Privacy Policy — CallOS

Effective date: 5 June 2026
Last updated: 5 June 2026

This document is an electronic record under the Information Technology Act, 2000 and the rules made thereunder, and is published in compliance with Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and with the Digital Personal Data Protection Act, 2023 (the "DPDP Act"). It is generated by a computer system and does not require a physical or digital signature.

This Privacy Policy governs access to and use of the CallOS web platform, mobile application, software products, and related services ("CallOS"). In this policy, "we", "us", "our", or "services" refer to CallOS, a platform operated by Innovura Technologies Private Limited, and its integrated systems; "you" refers to any user of CallOS, including subscribing organizations ("Organizations"), their administrators, and the salespeople/agents whose business call activity is processed ("Monitored Users").

By accessing or using CallOS, or by clicking "I Agree" or a similar consent mechanism, you confirm that you have read and understood this Privacy Policy.

At a glance (plain-language summary)

This summary is for quick understanding. The full policy below is what governs your use of CallOS.

  • What CallOS does: it is a call-tracking and call-analysis tool. It reads your business call records (who you called, when, and for how long), and — if your phone saved a recording — the recording and a typed transcript, so your organization can review and analyze calling activity.
  • Your call log is the core of the app. CallOS reads your call records (numbers, time, duration, and incoming/outgoing/missed type) to provide call tracking and analytics. This is the main thing CallOS does.
  • CallOS does not record your calls. It does not use your microphone and it does not listen to live calls. If your phone's own dialer saved a call recording, CallOS reads that saved file — and only from a folder you choose and grant.
  • You stay in control. You grant call-log access and pick the recordings folder, and you can revoke either at any time in the app or in Android settings.
  • What we never touch: your SMS/text messages, your photos and personal media, and your location.
  • Where your data goes: recordings and transcripts are stored on our secure cloud (AWS) and processed by Google's Gemini service to create the transcript. We never sell your data.
  • This is a workplace tool. Your organization decides to use CallOS and is responsible for informing you and obtaining your consent. The app is visible on your device and does not operate covertly.
  • Deleting your data: request it at https://www.callos.in/delete-account, or ask your administrator.
What CallOS is

CallOS is a business call-tracking and communication-intelligence platform delivered through a mobile application (installed on an Organization-authorized salesperson device) and a web application (used by administrators). Its core function is to track and analyze a team's business call activity using call records (call logs), call recordings, transcripts, and performance analytics.

How call recordings are obtained

CallOS does not record call audio itself. It does not use the microphone to capture calls, and it does not use the Accessibility service or any hidden API to tap the call audio stream. Where a device's own manufacturer (OEM) dialer or a third-party dialer produces call-recording audio files, the CallOS app reads those existing files only from a folder that the Monitored User explicitly grants using Android's Storage Access Framework (the system folder-picker, ACTION_OPEN_DOCUMENT_TREE). CallOS does not request broad device-storage access (MANAGE_EXTERNAL_STORAGE) and cannot read any folder the user has not chosen to share.

Permissions we request and why
Permission / access Why we use it Required?
Read call log (READ_CALL_LOG) To read your call records — phone numbers, date/time, duration, and call type — which is the core call-tracking and analysis function of CallOS Required (core feature)
Read phone state (READ_PHONE_STATE) To detect when a call starts and ends and identify which SIM was used, so calls are tracked and attributed correctly Required
Folder access via the Android system folder-picker (SAF) To read the call-recording audio files saved by your phone's dialer Required for recording sync
Network / internet access To securely upload call records, recordings, and transcripts and sync with your organization's account Required
Run a background sync (data-sync foreground service) To reliably detect and upload new call records and recordings; may show a persistent notification Required
Place calls (CALL_PHONE) Only if you use the optional in-app dial pad to start a business call Optional
Read contacts (READ_CONTACTS) Only if enabled, to show a contact's name next to their number Optional

Permissions we do NOT request

CallOS does not request: the microphone (RECORD_AUDIO), the ability to modify your call log (WRITE_CALL_LOG), broad storage access (MANAGE_EXTERNAL_STORAGE), SMS, or device location. CallOS does not hide its app icon and does not operate covertly.

