Privacy Policy | WorldDialer

Introduction and Overview
Information We Collect
How We Use Your Information
How We Share Your Information
Cookies and Tracking Technologies
International Data Transfers
Data Retention
Your Privacy Rights
Security Measures
Children’s Privacy
Third-Party Links and Services
Changes to This Privacy Policy
Contact Us
Jurisdiction-Specific Disclosures and Rights

1. Introduction and Overview

WorldDialer (“Service,” “we,” “us,” “our,” or “Company”) is committed to protecting the privacy and security of our users (“you,” “your,” or “User”). We understand that privacy is important to you, and we take this responsibility seriously.

This Privacy Policy (“Policy”) explains how Polyiota LLC, a Delaware limited liability company, operating as WorldDialer, collects, uses, discloses, processes, and otherwise handles personal information and other data in connection with your use of our website (www.worlddialer.com) and the services we provide, including our VoIP calling platform and related services (collectively, the “Service”).

WorldDialer is a B2C SaaS platform that provides Voice over Internet Protocol (VoIP) calling services on a pay-per-use basis with optional subscription plans for private numbers. Our service allows users worldwide (18 years of age and older) to make calls using internet connectivity.

This Privacy Policy applies to all users of WorldDialer’s services and website. By accessing or using WorldDialer, you agree to the terms of this Privacy Policy. If you do not agree with our practices, please do not use our services. If you have questions about this Policy or our privacy practices, please see the “Contact Us” section below.

IMPORTANT: WorldDialer does not collect or store audio recordings of calls. We do not engage in location tracking beyond IP-based geolocation for service optimization purposes. This Policy should be read in conjunction with our Terms of Service and, where applicable, our Cookie Policy.

2. Information We Collect

We collect personal information from you in various ways, including when you voluntarily provide it, when it is collected automatically through your use of our Service, and from third-party sources. The categories of information we collect are described below.

2.1 Account Information

When you create a WorldDialer account or update your profile, we collect the following information:

Full name or display name
Email address
Phone number(s)
Account credentials (username and encrypted password)
Account preferences and settings
Country of residence and timezone information
Date of birth (to verify you are 18 years of age or older)
Account verification documentation (when required for compliance)

2.2 Payment Information

We collect payment information necessary to process your purchases and subscriptions. Specifically:

Payment method information (credit card, debit card, or other payment instruments)
Billing name and address
Billing email address
Transaction history and payment records

IMPORTANT: We do not directly store full credit card numbers or sensitive payment authentication data. Payment processing is handled by our third-party payment processor, Stripe, in compliance with PCI DSS standards. We receive only tokenized payment information and transaction confirmations from Stripe.

2.3 Call and Usage Data

As part of providing our VoIP services, we collect data related to your use of WorldDialer:

Phone numbers you dial or attempt to dial
Date, time, and duration of calls
Call connection status (completed, failed, busy, no answer, etc.)
Quality metrics (packet loss, jitter, latency)
Features used within the Service
Account activity logs and usage patterns

IMPORTANT: We do NOT collect, record, or store audio content of calls. Call data is limited to metadata as described above.

2.4 Device and Technical Information

When you access WorldDialer, we automatically collect certain technical information:

Device type and operating system version
Browser type and version
IP address and geolocation data derived from IP
Unique device identifiers
Internet service provider (ISP) information
Mobile device information (if applicable)
Pages and features accessed within WorldDialer
Links clicked and time spent on pages
Referral sources and exit pages
Error messages and crash reports

2.5 Usage and Analytics Data

We use analytics services to understand how users interact with our Service:

Google Analytics tracking data (as described in Section 5)
Feature adoption and usage frequency
Customer support interactions and ticket history
Communication preferences and opt-in/opt-out status
Aggregate and anonymized usage statistics

2.6 Information from Third Parties

In certain circumstances, we may receive information about you from third parties:

Stripe and payment processors (transaction confirmations)
Twilio (our VoIP service provider; technical routing information only)
Email providers and communication platforms (if you contact us)
Third-party authenticators (for identity verification)

We also may collect publicly available information from public sources for fraud prevention and compliance purposes.

