Privacy Policy

DeepCalls GmbH, based in Altendorf, Canton Schwyz, Switzerland (UID: CHE-382.093.446), is responsible for the processing of personal data as described in this privacy statement.

Contact details

DeepCalls
Website: https://deepcalls.io
Email: info@deepcalls.io

Personal data we process

Through our website, we only process personal data that you provide to us yourself, for example when you fill in a contact form, schedule an appointment, or subscribe to our newsletter. This includes:

  • First and last name
  • Email address

Legal basis for processing

DeepCalls only processes personal data where this is permitted under applicable privacy legislation, including the GDPR where relevant. Depending on the situation, we do so on the basis of:

  • Consent, for example when subscribing to our newsletter
  • Performance of a contract, for example when we contact you in connection with our services
  • Legitimate interest, for example to enable us to provide our services

Purposes of processing

We use your personal data solely for:

  • Sending newsletters or information about our services
  • Contacting you where this is necessary for the performance of our services

Retention periods

We do not retain personal data longer than necessary for the purposes for which it was collected. We apply the following periods:

  • Contact details (name and email address): up to 12 months after the last contact moment
  • Data for voice phishing assessments (such as the name, address, or date of birth of a test subject): used solely for the execution of the call and deleted immediately afterwards
  • Reports and anonymised findings: up to 1 year, solely for quality assurance, internal analysis, and follow-up assignments (these do not contain personal data)
  • Newsletter data (email address): retained for as long as you remain subscribed; you may unsubscribe at any time via the unsubscribe link or by sending a request to info@deepcalls.io

After these periods, data is deleted or anonymised.

Processing in mystery calls

For the execution of mystery calls, a client may provide limited personal data, such as a name, address, or date of birth. This data is used solely to carry out the test realistically and is deleted immediately after the call. Reports contain only anonymised findings and never names or directly identifiable personal data. All processing takes place in accordance with applicable privacy law and, where relevant, on the basis of a data processing agreement with the client.

Sharing with third parties

DeepCalls does not sell your data and only discloses it where necessary for the performance of an agreement or to comply with a legal obligation. We use an external provider for sending and managing our newsletter. That provider only has access to the data required to perform that service. We conclude data processing agreements with all processors to safeguard the confidentiality and security of personal data.

We use Calendly for scheduling appointments. This provider only has access to the data required to perform that service. When you use an embedded calendar, Calendly may place functional cookies that are necessary for the proper functioning of the service. We make contractual arrangements with processors to safeguard the confidentiality and security of personal data.

Cookies

This website does not place any tracking, analytics, or marketing cookies itself. Your language preference is stored in your browser via localStorage — this is not a cookie and is not shared with third parties. Functional cookies may be placed by Calendly when you use the embedded scheduling tool.

Your rights

You have the right to access, correct, or delete your personal data. You may also withdraw your consent or object to the processing of your data by DeepCalls. In addition, you have the right to data portability. You can send a request to info@deepcalls.io. For verification purposes, we may ask for a copy of your identity document; always make sure to obscure your photo, MRZ, passport number, and citizen service number where applicable. We respond to your request within four weeks.

You may also file a complaint with the Dutch Data Protection Authority ().Autoriteit Persoonsgegevens.

Security

DeepCalls takes appropriate measures to protect personal data against misuse, loss, unauthorised access, unwanted disclosure, and unauthorised alteration. If you believe your data is not properly secured or there are indications of misuse, please contact us via info@deepcalls.io.

Version: adopted on 14 April 2026. This privacy statement is updated whenever our working methods or applicable law give cause to do so.