1. Information We Collect

1.1 From the Mobile App (Monitored User device)

Depending on the permissions and access you grant, CallOS may collect:

  • Call records from your device's call log — phone numbers, date and time, duration, and call type (incoming, outgoing, missed). Reading these records to provide call tracking and analytics is the core function of CallOS.
  • Call recording audio files — read from the user-granted recordings folder produced by your device's dialer (see "How call recordings are obtained" above)
  • Transcripts generated from those recordings
  • Contact name associated with a number, if the optional contacts feature is enabled
  • Call-state and SIM information — used to detect when a call starts or ends and which SIM was used, so calls are attributed correctly
  • Device information (model, OS version) and basic app performance/diagnostic data

We do not collect from the mobile device:

  • SMS/text or chat messages
  • Photos, videos, or personal media files (we access only the call-recording audio files in the folder you grant)
  • Web browsing history
  • Device location

1.2 From the Web Admin Panel

  • Administrator login credentials (passwords are stored using one-way hashing)
  • Device and IP information
  • Activity logs of actions performed within the platform

1.3 Optional Data

If enabled by the Organization:

  • Notes or tags added to call records
2. Location

CallOS does not collect device location. If a future feature ever requires it, that feature will be introduced with a clearly described purpose and its own consent, and this policy will be updated before any such collection begins.

3. Consent and Control
  • Before any call-log or recording data is collected, the app shows an in-app disclosure explaining what will be accessed and why; collection begins only after you grant the relevant permission and select the recordings folder.
  • Call-log access and folder access can each be revoked by you at any time in the app or in Android settings. CallOS stops using a permission as soon as it is revoked.
  • Whether a recording exists at all depends on your device's own dialer settings, which remain under your control.
4. How We Use the Data

We use collected data to:

  • Provide call records, recordings, transcripts, analytics, and call-audit features to authorized users within the Organization
  • Improve system performance, reliability, and accuracy
  • Provide customer support
  • Manage subscriptions and licensing

We do not sell, trade, or rent personal data, and we do not use call content for advertising.

5. Legal Basis for Processing

We process data on the basis of:

  • The Organization's instructions under our contract with the Organization (the Organization is the data fiduciary/controller for its team's call data; CallOS acts as a data processor)
  • Consent of the Monitored User and the Organization's administrators, obtained in the app and/or by the Organization, as required under the DPDP Act and other applicable laws
  • Our legitimate business interests in operating and securing the service
6. Data Sharing and Sub-processors

We use the following service providers to operate CallOS. They process data on our behalf under confidentiality and data-protection obligations, and are not permitted to use it for their own purposes:

  • Amazon Web Services (AWS) — cloud hosting and storage
  • Google Firebase — analytics and crash/diagnostics reporting
  • Google (Gemini API) — transcription of call recordings; recordings and the resulting transcripts are processed by Google's Gemini service to generate transcripts

These providers may process data on servers located outside India. We do not sell data to advertisers or other third parties. A current list of sub-processors is available on request at support@callos.in.

7. Data Retention and Deletion
  • We retain data for as long as the Organization remains an active customer, or until it is deleted by the Organization's administrator.
  • Administrators can delete call records, recordings, and transcripts at any time from the web panel.
  • Account and associated data deletion can also be requested at https://www.callos.in/delete-account.
  • On termination, data is deleted or anonymized within a reasonable period unless retention is required by law.
8. Data Security

We implement industry-standard safeguards:

  • Encryption in transit (HTTPS/TLS)
  • Access-controlled APIs
  • Role-based access control
  • Multi-factor authentication for administrators

While we take reasonable steps to protect data, no method of transmission or storage is completely secure.

9. Employee / Monitored-User Consent and Organization Responsibility

CallOS is a workplace business tool used with the knowledge of the person whose calls are tracked. Each Organization using CallOS is responsible for:

  • Clearly informing its salespeople/agents that their business call activity, records, recordings, and transcripts are collected and processed through CallOS
  • Obtaining valid consent from those individuals as required by applicable law (including the DPDP Act) before deployment
  • Using CallOS only for legitimate, lawful business purposes

The Monitored User installs the app on their own device, is shown an in-app notice, and grants the required permissions before any collection begins. CallOS is not designed for, and must not be used for, covert or unauthorized surveillance.

10. Your Rights

Subject to applicable law, including the DPDP Act, you may have the right to:

  • Access the personal data we hold about you
  • Request correction or completion of inaccurate data
  • Request erasure of your data
  • Withdraw consent (which does not affect prior lawful processing)
  • Raise a grievance about how your data is handled

Because CallOS holds most data on behalf of Organizations, requests are generally routed through your Organization's administrator. You may also contact our Grievance Officer below.

11. Children

CallOS is a business tool intended for use by adults in a workplace context and is not directed to, or intended for, children.

12. Updates to this Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above, and continued use after an update constitutes acceptance of the revised policy.

13. Contact and Grievance Officer

For privacy questions or to exercise your rights:

Grievance Officer: Jalpa Panchal
Email: support@callos.in
Phone: +91 98255 23868
Address: D-307, The First, B/H Keshav Baugh Party Plot, near Shivalik Highstreet, Ahmedabad, Gujarat 380015, India