Call Center Dashboards – Privacy Policy

Effective: January 1, 2025
Last Updated: November 2, 2025
Version: 1.2

  1. Introduction
    Call Center Dashboards (“CallCenterDashboards.com,” “CCD,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring your personal information is handled securely and transparently. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our websites, use our hosted analytics and reporting services, or communicate with us. By using any CCD website or service, you consent to the practices described in this Policy.
  2. Scope
    This Policy applies to all information collected through:
    • Our websites, including callcenterdashboards.com and its subdomains (e.g., demo.callcenterdashboards.com, yourdomain.callcenterdashboards.com);
    • Our hosted analytics, reporting, and wallboard services; and
    • Email, chat, and phone communications with our support or sales teams.
    This Policy does not apply to customer-owned environments or data independently processed by customers on their own infrastructure.
  3. Data Controller and Contact
    Data Controller:
    Call Center Dashboards
    9333 Forsyth Park Drive, Suite H, Charlotte, NC 28273 USA
    Privacy Contact: privacy@callcenterdashboards.com
    If you are in the European Union or United Kingdom, CCD acts as a data processor for customer 3CX call data and as a data controller for website and account information. We have not appointed a formal Data Protection Officer but maintain internal privacy governance consistent with GDPR Article 37.

    We have also not appointed an EU or UK representative under Article 27 of the GDPR or UK GDPR. If you are located in the EU or UK and have questions or requests regarding your personal data, you may contact us directly at privacy@callcenterdashboards.com.

    Should we later appoint an official representative or Data Protection Officer, this Privacy Policy will be updated to include their contact details.
  4. Information We Collect
    1. Personal Information: Name, job title, company, email, phone number, postal address, account credentials, and communication preferences.
    2. Automatically Collected Information: IP address, browser type, device identifiers, access times, referring URLs, pages viewed, and aggregated usage statistics.
    3. Support and Communication Data: Information shared when contacting support, booking demos, submitting forms, or participating in surveys.
    4. Customer 3CX Call Data (“Platform Data”): When integrated with a customer’s 3CX phone system, CCD processes call metadata (e.g., call start/end times, queue, agent, duration, caller ID) strictly for analytics and visualization purposes. No call audio or personally sensitive content is analyzed unless explicitly enabled by the customer.
  5. Legal Bases for Processing (GDPR / UK DPA)
    We process personal data only where lawful bases exist, including:
    1. Contractual necessity – to provide, operate, and support our services;
    2. Legitimate interests – to improve products, detect misuse, and ensure service quality;
    3. Consent – for marketing or analytics cookies; and
    4. Legal obligation – where required by applicable law.
  6. How We Use Information
    We use collected data to:
    1. Operate, maintain, and improve our services;
    2. Deliver reports, wallboards, and analytics;
    3. Communicate with customers and provide support;
    4. Send administrative notices, billing, or service updates;
    5. Conduct usage analytics and performance monitoring;
    6. Send marketing or product updates (with consent);
    7. Comply with legal requirements and enforce agreements.
    CCD does not use personal data for automated decision-making or profiling that has legal or similarly significant effects on individuals.
  7. Disclosure and Sharing
    We do not sell, rent, or lease personal data.
    We may share limited information with:
    • Service providers (e.g., Microsoft Azure, Microsoft Clarity, analytics, CRM, and email platforms) under strict Data Processing Agreements (DPAs);
    • Affiliates and subcontractors bound by confidentiality; and
    • Regulatory or legal authorities when required to comply with applicable law.
    All international transfers rely on EU Standard Contractual Clauses (SCCs), the UK Addendum, or equivalent safeguards.
    CCD may also disclose personal data without notice if required to:
    1. comply with legal process;
    2. protect the rights, property, or safety of CCD, its users, or the public; or
    3. respond to security or fraud incidents.
  8. Cookies and Tracking Technologies
    We use cookies and similar tools for session management, analytics, and personalization. You may manage or withdraw consent through your browser or our cookie banner. Disabling cookies may affect certain functions.
    We partner with Microsoft Clarity, Microsoft Advertising, and similar providers for anonymized usage analytics. Sensitive or identifying content is excluded. Learn more about Microsoft’s data practices at https://privacy.microsoft.com/en-us/privacystatement.
  9. Data Retention
    We retain data only as long as necessary for the purposes described or to meet legal obligations.
    • Account and billing data: retained for up to 7 years after closure (for tax/audit).
    • Support and communication logs: retained for 24 months.
    • Analytics and anonymized data: may be stored indefinitely in aggregated form.
    Once retention periods expire, data is securely deleted or anonymized.
  10. International Data Transfers
    Your data may be processed in the United States or other jurisdictions. Where required by law, we apply appropriate safeguards such as SCCs, encryption in transit and at rest, and limited-access controls. CCD performs transfer impact assessments in accordance with EU EDPB and UK ICO guidance.
  11. Security Measures and Breach Notification
    We implement administrative, physical, and technical measures to protect data, including:
    • Enforced TLS 1.2+ encryption (migration to 1.3 in progress);
    • Firewalled, access-controlled servers;
    • Role-based access and least-privilege principles;
    • Regular vulnerability scanning and third-party audits.
    While no system is entirely secure, we maintain an incident response and breach notification plan consistent with GDPR Articles 33–34 and applicable U.S. regulations.
  12. Your Rights
    Depending on jurisdiction, you may have the right to:
    1. Access and receive a copy of your data;
    2. Request correction or deletion;
    3. Restrict or object to processing;
    4. Withdraw consent at any time;
    5. Request data portability; and
    6. File a complaint with your local data-protection authority.
    California residents (CCPA/CPRA) also have the right to know, delete, correct, and opt out of the sale or sharing of personal data.
    To exercise any rights, contact privacy@callcenterdashboards.com. We will respond within 30 days or as required by law.
  13. HIPAA and Regulated Data
    CCD is not a HIPAA-covered entity but follows comparable security and confidentiality standards. For regulated clients requiring HIPAA compliance, we will execute a Business Associate Agreement (BAA) upon request. Protected Health Information (PHI) is never processed without such an agreement in place.
  14. Children’s Privacy
    Our services are not directed to individuals under 16. We do not knowingly collect or maintain information about minors. If we become aware that data has been collected from a child, we will delete it promptly.
  15. Updates to this Policy
    We may update this Privacy Policy from time to time. Material changes will be communicated via email to account holders or through a prominent website notice at least 30 days before becoming effective. The “Last Updated” date above reflects the most recent version.
  16. Contact Us
    Call Center Dashboards
    9333 Forsyth Park Drive, Suite H
    Charlotte, NC 28273 USA
    Email: privacy@callcenterdashboards.com
    Website: https://www.callcenterdashboards.com/privacy

Appendix – Key Terms
“Personal Data” means any information that identifies or can identify an individual; “Processing” means any operation performed on such data; “Controller” determines purposes and means of processing; “Processor” processes on behalf of the “Controller”.