Bespoke C.T.I. Full integrations with your CRM and Back Office Systems.

All Type of custom work undertaken

Log calls to and from your customers.

Annotate calls with what happened.

Allows granular access to call recordings

Hosted business telephone system from only £10/user per month

Suitable for 1 - 1,000 users

Calls charged on a pay as you go basis

Access to our amazing national and international call rates

In house and hosted call recording solutions

GDPR and PCI Compliant

Call Recording Solutions

Vyspa Softphone Application Privacy Policy

Last Updated: 17 February 2026
Version: 1.0

1. Introduction

Vyspa Limited ("we", "us", "our", or "Vyspa") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Vyspa Softphone mobile application (the "App") available on the Apple App Store and Google Play Store.

By downloading, installing, or using the App, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.

Company Information:

Company Name: Vyspa Limited
Registered Address: Stoneham House, 17 Scarbrook Road, Croydon, CR0 1SQ, United Kingdom
Contact Telephone: 0203 515 0487
Contact Email: privacy@vyspa.com
Website: https://www.vyspa.com
Support URL: https://www.vyspa.com/support

2. Information We Collect

2.1 Information You Provide Directly

Account Information: Username, extension number, SIP credentials, password (encrypted)
Contact Information: Name, email address, telephone number, company name
Profile Information: Profile picture, status messages, presence information
Configuration Settings: Call forwarding rules, voicemail preferences, ringtone selections
Communications: Messages, feedback, or support requests
Authentication Credentials: SSO tokens (Google or Microsoft Entra)

2.2 Information Collected Automatically

Device Information: Device model, OS version, unique identifiers
Usage Information: Call logs, call duration, timestamps, features used
Diagnostic Data: Crash reports, performance logs
Network Information: IP address, Wi-Fi status, network type

2.3 Device Permissions

Permission	Purpose	Required/Optional
Microphone	Enable voice calls and messages	Required
Contacts	Display and dial address book contacts	Optional
Phone	Manage call state	Required
Notifications	Incoming call and voicemail alerts	Required
Camera	Video calling	Optional
Storage	Store voicemails and app data	Optional

2.4 Information We Do NOT Collect

Content of voice or video calls
Precise GPS location data
Data from other apps
Personal data from contacts (beyond dialled names/numbers)

2.5 OTP Authentication (If Enabled)

Mobile phone number
Country code verification
OTP verification logs (security only)

3. How We Use Your Information

Primary Purposes

Service provision and maintenance
Call routing
Authentication and account security
Billing
Customer support

Secondary Purposes

Analytics and performance improvement
Fraud prevention and security
Regulatory compliance
Service communications
Quality assurance

4. Legal Basis for Processing (GDPR)

Contract Performance
Legitimate Interests
Legal Obligation
Consent

5. How We Share Your Information

5.1 Service Providers

Cloud Infrastructure Providers
Telephony Carriers (SIP trunking)
SMS Providers (Twilio, Bandwidth)
Email Providers (SMTP services)
Push Notification Services (FCM, APNs)
Analytics Providers (Firebase Console)

5.2 Legal Requirements

Subpoenas or court orders
Government requests
Protection of rights and safety

6. Data Retention

Data Type	Retention Period
Account Information	Duration of account + 7 years
Call Logs	24 months
Voicemails	Until deleted or 90 days
Diagnostic Data	12 months
Support Communications	3 years

7. Data Security

Encryption: TLS/SSL in transit
Authentication: Multi-factor options
Access Controls: Role-based access
Security Audits: Periodic assessments

Note: No transmission method is 100% secure.

9. Your Rights (UK/EEA)

Access
Rectification
Erasure
Restriction
Portability
Objection
Withdraw Consent

To exercise your rights: privacy@vyspa.com

12. Apple App Store Disclosures

Data Type	Linked to You	Used for Tracking
Contact Info	Yes	No
User Content	Yes	No
Usage Data	Yes	No
Diagnostics	Yes	No

14. Contact Us

Email: privacy@vyspa.com
Phone: 0203 515 0487

                        Data Protection Officer
                        Vyspa Limited
                        Stoneham House
                        17 Scarbrook Road
                        Croydon, CR0 1SQ
                        United Kingdom

UK Information Commissioner's Office (ICO):
If you are not satisfied with our response, you have the right to lodge a complaint with the ICO:

Website: www.ico.org.uk
Phone: 0303 123 1113

15. Additional Provisions

15.1 Business Customers

If you are using the App as part of your organisation's Vyspa telephony service, your employer may have additional policies governing your use of the App. Your employer may also have access to certain information about your App usage (call logs, recordings, etc.). Please consult your employer's policies for more information.

15.2 Call Recording Disclosure

If your organisation uses call recording features, callers may be notified that calls are being recorded. Recording practices are governed by your organisation's policies and applicable laws.

15.3 Emergency Services

The Vyspa Softphone App may not support emergency calling (999/112/911). You should use a traditional phone or mobile service for emergency calls. Check with your administrator for details about emergency calling capabilities.

16. Single Sign-On (SSO)

If your organisation enables Single Sign-On authentication, the following applies:

16.1 Google SSO

We receive a unique identifier token from Google
Your Google email address and name (as permitted by your Google account settings)
We do not receive your Google password
Google's privacy policy applies to data collected during authentication

16.2 Microsoft Entra (Azure AD) SSO

We receive a unique identifier token from Microsoft
Your Microsoft account email address and name (as permitted by your organisation's settings)
We do not receive your Microsoft password
Microsoft's privacy policy applies to data collected during authentication

16.3 SSO Data Retention

Authenticating your identity
Maintaining your session
Authorising access to telephony services

You can revoke SSO access at any time through your Google or Microsoft account settings.

17. Definitions

Term	Definition
Personal Data	Any information relating to an identified or identifiable individual
Processing	Any operation performed on personal data (collection, storage, use, etc.)
Controller	The entity that determines the purposes and means of processing
Processor	The entity that processes data on behalf of the controller
GDPR	UK General Data Protection Regulation
SIP	Session Initiation Protocol (used for voice/video calls over IP)
SSO	Single Sign-On authentication method
OTP	One-Time Password for authentication
WSS	WebSocket Secure (encrypted WebSocket protocol)
FCM	Firebase Cloud Messaging
APNs	Apple Push Notification Service

This Privacy Policy was last reviewed and updated on 17 February 2026.