ConnexCS Data Privacy Policy


ConnexCS Ltd. (“ConnexCS”, “we”, “our”, or “us”) is a global provider of cloud-based voice platforms serving carriers, telecom operators, and enterprises. We are committed to safeguarding personal and telecommunications data in accordance with global data protection laws and telecom compliance standards.

Scope

This policy applies to all personal data processed by ConnexCS through our:

  • Website (https://connexcs.com)
  • Telecom services (e.g., SIP termination, routing, fraud protection)
  • Customer portals, APIs, support systems
  • Communication channels (email, phone, support chat)
  • Telecommunications data refers to information such as CDRs and IPDRs which may include personal data when associated with identifiable users or accounts.

Types of Data We Collect

Personal Data

  • Full name, email address, phone number
  • Company name, role, and billing details
  • KYC documentation (where required by law)

Telecom and Technical Data

  • Call Detail Records (CDRs)
  • IP Detail Records (IPDRs)
  • SIP logs and signaling data
  • Source/Destination IPs, codec info, latency, packet loss
  • Account credentials, access logs, and trace data

Cookies and Web Behavior

  • IP address, browser type, device ID
  • Pages visited, duration, session identifiers

We process data under the following legal bases, per jurisdiction:

a. GDPR (EU/EEA)

  • Article 6(1)(b): Performance of a contract
  • Article 6(1)(c): Legal obligation (e.g., telecom recordkeeping)
  • Article 6(1)(f): Legitimate interest (e.g., fraud prevention)
  • Article 6(1)(a): Consent (e.g., marketing cookies)

ConnexCS acts as the data controller for data collected through its website and customer portal, and as a data processor for data handled on behalf of telecom customers.

ConnexCS only stores functional and analytical Cookies. They are as follows:

  1. Google Analytics Cookies - these are meant for general Web Traffic Analytics. No PII is contained within these cookies. ConnexCS does not advertise online to make use of cookies for targeting and retargeting campaigns.
  2. Crisp Chat - We use Crisp chat for customer engagement and technical support. Potential leads can approach our team directly via the website chat or customers who seek tech support can do so through the same channel. PII such as name, email and location are only stored when the customer/leads provides us with it in the chat. For existing customers, we store these cookies as part of our performance of contract GDPR Article 6(1)(b).

b. CCPA (California, USA)

We do not sell personal data. We process data for "business purposes" as defined under CCPA, including:

  • Service provision
  • Security and fraud detection
  • Compliance with telecom laws

c. PDPA (Singapore, Malaysia, etc.)

Data is collected and used with either:

  • Express consent
  • Contractual necessity
  • Legal compliance (e.g., Telecommunications Act)

How We Use Data

  • Provision and improvement of voice and telecom services
  • Account setup, authentication, and billing
  • Routing, SIP session management, QoS optimization
  • Spam, fraud, and denial-of-service (DoS) detection
  • Responding to legal requests or court orders
  • Regulatory compliance (e.g., record retention, LEA (Law Enforcement Agencies) requests)
  • Analytics, reporting, and business intelligence

Data Disclosure

We may disclose data to:

a. Telecom Interconnect Partners: For lawful call routing and compliance with bilateral agreements

b. Regulatory and Law Enforcement Authorities

  • Upon lawful request (e.g., subpoenas, telecom regulator orders)
  • For lawful intercept operations, in compliance with national telecom laws (e.g., Indian Telegraph Act, US CALEA, EU ePrivacy)

c. Third-party Processors

  • Hosting (e.g., AWS), analytics, anti-fraud tools
  • All processors are bound by Data Processing Agreements (DPAs)

IPDR and CDR Handling

ConnexCS collects and stores:

  • Call Detail Records (CDRs): Caller/callee, timestamps, duration, codecs
  • IP Detail Records (IPDRs): Source/destination IPs, protocol, bandwidth

Retention periods are governed by applicable national regulations (typically 2–5 years). We maintain secure audit trails and encryption at rest.

International Data Transfers

Data may be transferred outside your country (e.g., India ↔ EU/US). We ensure protection via:

  • Standard Contractual Clauses (SCCs) under GDPR
  • Binding Corporate Rules (BCRs)
  • Adequacy decisions (e.g., UK, Singapore)

Data Retention

Data TypeRetention PeriodLegal Basis
CDR / IPDR2–5 years (varies by country)Telecom Law / Regulator Mandate
Account Logs1–2 yearsSecurity / Auditing
Billing Records7 yearsTax Compliance
Support Tickets1–3 yearsLegitimate Interest

When no longer needed, data is securely purged or anonymized.

Your Rights

Depending on your region, you may:

RightGDPRCCPAPDPA
Access✔️✔️✔️
Rectification✔️✔️
Erasure✔️✔️
Data Portability✔️✔️
Restrict/Limit Processing✔️✔️
Object to Processing✔️✔️
Opt-out of sale/sharing✔️

To exercise your rights, email: [email protected]

Security Measures

ConnexCS implements:

  • TLS encryption for in-transit data
  • AES encryption for stored data
  • Role-based access controls (RBAC)
  • Periodic vulnerability scans and pen tests

Cookies and Web Analytics

We use cookies for:

  • Session management
  • Google Analytics
  • Marketing (with consent)

You can adjust cookie settings via our website’s cookie banner or your browser.

Children’s Data

ConnexCS services are not directed to individuals under 18. We do not knowingly process children's data.

If we learn that we have, we will delete the data promptly.

Changes to Policy

We may revise this Privacy Policy from time to time.

Updates will be posted on this page with the effective date.

Contact Information

ConnexCS Ltd.

https://connexcs.com

📧 [email protected]

📍 Registered Office: 7 Napoleon Drive, Redwood Park, Shrewsbury, Shropshire, SY3 5PH

📞 UK: +44 (0) 203 475 2074

📞 US: +1 408 444 6570