Privacy Policy

Privacy Policy

Effective Date: October 12, 2023
Last Updated: October 1, 2023

1. Scope & Definitions

This policy applies to all data processed by TECPARTS US, LLC ("we," "us," or "Platform") through our CPaaS services, including:

• End Users: Individuals receiving SMS/calls via our platform.

• Developers: Businesses integrating our APIs.

Key terms:

• Communication Metadata: Call/SMS timestamps, routing logs, delivery status.

• Opt-In Consent: Explicit permission from end users to receive messages.

2. Data We Collect

CategoryPurposeSourceRetention

End User Phone NumbersRoute messages/callsProvided by developers30 days post-delivery

API Request LogsFraud detection, service improvementAutomated systems6 months (anonymized)

Device IdentifiersAbuse prevention (e.g., IP blocking)Telecom carriers12 months

Developer Account DataBilling, API access managementDirect input during signupActive account + 7 years

3. How We Use Data

• Core Services:

  • Deliver SMS/voice communications.

  • Generate billing records for developers.

  • Monitor API performance (e.g., latency, error rates).

• Legal Bases (GDPR Compliance):

  • Contractual Necessity: To fulfill services requested by developers.

  • Legitimate Interests: Fraud prevention, network security.

  • Legal Obligations: Respond to lawful government requests.

4. Data Sharing & Third Parties

We never sell personal data. Limited sharing occurs only with:

RecipientData SharedPurpose

Telecom Carriers (e.g., AT&T)Phone numbers, timestampsMessage/call delivery

Payment Processors (e.g., Stripe)Billing contact detailsTransaction processing

Legal AuthoritiesMetadata (when legally compelled)Compliance with subpoenas

5. International Data Transfers

• EU/UK Data: Stored in Frankfurt AWS region (GDPR-compliant).

• Other Regions: Developers may choose US (Virginia) or Singapore AWS regions.

• Transfer Mechanisms: Standard Contractual Clauses (SCCs) for cross-border transfers.

6. Security Measures

• Technical Safeguards:

  • TLS 1.3 encryption for API traffic.

  • AES-256 encryption for stored data.

  • Multi-factor authentication (MFA) for developer accounts.

• Organizational Controls:

  • Annual staff security training.

  • Restricted access to production databases.

7. Your Rights

End Users: Submit requests through your service provider (the developer). We provide technical support to developers to fulfill:

• Access: Obtain a copy of your data.

• Deletion: Erase communication metadata.

• Opt-Out: Unsubscribe from SMS/calls (reply "STOP").

Developers: Manage data via API or dashboard:

• Download audit logs.

• Terminate accounts (data purged in 60 days).

8. Policy Updates

• Non-Material Changes: Posted on https://tecpartsus.com/privacy.

• Material Changes: Email notice 30 days in advance.

9. Contact Us

For GDPR requests or complaints:

• Data Protection Officer: dpo@tecpartsus.com

• Postal Address: TECPARTS US, LLC, 10800 NW 21 ST UNIT 190
  MIAMI, FL 33172

For CCPA "Do Not Sell" requests:

• Email: privacy@tecpartsus.com

• Toll-free: 12054824382

Key Compliance Statements

• CCPA: "We do not sell personal information."

• GDPR Article 30: Records of processing activities available upon request.

• CTIA: End-user consent verification tools provided to developers.