3. How We Use Your Information

We process your personal information for legitimate business purposes and in accordance with applicable data protection laws. Below are the specific purposes for which we use your information, along with the legal basis under GDPR (where applicable).

3.1 Providing and Improving Our Service

To deliver VoIP calling functionality and related features
- GDPR Legal Basis: Performance of Contract
To process, route, and establish calls through Twilio infrastructure
- GDPR Legal Basis: Performance of Contract; Legitimate Interest
To troubleshoot technical issues and optimize service performance
- GDPR Legal Basis: Legitimate Interest
To develop new features, products, and services
- GDPR Legal Basis: Legitimate Interest
To maintain and improve system reliability, security, and stability
- GDPR Legal Basis: Legitimate Interest

3.2 Account Management and Support

To create and maintain your account
- GDPR Legal Basis: Performance of Contract
To send service-related notices and updates
- GDPR Legal Basis: Performance of Contract; Legal Obligation
To provide customer support and respond to inquiries
- GDPR Legal Basis: Performance of Contract; Legitimate Interest
To manage and process requests to access, modify, or delete information
- GDPR Legal Basis: Legal Obligation

3.3 Payment Processing

To process payments and billing
- GDPR Legal Basis: Performance of Contract
To manage subscriptions and service credits
- GDPR Legal Basis: Performance of Contract
To detect and prevent fraud and unauthorized transactions
- GDPR Legal Basis: Legitimate Interest; Legal Obligation
To reconcile accounts and handle billing disputes
- GDPR Legal Basis: Legitimate Interest

3.4 Security and Fraud Prevention

To detect, investigate, and prevent fraudulent activity, abuse, and unauthorized use
- GDPR Legal Basis: Legitimate Interest; Legal Obligation
To verify user identity and prevent account takeover
- GDPR Legal Basis: Legitimate Interest
To enforce our Terms of Service and other agreements
- GDPR Legal Basis: Legitimate Interest
To protect against malicious or illegal activity
- GDPR Legal Basis: Legitimate Interest

3.5 Legal Compliance

To comply with applicable laws, regulations, and legal process
- GDPR Legal Basis: Legal Obligation
To respond to lawful requests from government agencies and law enforcement
- GDPR Legal Basis: Legal Obligation
To comply with TCPA and telecommunications regulations
- GDPR Legal Basis: Legal Obligation
To maintain records required by law
- GDPR Legal Basis: Legal Obligation

3.6 Analytics and Business Intelligence

To analyze user behavior and service usage patterns
- GDPR Legal Basis: Legitimate Interest
To measure service performance and reliability
- GDPR Legal Basis: Legitimate Interest
To understand market trends and user preferences
- GDPR Legal Basis: Legitimate Interest
To generate aggregate statistical reports
- GDPR Legal Basis: Legitimate Interest

3.7 Marketing and Communications

To send promotional materials and marketing communications (only with your consent or as permitted by law)
- GDPR Legal Basis: Consent; Legitimate Interest (where applicable)
To notify you of service updates, new features, and product announcements
- GDPR Legal Basis: Legitimate Interest; Performance of Contract
To conduct surveys and request feedback
- GDPR Legal Basis: Legitimate Interest; Consent

3.8 Quality Assurance and Call Monitoring

For quality assurance and compliance purposes, we may:

Monitor call metadata for pattern analysis
- GDPR Legal Basis: Legitimate Interest; Legal Obligation
Review usage logs to ensure compliance with our Terms of Service
- GDPR Legal Basis: Legitimate Interest

This does not include monitoring or recording audio content of calls.

We are committed to maintaining the privacy of your information. We do not sell, rent, or lease your personal information to third parties. We share your information only as described in this section, with trusted service providers bound by confidentiality obligations, and as required by law.

