PRIVACY POLICY WONDERCALL

Last updated: 19.03.2026

1. Introduction

This Privacy Policy explains how WonderCall (we, us, our) collects, uses, and protects personal data when you use our AI-powered call agent platform (Service).

We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

By using our Service, you acknowledge this Privacy Policy.

2. Controller

The data controller responsible for processing is:

BILIN GmbH
Prödeler Str. 9
04416 Markkleeberg
Germany
Email: hi@wondercall.ai

3. Categories of Data We Collect

3.1 Account & Customer Data

  • Name
  • Email address
  • Phone number
  • Company information
  • Billing and payment details

3.2 Call Data (Core of the Service)

When using WonderCall, we process:

  • Caller phone number
  • Recipient phone number
  • Call metadata (time, duration, status)
  • Call recordings (audio), if enabled
  • AI-generated transcripts
  • AI-generated summaries and extracted data
  • Interaction history

3.3 AI & Prompt Optimization Data

To improve AI performance and allow clients to optimize their agents, we process:

  • Call transcripts
  • User prompts and configurations
  • AI responses and conversation flows
  • Performance data (e.g. unanswered questions, errors)

3.4 Technical & Usage Data

  • IP address
  • Device and browser information
  • Log files
  • System events and errors

4. Purpose of Processing

We process personal data for the following purposes:

  • Providing AI call functionality
  • Handling inbound and outbound calls
  • Generating transcripts, summaries, and analytics
  • Enabling clients to review calls and improve prompts
  • Maintaining call history and dashboards
  • Processing payments and subscriptions
  • Ensuring system security and preventing fraud
  • Improving and developing our AI systems and services

5. Legal Basis (Art. 6 GDPR)

We process personal data based on:

  • Art. 6(1)(b) GDPR - performance of a contract
  • Art. 6(1)(f) GDPR - legitimate interests (service improvement, analytics, security)
  • Art. 6(1)(a) GDPR - consent (e.g. call recording where legally required)

6. Call Recording & AI Processing

  • Calls may be recorded and processed by AI systems
  • Recordings are used to provide the service, generate transcripts and summaries, enable clients to review conversations, and improve prompts and AI performance
  • Recording can be enabled or disabled by the client

Important: Clients are responsible for informing call participants and obtaining consent where required by applicable laws.

7. Caller Recognition & Memory Features

We may store and process:

  • Phone numbers
  • Names and identifiers
  • Previous conversation data

This enables:

  • Recognition of returning callers
  • Personalized interactions
  • Context-aware AI responses

8. Sharing of Data

8.1 Service Providers (Processors)

We share data with trusted third-party providers, including:

  • Telephony providers (e.g. Twilio)
  • Cloud infrastructure providers
  • Payment providers (e.g. Stripe)
  • Analytics and monitoring tools (e.g. Cloudflare, Sentry)

These providers process data on our behalf under appropriate data protection agreements.

8.2 Legal Obligations

We may disclose personal data if required by law or regulatory authorities.

8.3 Business Transfers

In the event of a merger, acquisition, or asset sale, personal data may be transferred.

9. International Data Transfers

Some service providers may process data outside the European Union.

In such cases, we ensure appropriate safeguards, such as:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission

10. Data Retention

We retain personal data only as long as necessary:

  • Account data: for the duration of the business relationship
  • Call recordings & transcripts: as configured by the client
  • Technical logs: limited retention for security and debugging

Data is deleted or anonymized when no longer required.

11. Security

We implement appropriate technical and organizational measures to protect personal data against:

  • Unauthorized access
  • Loss or destruction
  • Alteration or misuse

12. Your Rights (GDPR)

You have the right to:

  • Access your personal data (Art. 15 GDPR)
  • Rectify inaccurate data (Art. 16 GDPR)
  • Request deletion (Art. 17 GDPR)
  • Restrict processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)

To exercise your rights, contact: hi@wondercall.ai

13. Cookies & Tracking

We may use cookies and similar technologies for:

  • Analytics
  • Security (e.g. bot protection)
  • Performance monitoring

Further details may be provided in a separate Cookie Policy.

14. Third-Party Services

We use third-party services such as:

  • Cloudflare (security, analytics, bot protection)
  • Sentry (error tracking)
  • Anti-bot and fingerprinting technologies

These services may process technical and usage data as part of their functionality.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time.

The latest version will always be published on our website.

16. Contact

For questions regarding this Privacy Policy:

hi@wondercall.ai