halloo.ai ("we", "us") provides voice-agent automation for Indian businesses. This policy explains what data we collect, why, and how it's stored. We follow India's Digital Personal Data Protection Act, 2023 (DPDP) as the floor — not the ceiling.
What we collect
- From operators: business email, name, phone, organisation, login metadata, and configuration of their voice agents.
- From callers: phone number, the audio of each call (with explicit consent), structured fields the agent extracts (name, address, preferences, etc.), and call outcome.
Why we collect it
To run the voice agent the operator configured — dialling, qualifying, capturing data, sending follow-up messages, and booking calendar slots. We do not sell, rent, or share caller data with third parties for marketing.
Where it's stored
All data resides in Indian data centres (Mumbai region). It does not leave India. Backups are encrypted and stored in the same region. We use a small set of sub-processors for telephony, voice intelligence, and email/WhatsApp dispatch — each listed on our security page.
Your rights
Under DPDP you have the right to access, correct, port, and erase personal data we hold about you. Operator users self-serve from the dashboard. Callers can email dpo@tryhalloo.in to exercise these rights — we respond within 30 days.
Retention
Call recordings, transcripts, and structured captures are retained for the duration of the operator's subscription, plus 90 days after termination. Operators may delete any record at any time. Backups are purged within 35 days.
Children
halloo.ai is a B2B product. We do not knowingly process data from anyone under 18.
Contact
Questions, requests, or complaints: dpo@tryhalloo.in.