Privacy Policy

Last Updated: 14/04/2026

AngelPBX Limited (“AngelPBX,” “Company,” “we,” “us,” or “our”) promises to protect the privacy and security of personal data being processed through our services.

This Privacy Policy explains how AngelPBX collects, uses, stores, processes, and protects personal information in connection with the AngelPBX communication platform and related services. This policy applies to all services provided within the AngelPBX ecosystem, including:

AngelPBX Cloud Telephony Platform
AngelDialer Automated Dialing System
AngelMeet Video Conferencing Platform
AngelGO Omnichannel Messaging System
AngelTracker Call Tracking & Analytics Platform
AngelECHO AI Voice Agent Platform

Ideally, our platform operates globally. So, we have designed our privacy policy to align with major data protection laws, including the following:

General Data Protection Regulation (GDPR) – European Union
UK Data Protection Act and UK GDPR
California Consumer Privacy Act (CCPA) / CPRA – United States
Digital Personal Data Protection Act (DPDP) – India
Personal Data (Privacy) Ordinance (PDPO) – Hong Kong

1. Purpose

The purpose of this Privacy Policy is to provide transparency regarding:

What personal data AngelPBX collects
How personal data is used and processed
The legal bases for processing personal data
How personal data is stored and protected
Rights available to individuals regarding their personal data
How organizations using AngelPBX must comply with privacy laws

Note: AngelPBX recognizes that protecting personal information is essential to maintaining trust with customers and end users.

2. Role Of Angelpbx

AngelPBX generally acts as a ‘Data Processor’ when providing services to business customers. This clearly means

Customers determine the purposes and means of processing personal data.
AngelPBX processes data on behalf of customers in accordance with contractual agreements.

In certain circumstances, AngelPBX may act as a ‘Data Controller’, such as when processing personal data for:

Account Administration
Billing
Security Monitoring
Legal Compliance

A Data Processing Addendum (DPA) governs the processor-controller relationship with enterprise customers.

3. TYPE OF PERSONAL DATA COLLECTED

AngelPBX may process various categories of personal data depending on how the platform is used.

ACCOUNT & CUSTOMER INFORMATION	Information collected when organizations create accounts or subscribe to services may include the following: Name Business Email Address Phone Number Organization Details Billing Information Login Credentials Account Configuration Data
COMMUNICATION DATA	AngelPBX processes communications transmitted through the platform, including: Call Metadata Call Recordings (where enabled) SMS or Messaging Content Meeting Recordings Chat Transcripts Voicemail Recordings Customers control whether these communications are recorded or stored.
TECHNICAL & USAGE INFORMATION	AngelPBX collects certain technical data to operate and improve the platform. This may include: IP Addresses Device Information Browser Type Session Data API Usage Logs Platform Activity Logs System Diagnostics
AI INTERACTION DATA	When AI services such as AngelECHO voice agents are used, the system may process the following: Conversational Inputs Speech-to-Text Outputs AI-Generated Responses Conversation Metadata Note: AI processing may involve temporary storage of interaction data for service delivery and model improvement.

4. PURPOSES OF DATA PROCESSING

AngelPBX tends to process personal data for legitimate business purposes, as shown below:

SERVICE DELIVERY	Enable Telecommunications Functionality Route Communications Support AI Voice Agents Facilitate Meetings and Messaging
PLATFORM SECURITY	Monitor Suspicious Activity Prevent Fraud Protect Infrastructure Integrity
CUSTOMER SUPPORT	Resolve Technical Issues Respond to Service Requests Troubleshoot System Errors
BILLING & ACCOUNT MANAGEMENT	Subscription Management Invoice Payment Processes
PRODUCT IMPROVEMENT	Improve System Reliability Enhance AI Models Optimize Service Performance

Note: However, the platform does not sell personal data to third parties.

5. LEGAL BASIS FOR PROCESSING

Depending on jurisdiction, AngelPBX relies on several lawful bases for processing personal data. These may include:

CONTRACTUAL NECESSITY	Processing is required to provide services under a contract with customers.
LEGITIMATE INTERESTS	Processing is required to: Secure Systems Prevent Fraud Improve Services
LEGAL OBLIGATIONS	Processing is needed to comply with regulatory or legal requirements.
CONSENT	In certain situations, customers must obtain consent from individuals before processing personal data. This may include consent for: Call Recording Marketing Communications Automated Outreach Campaigns

6. TELECOMMUNICATION & CALL RECORDING PRIVACY

AngelPBX provides tools that allow customers to record communications. While the customers are responsible for ensuring compliance with applicable recording laws. Ideally, different jurisdictions may require:

One-party consent
Two-party consent
Mandatory recording disclosures

Note: AngelPBX recommends that customers provide appropriate notifications before recording calls.