4.1 Service Providers and Processors

We share personal information with third-party service providers who assist us in operating our Service. These providers are contractually bound to use your information only as necessary to provide services to us and have committed to maintaining confidentiality and security:

Stripe (stripe.com) - Payment processing and billing management. Stripe processes payment card information in compliance with PCI DSS standards. We share transaction data, billing address, and payment method information.
Twilio (twilio.com) - VoIP telecommunications and call routing services. We share phone numbers to be called/dialed, call metadata, and minimal technical routing information necessary to establish and maintain calls. Twilio does not record audio.
Google Analytics - Website analytics and user behavior analysis. Data is processed according to Google’s privacy policy and terms. We disable features that allow Google to link analytics data across different domains.

For all service providers, we execute Data Processing Agreements (DPAs) or equivalent data protection provisions that:

Restrict use of data to the purpose of providing services
Require compliance with applicable data protection laws
Establish security and confidentiality obligations
Include audit and inspection rights
Address data subject rights and international transfers

4.2 Legally Required Disclosures

We may disclose your information when required or permitted by law, including:

In response to subpoenas, court orders, and legal process
To comply with governmental, regulatory, and law enforcement requests
To establish, protect, or enforce our legal rights
To protect the safety and security of our users and the public
To prevent or investigate illegal activity, fraud, or terms of service violations
As required by TCPA regulations and telecommunications laws

We will, to the extent permitted by law, notify you of legally compelled disclosures unless prohibited from doing so.

4.3 Business Transfers

If WorldDialer is involved in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

4.4 Aggregate and Anonymized Information

We may share aggregate, de-identified, or anonymized information that cannot reasonably be used to identify you. This information may be shared with partners, advertisers, and the public without restriction. Such sharing includes:

Aggregate usage statistics and trends
Anonymized market research data
De-identified performance metrics

We may share your information for purposes not described in this Privacy Policy when you provide explicit consent to such sharing.

5. Cookies and Tracking Technologies

WorldDialer uses cookies, web beacons, pixels, and similar tracking technologies to enhance your experience, remember your preferences, and analyze how you interact with our Service.

5.1 Types of Cookies We Use

Essential Cookies: Required for the Service to function (login, account management, security)
Performance Cookies: Collect anonymous usage data to improve Service performance
Analytics Cookies: Track behavior to understand how users interact with our Service (Google Analytics)
Preference Cookies: Remember your settings and preferences

5.2 Google Analytics

We use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies and similar technologies to collect and analyze information about your use of our Service. Information collected includes:

IP address
Type of browser and operating system
Referring page
Pages visited
Time spent on pages

Google Analytics data is governed by Google’s privacy policy (policies.google.com/privacy). You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on or adjusting your cookie settings.

You can control cookies through your browser settings. Most browsers allow you to:

Accept or reject cookies
Be notified when cookies are set
Automatically delete cookies
Set restrictions on third-party cookies

Please note that disabling essential cookies may impair Service functionality. For detailed information about cookies and your options, please consult our Cookie Policy.

6. International Data Transfers

WorldDialer operates from the United States and maintains primary data infrastructure in US-based cloud facilities. If you are located outside the United States, your personal information will be transferred to, stored in, and processed in the United States. By using WorldDialer, you consent to such transfers.

6.1 Legal Framework for Transfers

We implement the following mechanisms to ensure lawful international data transfers:

Standard Contractual Clauses (SCCs)

For transfers to countries without an adequacy decision, we rely on Standard Contractual Clauses (also known as Model Clauses) approved by the European Commission. These clauses impose contractual obligations ensuring adequate protection of personal data.

GDPR Adequacy Decisions

For transfers to countries with GDPR adequacy decisions (such as Canada under certain conditions), data transfers are permitted without additional safeguards.

UK Data Transfer Agreements

For UK data transfers, we implement International Data Transfer Agreements (IDTAs) and appropriate supplementary measures in compliance with UK data protection law.

6.2 US Data Infrastructure

Our primary data hosting and processing infrastructure is located in the United States and subject to US law. This means:

Personal data will be subject to US data protection laws and regulations
US law enforcement and government agencies may access data pursuant to valid legal process
Data may be subject to US national security laws and surveillance legislation
We comply with US legal obligations including FISA, EO 12333, and related laws

We implement technical and organizational measures to protect data confidentiality and security (see Section 9).

