The Application is solely responsible for how the acquired data is secured, operated and stored.
• Omnichannel Messaging Integration –  This feature supports integration with WhatsApp and SMS messaging platforms and requires authentication with the platform. Pre-approved message templates created on the WhatsApp platform can be retrieved and used for message delivery. The integration supports the transmission of texts, graphics, documents, or any other materials via messaging. All information is the sole responsibility of the person from whom such data originated, including any content contained in message templates. You are wholly responsible for all content uploaded, downloaded, or otherwise transmitted via messaging. IPPBX neither stores nor assumes responsibility for any data that you submit or transmit through this feature.
• Remote Archiving – This feature requires authentication with the third-party storage server. When a supported third-party storage server (e.g. FTP, SFTP, Amazon S3, and Google Cloud Storage) is connected to the PBX, recordings and backup files stored within the PBX can be transferred and archived on the third-party storage server. By default, data will not be automatically transferred to third-party storage servers. You are wholly responsible for the security of the data archived on third-party storage servers.
• Hotel Management – This feature is disabled by default. It provides essential features for lightweight hotel management. When check-ins/outs feature is used, guests' personal information like name, gender, ID number, phone number, email, and address will be used and stored.
• Call Flow Designer – This feature is disabled by default. It allows administrators to design custom call flows via the PBX management interface, including call forwarding, destination routing, and number-based dialing. The data involved may include routing destinations, external numbers, emails, and database information (e.g. server address, port, database name, username, and password).
• AI Text-to-Speech – This feature is disabled by default. When enabled, user-input text will be sent to a third-party AI model to generate voice prompts (processed by Amazon Web Services, Inc.). The data involved includes the text content submitted for audio generation.
• AI Voicemail Transcription – This feature is disabled by default. When enabled, audio files requiring transcription will be sent to a third-party AI model for conversion into text (processed by Amazon Web Services, Inc.). The data involved includes the audio recordings of voicemail messages to be transcribed.
• AI Call Transcription & Summary – This feature is disabled by default. When enabled, audio recordings of phone calls will be sent to a third-party AI model for transcription into text (processed by Amazon Web Services, Inc.), and the transcribed text will be sent to a third-party AI model to generate a call summary (processed by Azure). The data involved includes the audio files of call content to be transcribed.
• Websocket – This feature is disabled by default and requires authentication with a 3rd-party Application. When enabled, the system transmit real-time audio streams and call data of phone calls over user-defined channels (e.g. Extensions, Trunks, DID numbers, etc.) to the authorized third-party application through a secure Websocket connection. The call data involved includes the call audio streams, call ID, channel ID, and related call type (IVR, Queue, Ring Group, Conference, etc.). The Application is solely responsible for how the acquired data is secured, operated and stored.
• Fax Integration – This feature is disabled by default. When enabled, it supports integration with third-party fax platforms and enables fax sending and receiving, fax-to-email, and customizable fax cover pages.
• **Message API **– This feature is disabled by default. When enabled, third-party messaging platforms connected through the Message API may access and process message records (including messages, images, files, or other materials exchanged), external contact phone numbers, and integrated WhatsApp templates, in accordance with their own data protection practices. The data involved includes the content of all connected conversations and account identifiers required for integration.
• Red Hat SSO Integration – This feature is disabled by default. When enabled, the integration requires authentication with Red Hat SSO and is used to sync users from Red Hat SSO and perform identity authentication on the PBX. The data involved may include users’ name, email, mobile number, job title,etc., which will be synchronized to the PBX.

How we use your information (process your data)

IPPBX uses your information for the following:

• Provide communication services – To deliver telephony and communication services, the processing of Personal Data constitutes a natural part of IPPBX Cloud Edition.
• Email messages – IPPBX may send you notification and administrative emails, such as when you forgot your password, etc.

Data Retention

• Call Recordings – Call Recordings can be deleted permanently via the Web Management Portal. 
• Call Detail Records (CDRs) – CDRs can be deleted permanently via the Web Management Portal. 
• Voicemail – Voicemails and transcribed text can be deleted permanently via the Web Management Portal.

Sharing and Disclosure

There are times when communications and related content and other user information may be shared by IPPBX. With consent, to comply with legal process, or to protect IPPBX and our users. When we have your consent or if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or IPPBX; or to detect, prevent, or otherwise address fraud, security or technical issues. If we receive a law enforcement or other third party request for information we will provide prior notice to the subject of the request where we are legally permitted to do so.

Security

IPPBX takes reasonable steps to protect the information you provide to us as part of your use of the IPPBX service from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store and the current state of technology. When you enter sensitive information (such as sign-in credentials) we encrypt the transmission of that information using secure socket layer technology (SSL) and encrypt all data at rest. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. 

Changes to this Privacy Policy

IPPBX may change this policy from time to time. If you continue to use IPPBX after those changes are in effect, you agree to the revised policy. If the changes are material, we may provide more prominent notice or seek your consent to the new policy.