7. AI & AUTOMATED PROCESSING

Certain AngelPBX services utilize Artificial Intelligence Technologies. So, AI processing may involve:

Note:

Speech Recognition
Natural Language Processing
Automated Conversation Handling
Analytics & Summarization
AI-generated outputs may not always be accurate and should be reviewed by human operators where necessary.
Customers using AI systems may be required to disclose automated interactions depending on applicable regulations.

8. DATA RETENTION

AngelPBX retains personal data only for as long as necessary to fulfill the purposes described in this policy. Retention periods may depend on the following:

Contractual Obligations
Regulatory Requirements
Operational Needs

Examples include:

Call Logs retained for Operational Analytics
Recordings retained according to Customer Settings
System Logs retained for Security Monitoring

Note: Customers may configure certain retention settings within the platform.

9. DATA SHARING & DISCLOSURE

AngelPBX may share personal data with trusted third parties where necessary to provide services. These may include:

Infrastructure Providers: Cloud hosting providers that support system operations.
Telecommunications Carriers: Licensed telecom providers that enable voice connectivity.
Technology Vendors: Providers supporting:
- AI Infrastructure
- Analytics Tools
- Customer Support Systems

Note: All such providers are subject to contractual data protection obligations. Therefore, AngelPBX maintains a Sub-Processor Disclosure List.

10. INTERNATIONAL DATA TRANSFERS

Because AngelPBX operates globally, personal data may be transferred across jurisdictions. Where required by law, AngelPBX implements safeguards as detailed below:

Standard Contractual Clauses (SCCs)
Data Transfer Agreements
Adequate Jurisdiction Protections

These safeguards are designed to protect personal data when transferred internationally.

11. DATA SECURITY

AngelPBX implements administrative, technical, and organizational safeguards to protect personal data. These security measures may include:

Encryption in Transit and at Rest
Role-Based Access Controls
Security Monitoring Systems
Vulnerability Testing
Incident Response Procedures

Despite these protections, no system can guarantee absolute security.

12. DATA SUBJECT RIGHTS

Individuals may have certain rights under applicable Privacy Laws. Based on jurisdiction, these rights may include:

The Right to Access Personal Data
The Right to Correct Inaccurate Data
The Right to Request Deletion of Personal Data
The Right to Restrict Processing
The Right to Object to Certain Processing
The Right to Data Portability

Therefore, the requests may be submitted to the contact information given below.

13. CHILDREN’S PRIVACY

AngelPBX services are intended for business use and are not directed toward children.
AngelPBX does not knowingly collect personal data from individuals under the age of 18.

14. COOKIES & TRACKING TECHNOLOGIES

AngelPBX websites and web applications may use cookies or similar technologies to:

Maintain Sessions
Analyze Website Usage
Improve Platform Functionality

Users may adjust browser settings to control cookie usage.

15. THIRD-PARTY INTEGRATIONS

Customers may integrate third-party applications with AngelPBX. Some of these integrations may include:

Maintain Sessions
Analyze Website Usage
Improve Platform Functionality

Note: AngelPBX is not responsible for the privacy practices of these third-party services. Hence, customers need to review the privacy policies of these third parties before enabling integrations.

16. DATA BREACH NOTIFICATION

During certain events of a data security incident involving personal data, AngelPBX will follow these measures:

Investigate the Incident Promptly
Take Appropriate Mitigation Measures
Notify affected Customers where required by Law

However, customers may have additional notification obligations to regulators or affected individuals.

17. POLICY UPDATES

AngelPBX reserves the right to update this Privacy Policy from time to time to reflect:

Regulatory Changes
Product Updates
Evolving Privacy Policies

Updated versions will be published on the AngelPBX website or platform.

Contact Information

For questions related to the Privacy Policy or to exercise privacy rights, get in touch with us at:

Email: privacy@angelpbx.ai or legal@angelpbx.ai
Address: 2301, Bayfield Building, 99 Hennessy Road, Wan Chai, Hong Kong