6.3 Schrems II and Enhanced Safeguards

Following the CJEU Schrems II decision, we have implemented supplementary measures to protect EU data subjects’ rights, including:

Contractual clauses addressing US law enforcement access
Technical encryption measures for data at rest and in transit
Transparency mechanisms regarding data access and security
Regular audits and security assessments

6.4 Your Rights Regarding Transfers

If you are an EU/UK data subject, you have the right to:

Request information about transfers and safeguards
Object to transfers based on adequacy concerns
Seek remedies if transfers are unlawful

Contact our Data Protection Officer (see Section 13) to exercise these rights.

7. Data Retention

We retain personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy and as required by applicable law. Retention periods vary depending on the type of data and the purpose of processing.

7.1 Retention by Data Category

Account Information

Retained while your account is active and for 90 days after account deletion
Retained longer if required by tax, accounting, or legal obligations

Payment Information

Payment transaction records retained for 7 years (required by tax regulations)
Tokenized payment information retained while account is active
Credit card details not retained beyond transaction processing

Call Metadata

Call logs and metadata retained for 24 months
Shorter retention periods may apply for inactive accounts
Extended retention may be required by legal process or regulatory requirements

Usage and Analytics Data

Google Analytics data retained according to Google’s retention settings (typically 26 months)
Aggregate usage statistics may be retained indefinitely in anonymized form

Device and Technical Information

Technical logs retained for 90 days
IP address data retained for 90 days
Security-related logs may be retained longer for investigation purposes

Customer Support Data

Support tickets and communication records retained for 2 years
Longer retention if related to disputes or investigations

7.2 Data Deletion Process

Upon account deletion or expiration of the retention period:

Personal information is securely deleted or anonymized
Data is removed from active databases and backup systems
Deletion is completed within 30 days of request (unless legal holds apply)

Some data may be retained in legal holds if required by law or pending litigation.

7.3 Archival and Backup Data

Personal information retained in backup systems will be deleted in accordance with backup lifecycle policies, typically within 180 days of deletion from active systems.

8. Your Privacy Rights

Depending on your jurisdiction, you may have specific rights regarding your personal information. This section describes your rights and how to exercise them.

If you are a resident of the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation:

Right to Access

You have the right to request a copy of your personal information that we hold
We will provide this information in a structured, commonly used, machine-readable format upon request

Right to Rectification

You have the right to request correction of inaccurate or incomplete information
We will update your information promptly upon request

Right to Erasure (“Right to be Forgotten”)

You may request deletion of your personal information in certain circumstances
We will delete information when there is no lawful basis for retention
We may retain information if required by law or for legitimate purposes

Right to Restrict Processing

You may request that we limit our processing of your information
We will maintain the data but limit its use during the restriction period

Right to Data Portability

You have the right to request your personal data in a portable, machine-readable format
We will provide this data within 30 days

Right to Object

You may object to processing for legitimate interest or direct marketing purposes
We will cease processing upon valid objection unless we have compelling reasons to continue

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing
You may request human review of automated decisions affecting you

Data Protection Officer

WorldDialer has appointed a Data Protection Officer (DPO) to oversee GDPR compliance. You may contact our DPO at: dpo@worlddialer.com

8.2 Rights Under CCPA/CPRA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with the following rights:

Right to Know

You have the right to request what personal information we collect, use, and share
You may request information about our data practices for the preceding 12 months

Right to Delete

You may request deletion of personal information we have collected from you
We will delete information within 45 days of verifying your request
Exceptions apply for legal obligations and fraud prevention

Right to Opt-Out of Sale/Sharing

You have the right to opt out of the “sale” or “sharing” of personal information
WorldDialer does not sell personal information for monetary consideration
We do not share personal information for cross-context behavioral advertising

Right to Correct

You may request correction of inaccurate personal information
We will update your information within 45 days

Right to Limit Use

You may limit our use of sensitive personal information to necessary purposes
We will honor limitations on sensitive personal information use

Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA/CPRA rights
We will not deny, charge differently for, or lower service quality for exercising rights

UK residents have rights under UK GDPR substantially similar to those described under Section 8.1 (GDPR). The UK Information Commissioner’s Office (ICO) is the primary supervisory authority.

