← Back to home

Privacy Policy

Last updated: March 10, 2025

1. Who We Are

InvoCall is an AI-powered payment reminder platform that helps businesses automate follow-ups on outstanding invoices via automated voice calls and SMS. This Privacy Policy explains what personal data we collect, why we collect it, and how we handle it — including data belonging to your end customers (debtors) that you provide to us.

2. Data We Collect

2.1 Account Data (about you, our user)

  • Name and email address (on registration)
  • Google account name, email, and profile picture (when using Google Sign-In)
  • Profile photo (if uploaded)
  • Business name, industry, support phone number, and business description (entered in Business Profile)
  • Subscription and billing information (processed by our payment provider)
  • Session tokens and IP address (for authentication and security)

2.2 Third-Party Integration Data (from connected services)

When you connect external services, we access and store the following data on your behalf:

  • Zoho Books: Invoice records (invoice numbers, amounts, due dates, statuses) and customer records (names, company names, phone numbers, email addresses). Accessed via Zoho OAuth with read-only scopes.
  • Google Sheets: Rows from the specific spreadsheet you link — typically invoice and customer data. Accessed via Google OAuth with read-only scope (spreadsheets.readonly). We only read the sheet you explicitly select.
  • Excel Upload: Invoice and customer data from .xlsx files you upload manually.

OAuth access tokens and refresh tokens for these integrations are securely encrypted before being stored in our database.

2.3 Your Customers' Data (debtor data)

To deliver payment reminders, we store your customers' names, phone numbers, and email addresses. This data is sourced exclusively from the integrations you connect (Zoho Books, Google Sheets, or Excel) or from information you enter directly. We use this data only to execute automated voice calls and SMS messages on your behalf. We do not sell, rent, or use this data for any other purpose.

2.4 Call and Reminder Data

  • Scheduled reminder dates and times
  • Call outcomes (answered, unanswered, voicemail)
  • Delivery status of SMS messages
  • Retry attempts and timestamps

2.5 Technical Data

  • Browser type and version
  • IP address
  • Device information
  • Pages visited and features used within the app

3. How We Use Your Data

  • To create and maintain your InvoCall account
  • To authenticate you securely (email/password or Google Sign-In)
  • To sync invoice and customer records from your connected integrations
  • To schedule, execute, and track automated voice call and SMS payment reminders to your customers
  • To display your invoices, customers, and reminder history inside the dashboard
  • To process your subscription payments
  • To send you transactional emails (email verification, password reset, reminder activity summaries)
  • To detect and prevent fraud, abuse, and unauthorized access
  • To comply with applicable legal obligations

We do not use your data or your customers' data for advertising, profiling, or sale to third parties.

4. Google User Data (Limited Use Disclosure)

InvoCall's use of data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

  • What we access: When you connect Google Sheets, we request read-only access to the specific spreadsheet you link. We use the scope spreadsheets.readonly.
  • Why we access it: Solely to read invoice and customer rows from your selected spreadsheet so InvoCall can schedule payment reminders on your behalf.
  • What we do not do: We do not read any other spreadsheets or Google Drive files. We do not share Google Sheets data with any third parties. We do not use this data for advertising or AI/ML training.
  • Token storage: Google OAuth access tokens and refresh tokens are securely encrypted before being stored in our database.
  • Revocation: You can disconnect Google Sheets at any time from the Integrations page. When you disconnect, we revoke the OAuth tokens and delete all associated data.

5. Third-Party Services We Use

We rely on carefully selected, industry-standard third-party service providers to deliver InvoCall's core features. These include providers for database hosting, secure payment processing, voice network infrastructure, SMS delivery, and file storage.

We ensure that all our third-party vendors comply with applicable data protection laws. Each of these providers has their own privacy policies governing their handling of data.

6. Data Security

We take data security seriously. Measures we implement include:

  • Encryption of data both at rest and in transit
  • Industry-standard authentication and session management
  • Continuous monitoring for unauthorized access attempts
  • Strict access controls to production environments

No method of electronic transmission or storage is 100% secure. While we implement strong safeguards, we cannot guarantee absolute security.

7. Data Retention

We retain your account data and your customers' data for as long as your account is active. If you close your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or accounting purposes. Integration data (e.g., OAuth tokens for Zoho, Google) is deleted immediately when you disconnect an integration.

8. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Ask us to correct inaccurate or incomplete data
  • Deletion: Ask us to delete your account and associated data
  • Portability: Request your data in a machine-readable format
  • Objection: Object to certain processing of your data
  • Revoke integration access: Disconnect any third-party integration at any time from the Integrations page

To exercise any of these rights, email us at priyanshutiwary711@gmail.com.

9. Children's Privacy

InvoCall is a business tool intended for users aged 18 and above. We do not knowingly collect data from children under 13. If you believe a child has created an account, please contact us and we will delete the account promptly.

10. International Data Transfers

Our servers and third-party service providers may be located outside your country. By using InvoCall, you consent to the transfer of your data to these locations. We take steps to ensure that transferred data is protected in line with this Privacy Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top. For significant changes, we will notify you by email or by a notice in the dashboard.

12. Contact Us

If you have any questions about this Privacy Policy or want to exercise any of your rights, please contact us:

Email: priyanshutiwary711@gmail.com