Legal & Privacy

Effective Date: 2025 | Last Updated: 2025

PRIVACY POLICY (U.S.–Compliant)

Entity Responsible: PGAGI Consultancy Pvt. Ltd., operating as Toingg (“Toingg”, “we”, “us”, “our”)

Website / Product: https://toingg.com

Jurisdiction: United States (for U.S. Customers)

1. Introduction

Toingg provides AI-powered voice and text communication services, including automated callback agents, conversational memory, scheduling, outbound/inbound calling, and omnichannel messaging (the “Services”). This Privacy Policy describes how we collect, use, disclose, and protect personal information when you or your business accesses or uses the Services.

This Policy complies with:

  • TCPA (Telephone Consumer Protection Act)
  • TSR (Telemarketing Sales Rule)
  • FCC AI-Generated Voice Rules (2024–2025)
  • CCPA / CPRA (California Consumer Privacy laws)
  • Applicable U.S. state privacy laws (VA, CO, CT, UT)
  • Industry-standard requirements for enterprises
  • GDPR principles (where relevant for global users)

By using our Services, you agree to the terms of this Privacy Policy.

2. Information We Collect

2.1. User-Provided Information

  • Contact details (name, email, phone number)
  • Business information (company name, CRM data, lead data, agents/team members)
  • Consent records (required by TCPA)
  • Any information voluntarily provided via forms, CRM integrations, or customer interactions

2.2. Voice & Text Interaction Data

Toingg’s AI system processes and stores:

  • Call audio (optional, based on client setting)
  • Transcriptions (ASR output)
  • AI-generated responses
  • Call logs, metadata, timestamps
  • Conversation memory (context, preferences, outcomes)

Retention Period: 180 days (default). Clients may configure shorter/longer retention for enterprise/on-prem deployments.

2.3. CRM & Third-Party Integrations

When you connect CRMs such as HubSpot, Salesforce, Monday.com, or others, we may process:

  • Lead information
  • Activity logs
  • Communication history
  • Scheduling data

We act as a data processor; the client remains the data controller.

2.4. Automatically Collected Technical Data

  • IP address
  • Device identifiers
  • Browser/OS information
  • Usage patterns
  • Region-based routing information
  • Error logs

Used for optimization, fraud detection, and troubleshooting.

3. How We Use Information

We use collected information for:

  • Service Delivery: Handling calls, texts, WhatsApp messages, running AI workflows, maintaining conversational memory, routing calls, analytics.
  • Compliance: Managing consent, enforcing opt-out/DNC rules, maintaining TCPA/FCC logs, STIR/SHAKEN authentication.
  • Security & Monitoring: Detecting abuse/fraud, system health, improving quality.
  • Product Improvement: Non-identifiable aggregated data is used to enhance models.

4. Legal Basis

Depending on the region, processing occurs under: Contractual necessity, Legitimate interests, User consent, Compliance with applicable laws.

5. Sharing of Information

We do not sell personal data. We may share information only with:

5.1. Service Providers (Sub-Processors)

Examples: Telephony carriers (Twilio, Plivo), Cloud infrastructure providers, CRM integration providers, On-prem deployment partners.

5.2. Enterprise Customers

When Toingg operates as a white-label or embedded solution, customer organizations may access their own call logs, transcriptions, agent memory, analytics.

5.3. Legal Compliance

We may disclose data to comply with TCPA enforcement, FCC requests, valid legal orders.

6. AI-Specific Disclosures

6.1. AI-Generated Voice Calls

Under FCC (2024 Declaratory Ruling), AI voice calls are treated as “artificial/prerecorded calls” under TCPA. Toingg provides mandatory disclosure where required.

6.2. Human Impersonation Prohibited

Customers may not configure agents to impersonate a real person or hide the fact that AI is used (where disclosure is required).

6.3. Automated Decision-Making

The system may make automated decisions (e.g., routing). Clients may disable or customize these.

7. Data Storage & Residency

U.S. Customers: All U.S. customer data is hosted in U.S. datacenters by default. Enterprise customers may select dedicated regions or on-prem deployment.

8. Data Retention

Default retention: 180 days (Conversational memory, Transcriptions, Logs, Metadata). Exceptions: Consent logs up to 4 years. Customers may request early deletion or export.

9. Your Rights (CCPA/CPRA Compliant)

U.S. consumers may request access, correction, deletion, opt-out of automated decision-making, or opt-out of sale/sharing. Contact: privacy@toingg.com

10. Security Measures

Establish industry-standard measures: AES-256 encryption, TLS 1.2+, RBAC, Activity logging, etc.

11. Children’s Privacy

Our Services are not intended for children under 13. We do not knowingly collect data from minors.

12. International Transfers

If data is transferred from outside the U.S., we use standard contractual clauses and safeguards.

13. Changes to Policy

We may update this Policy to reflect legal changes or new features. Material changes will be notified.

14. Contact Information

PGAGI Consultancy Pvt. Ltd., operating as Toingg
Email: contact@toingg.com
Website: https://toingg.com
For legal requests: compliance@toingg.com

Ready to Close more deals with AI?
Ready to Close more deals with AI?