8.4 Rights Under LGPD (Brazil)

Brazilian residents have the following rights under the Lei Geral de Protecao de Dados (LGPD):

Right to confirmation of processing
Right to access personal data
Right to correct incomplete, inaccurate, or outdated data
Right to anonymization, blocking, or deletion of unnecessary data
Right to object to processing
Right to data portability
Right to information about sharing practices

Contact support@worlddialer.com to exercise LGPD rights.

8.5 Rights Under PIPEDA (Canada)

Canadian residents have the following rights under the Personal Information Protection and Electronic Documents Act (PIPEDA):

Right to access your personal information
Right to correct inaccurate information
Right to request deletion
Right to be informed of collection and use
Right to lodge complaints with Privacy Commissioner of Canada

8.6 Rights Under POPIA (South Africa)

South African residents have the following rights under the Protection of Personal Information Act (POPIA):

Right to be notified of processing
Right to access personal information
Right to request correction or deletion
Right to object to processing
Right to lodge complaints with Information Regulator

8.7 Rights Under PDPA (Singapore)

Singapore residents have the following rights under the Personal Data Protection Act (PDPA):

Right to access personal data
Right to correct personal data
Right to be notified of collection and use
Right to withdraw consent
Right to lodge complaints with PDPC

8.8 Rights Under Australian Privacy Act

Australian residents have the following rights:

Right to access your personal information
Right to request correction or amendment
Right to complain to the Office of the Australian Information Commissioner
Right to request anonymization of data

8.9 Rights Under PIPL (China)

WorldDialer does not process personal information of China residents on the mainland. Chinese data subjects are not provided with services, and we maintain data localization compliance by not transferring Chinese resident data outside mainland China. If you are a PRC resident, you should not use WorldDialer.

8.10 Rights Under US State Privacy Laws

WorldDialer complies with all applicable US state privacy laws:

Virginia Consumer Data Protection Act (VCDPA)

Right to know what personal data is collected and how it is used
Right to delete personal data
Right to correct inaccurate data
Right to opt-out of targeted advertising and sale of data
Right to data portability

Colorado Consumer Privacy Act (CPA)

Substantially similar rights to VCDPA

Connecticut Data Privacy Act (CTDPA)

Right to know, delete, correct, and port your data
Right to opt-out of targeted advertising and sale

Utah Consumer Privacy Act (UCPA)

Right to know, delete, correct, and port your data
Right to opt-out of sale and targeted advertising

Texas Data Privacy and Security Act (TDPSA)

Right to know, delete, correct, and port your data
Right to opt-out of sale and processing for advertising

Oregon Consumer Information Protection Act

Montana Consumer Data Privacy Act

Expanding state privacy regimes with rights similar to VCDPA

To exercise your state-specific rights, contact: privacy@worlddialer.com

8.11 How to Exercise Your Rights

To exercise any of the rights described in this section:

Submit a written request to privacy@worlddialer.com
Include sufficient information to identify yourself
Specify which right(s) you are exercising
Provide proof of residency if required by applicable law

We will respond to your request within the timeframe required by applicable law (typically 30-45 days). We may request additional information to verify your identity. We will not charge a fee unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request.

8.12 Authorized Agents

You may designate an authorized agent to submit requests on your behalf. The agent must provide:

Written authorization signed by you
Your identity verification
Proof of the agent’s legal authority

WorldDialer retains the right to verify your identity directly before processing.

9. Security Measures

WorldDialer implements comprehensive technical and organizational security measures designed to protect your personal information against unauthorized access, disclosure, alteration, and destruction. However, no security system is impenetrable, and we cannot guarantee absolute security.

9.1 Technical Security Measures

End-to-end encryption for data in transit (TLS/SSL protocols)
Encryption of sensitive data at rest using AES-256 or equivalent
Secure password hashing using industry-standard algorithms (bcrypt, PBKDF2, or scrypt)
Multi-factor authentication (MFA) for account access
Regular security patching and vulnerability management
Web application firewalls and DDoS protection
Intrusion detection and prevention systems
Secure API design with rate limiting and request validation
SQL injection and cross-site scripting (XSS) protection
Content Security Policy (CSP) headers

9.2 Organizational Security Measures

Restricted access to personal data (principle of least privilege)
Background checks for employees with data access
Confidentiality agreements and non-disclosure obligations for all personnel
Regular security awareness and training programs
Incident response procedures and breach protocols
Third-party security audits and penetration testing
Vendor security assessments and contract requirements
Data protection impact assessments (DPIA) for high-risk processing
Security monitoring and logging

9.3 Limitations on Security

While we implement strong security measures, please be aware that:

No system is 100% secure or impenetrable
You are responsible for maintaining confidentiality of your login credentials
Unauthorized access may occur despite security measures
Third-party services may have different security standards
Transmission over the internet carries inherent risks

9.4 Reporting Security Issues

If you discover a security vulnerability, please report it responsibly to security@worlddialer.com. Do not publicly disclose the vulnerability until we have had an opportunity to address it. We will acknowledge receipt within 48 hours and provide updates on remediation.

10. Children’s Privacy

WorldDialer is not intended for and does not knowingly collect personal information from children under the age of 18. By using WorldDialer, you represent and warrant that you are at least 18 years old.

10.1 Age Restriction

Our Terms of Service require all users to be at least 18 years of age. We do not provide services to individuals under 18. If you are under 18, you are not permitted to use WorldDialer.

10.2 COPPA Compliance

WorldDialer complies with the Children’s Online Privacy Protection Act (COPPA), though COPPA does not apply to our service because:

We do not knowingly collect information from children under 13
We enforce a 18+ age restriction through our Terms of Service
We do not target marketing toward children
We do not allow account creation by minors

10.3 Parental Controls

If you believe a child has created an account or provided information to WorldDialer despite our age restrictions, please contact us immediately at support@worlddialer.com. We will delete the information and suspend any associated accounts.

10.4 Contact for Child Privacy Concerns

If you have concerns about a child’s privacy or believe we have unknowingly collected information from a child, please contact:

Email: support@worlddialer.com
Phone: Available through our website

11. Third-Party Links and Services

WorldDialer may contain links to third-party websites, applications, and services that are not operated by us. This Privacy Policy applies only to information collected by WorldDialer. We are not responsible for the privacy practices of third-party sites or services.

11.1 Third-Party Links

When you click on links to third-party websites:

You leave the WorldDialer platform
Third-party privacy policies apply, not our Privacy Policy
We are not responsible for third-party data collection or practices
We recommend reviewing third-party privacy policies

11.2 Third-Party Service Integrations

If you connect your WorldDialer account to third-party services or platforms:

You authorize information sharing as specified in integration settings
Third parties may collect additional information directly from you
Third-party privacy policies govern third-party data use
We are not responsible for third-party data practices

If you reference WorldDialer on social media or other public platforms:

Information posted is subject to those platforms’ privacy policies
Your social media information may be publicly visible
We are not responsible for social media privacy practices

11.4 No Endorsement

Our inclusion of third-party links does not constitute endorsement, approval, or recommendation of third-party services or their privacy practices.

12. Changes to This Privacy Policy

WorldDialer may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes in the following ways:

12.1 Notification Methods

We will post the updated Privacy Policy on our website with a new “Last Updated” date
For material changes, we will provide prominent notice on our website
For material changes affecting EU residents, we will seek renewed consent if required by GDPR
We may send email notification of material changes

12.2 Effective Date of Changes

Non-material changes take effect upon posting
Material changes typically take effect 30 days after notice
Continued use of WorldDialer after changes indicates your acceptance

12.3 Your Options

If you do not agree with updated terms:

You may discontinue use of WorldDialer
You may request deletion of your account and data
Your previous data may be retained as required by law

This Privacy Policy was last updated on February 6, 2026. Previous versions are available upon request.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Primary Contact

WorldDialer Polyiota LLC Email: privacy@worlddialer.com Email (Support): support@worlddialer.com Website: www.worlddialer.com

Data Protection Officer (GDPR/UK GDPR)

Email: dpo@worlddialer.com

Our Data Protection Officer is responsible for monitoring our GDPR and UK GDPR compliance and can be contacted regarding all data protection matters.

Regulatory Authorities

If you believe WorldDialer has violated your privacy rights, you also have the right to lodge a complaint with the relevant supervisory authority or data protection authority in your jurisdiction:

EU/EEA: Your national data protection authority
United Kingdom: Information Commissioner’s Office (ICO)
Brazil: Autoridade Nacional de Protecao de Dados (ANPD)
Canada: Privacy Commissioner of Canada
South Africa: Information Regulator
Singapore: Personal Data Protection Commission (PDPC)
Australia: Office of the Australian Information Commissioner (OAIC)
California: Attorney General’s Office

Response Time

We will respond to privacy inquiries within 30 days. For formal requests, responses will be provided within timeframes required by applicable law (typically 30-45 days).

14. Jurisdiction-Specific Disclosures and Rights

This section provides jurisdiction-specific information and additional disclosures required by applicable laws.

Controller Information

WorldDialer is the data controller for personal information collected and processed through our services. Our data controller contact information:

Entity: Polyiota LLC
State of Incorporation: Delaware
Contact: dpo@worlddialer.com

Lawful Basis for Processing

We process personal information based on the following lawful bases under GDPR Article 6:

Consent: For marketing communications and certain analytics (Article 6(1)(a))
Contract Performance: To provide services and manage accounts (Article 6(1)(b))
Legal Obligation: To comply with applicable laws and regulations (Article 6(1)(c))
Vital Interests: To protect safety and security (Article 6(1)(d))
Public Task: Not applicable to WorldDialer
Legitimate Interests: To improve services, prevent fraud, and conduct analytics (Article 6(1)(f))

Special Categories of Data

WorldDialer does not intentionally process special categories of data as defined in GDPR Article 9. However:

Phone numbers may be considered quasi-identifiers
IP-based geolocation does not constitute location tracking
We do not process racial, ethnic, political, religious, philosophical data
We do not process union membership, genetic, biometric, or health data
We do not process data revealing sexual orientation or criminal convictions

Data Retention and Deletion

Personal information is retained as specified in Section 7 and deleted promptly upon expiration of the retention period or your request. EU data subjects have additional rights:

Right to erasure if data is no longer necessary
Right to request deletion of historical data
We will honor deletion requests within 30 days

Data Subject Rights Procedure

EU/EEA and UK residents can exercise their data subject rights by contacting dpo@worlddialer.com with:

Proof of identity
Specification of the right being exercised
Sufficient information to locate your data

We will respond within 30 days, extendable by 60 additional days for complex requests. No fees apply unless requests are manifestly unfounded or excessive.

International Transfers

As described in Section 6, we transfer EU data to the United States using:

Standard Contractual Clauses (SCCs)
EU adequacy decisions where applicable
Supplementary measures addressing Schrems II requirements

Supervisory Authority

You may lodge a complaint with your national data protection authority. EU/EEA supervisory authorities can be found at edpb.europa.eu. For UK residents, contact the Information Commissioner’s Office (ico.org.uk).

14.2 CCPA and CPRA Specific Disclosures (California Residents)

Personal Information Collected

Under CCPA/CPRA, we collect the following categories of personal information:

Identifiers: Name, email, phone number, username
Commercial Information: Purchase history, credit limits, billing information
Biometric Information: None
Internet Activity: Browsing history, search history, interaction with our Service
Location Information: IP-based geolocation only
Professional Information: Occupation (if provided)
Education Information: None
Protected Characteristics: None intentionally collected
Inferred Data: Preferences, characteristics, behavior patterns

Use of Personal Information

We use personal information for:

Service delivery and customer support
Payment processing
Security and fraud prevention
Legal compliance and enforcement
Analytics and business intelligence
Marketing communications (with consent)
De-identified research and analysis

Sharing of Personal Information

We share personal information with:

Stripe (payment processor)
Twilio (VoIP service provider)
Google Analytics (analytics provider)
Law enforcement (if required by law)

We do NOT sell personal information for monetary consideration. We do NOT share personal information for cross-context behavioral advertising. Any sharing is with service providers or as required by law.

Sensitive Personal Information (CPRA)

We collect limited sensitive personal information under CPRA:

Social Security numbers: Not collected
Payment card information: Collected but processed by Stripe
Precise geolocation: Not collected
Biometric information: Not collected
Health/sex life information: Not collected
Citizenship/immigration status: Not collected

You may limit use of sensitive personal information. We use sensitive information only for necessary purposes.

Retention

We retain personal information as described in Section 7. California residents may request deletion, which we will honor within 45 days (with exceptions for legal obligations, fraud prevention, and other specified purposes).

Rights Assertion

California residents can assert rights by:

Emailing privacy@worlddialer.com
Calling our support line
Submitting a request through our website

We will verify your identity and respond within 45 days. We will not discriminate for exercising your rights.

Authorized Agent

You may designate an authorized agent to submit requests. The agent must provide written authorization, and we may request direct verification from you.

Shine the Light (CA Civil Code 1798.100)

Under California’s “Shine the Light” law, you may request information about third-party disclosures once per year. Contact privacy@worlddialer.com for this information.

14.3 Other US State Privacy Laws

WorldDialer complies with all applicable state privacy laws including:

Virginia Consumer Data Protection Act (VCDPA)
Colorado Consumer Privacy Act (CPA)
Connecticut Data Privacy Act (CTDPA)
Utah Consumer Privacy Act (UCPA)
Texas Data Privacy and Security Act (TDPSA)
Oregon and Montana consumer privacy laws

For state-specific rights, contact privacy@worlddialer.com or support@worlddialer.com.

14.4 Canada PIPEDA Disclosures

For Canadian residents, we comply with Personal Information Protection and Electronic Documents Act:

We collect only necessary personal information
We disclose use of information before collection when possible
You may access information, request corrections, and lodge complaints
Contact privacy@worlddialer.com for privacy inquiries

14.5 Brazil LGPD Disclosures

For Brazilian residents (Lei Geral de Protecao de Dados):

We identify lawful basis for each processing activity
You have rights to access, correct, delete, and port data
We may process data based on your consent, contractual necessity, or legitimate interest
Contact privacy@worlddialer.com to exercise LGPD rights

14.6 South Africa POPIA Disclosures

For South African residents (Protection of Personal Information Act):

We comply with information notification principles
Personal information is collected lawfully and transparently
You may request access, correction, or deletion
Contact support@worlddialer.com for privacy matters

14.7 Singapore PDPA Disclosures

For Singapore residents (Personal Data Protection Act):

We collect personal data directly from you
You may request access and correction of personal data
Personal data is used for specified purposes
You may withdraw consent at any time
Contact privacy@worlddialer.com for data requests

14.8 Australia Privacy Act Disclosures

For Australian residents:

We comply with Australian Privacy Principles (APPs)
You may request access and correction of personal information
You may lodge complaints with OAIC
We provide privacy statements at point of collection
Contact support@worlddialer.com for privacy inquiries

14.9 China PIPL Compliance Note

IMPORTANT: WorldDialer does not provide services to mainland China residents and does not collect personal information from China. If you are a mainland China resident, you are not permitted to use WorldDialer. We do not process or store personal data of mainland China residents, ensuring full compliance with data localization requirements under PIPL (Personal Information Protection Law).

14.10 TCPA and Telecommunications Regulations

As a VoIP calling service, WorldDialer complies with telecommunications regulations:

We comply with Telephone Consumer Protection Act (TCPA) requirements
Users must not use WorldDialer for illegal calling or harassment
We maintain call records as required by law
We respect “do not call” lists and user preferences
We cooperate with law enforcement requests
We prohibit unlawful robocalling or spoofing

By using WorldDialer, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. You consent to our collection, use, and sharing of your personal information as described herein. If you do not agree with our practices, please do not use our services.

This Privacy Policy is effective as of February 6, 2026, and supersedes all previous privacy policies or statements.

Table of Contents