top of page

PRIVACY POLICY

​

Effective Date: February 17, 2026


This Privacy Policy governs the collection, use, and protection of information obtained through your use of Rolkol (the "Platform"), a conversational AI voice and chat bot service provided by Zodiva Web Services Pvt Ltd ("Rolkol," "we," "us," or "our"). By accessing or using our Platform, you agree to the terms of this Privacy Policy.


1. Information We Collect

1.1 Information You Provide

  • Account Registration Data: Name, email address, phone number, company name, username, and password

  • Payment Information: Credit card details, billing address, and transaction history

  • Business Configuration Data: Custom prompts, knowledge base content, integration settings, and API credentials

  • Support Communications: Information provided during customer support interactions
     

1.2 Voice and Conversation Data

  • Call Audio and Recordings: Audio recordings of conversations between AI agents and end-users (if recording is enabled)

  • Call Transcripts: Speech-to-text transcriptions of conversations

  • Call Metadata: Phone numbers, call duration, timestamps, call status, and conversation outcomes

  • Interaction Logs: Conversation flow data, AI responses, and system performance metrics
     

1.3 Automatically Collected Information

  • Device Information: IP address, browser type, operating system, and device identifiers

  • Usage Data: Pages visited, features accessed, time spent on Platform, and interaction patterns

  • Cookies and Tracking Technologies: Session cookies, preference cookies, security cookies, and analytics cookies
     

2. How We Use Your Information

We process your information for the following purposes:

  • Service Delivery: Providing, operating, and maintaining conversational AI services

  • Service Improvement: Analyzing usage patterns to enhance Platform performance, reduce latency, and improve AI model accuracy

  • Customer Support: Responding to inquiries, troubleshooting issues, and providing technical assistance

  • Payment Processing: Managing subscriptions, processing payments, and maintaining billing records

  • Communications: Sending account notifications, service updates, and marketing communications (with consent)

  • Legal Compliance: Meeting regulatory obligations and responding to legal requests

  • Security and Fraud Prevention: Detecting and preventing unauthorized access, abuse, and fraudulent activities
     

2.1 AI Model Training

Default Configuration:
By default, conversation data may be used in aggregated and anonymized form to improve AI model performance, including end-of-turn detection, interruption handling, and response quality. Personal information and customer-specific intelligence are not extracted or used for any purpose other than improving general AI capabilities.

Opt-Out Options:
Customers can disable data persistence and AI training through:

  • HIPAA-Compliant Mode: Prevents storage of call recordings, transcripts, and conversation logs

  • Privacy-Enhanced Mode: Limits data retention to 30 days with no AI training usage

  • Custom Data Handling: Enterprise customers can negotiate specific data handling agreements

To modify data handling settings, access your account dashboard or contact support@rolkol.com.
 

3. Data Sharing and Disclosure
3.1 Service Providers

We share data with third-party service providers who assist in delivering the Platform:

  • Speech-to-Text Providers: For voice transcription services

  • Large Language Model Providers: For AI response generation (including Azure OpenAI, custom LLMs)

  • Text-to-Speech Providers: For voice generation and synthesis

  • Cloud Infrastructure: For hosting and data storage (Microsoft Azure)

  • Payment Processors: For secure payment processing

  • Analytics Services: For usage monitoring and performance optimization

All service providers are contractually bound to maintain confidentiality and use data solely for providing their designated services.
 

3.2 Legal Requirements

We may disclose information when required by law, legal process, court order, or to:

  • Comply with legal obligations under Indian law or international regulations

  • Protect the rights, property, or safety of Rolkol, our customers, or the public

  • Detect, prevent, or address fraud, security, or technical issues

  • Enforce our Terms of Service and other agreements
     

3.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, user data may be transferred as part of the transaction. We will notify affected users and ensure continued protection of personal information.
 

3.4 No Sale of Personal Data

We do not sell or rent your personal information to third parties for marketing purposes.
 

4. Data Retention and Deletion

  • Active Accounts: Data is retained as long as your account remains active or as needed to provide services

  • Inactive Accounts: After 36 months of inactivity, data will be automatically deleted from active databases

  • Call Data Retention: Voice recordings and transcripts retained for 90 days (default), 30 days (HIPAA mode), or custom periods (enterprise)

  • Deletion Requests: Users may request data deletion at any time by contacting support@rolkol.com. Requests processed within 30 days subject to legal obligations

  • Legal Retention: Some data may be retained longer to comply with legal, accounting, tax, or regulatory requirements (typically 7 years for financial records)

  • Backup Systems: Deleted data may persist in backup systems for up to 90 days before permanent removal
     

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: Data is encrypted in transit (TLS 1.3) and at rest (AES-256)

  • Access Controls: Role-based access restrictions and multi-factor authentication

  • Security Monitoring: Continuous monitoring for unauthorized access and anomalies

  • Regular Audits: Periodic security assessments and vulnerability testing

  • Secure Infrastructure: Hosting on Microsoft Azure with ISO 27001, SOC 2, and other certifications

While we employ commercially reasonable security practices, no system is completely secure. You acknowledge that you use the Platform at your own risk.
 

6. Your Rights and Choices

Under applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act), you have the following rights:

  • Access: Request a copy of your personal information

  • Correction: Update or correct inaccurate information

  • Deletion: Request deletion of your personal data (subject to legal obligations)

  • Data Portability: Receive your data in a structured, machine-readable format

  • Opt-Out: Unsubscribe from marketing communications via email instructions

  • Withdraw Consent: Revoke consent for data processing where consent is the legal basis

To exercise these rights, contact us at support@rolkol.com or privacy@rolkol.com.

7. International Data Transfers

Your data may be processed and stored in India and other jurisdictions where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including:

  • Standard contractual clauses approved by regulatory authorities

  • Adherence to GDPR adequacy requirements for EU data subjects

  • Compliance with cross-border data transfer provisions under the DPDP Act
     

8. Compliance with Regulations

Rolkol complies with applicable data protection and privacy laws, including:

  • Digital Personal Data Protection Act, 2023 (India) - Full compliance as Data Fiduciary

  • General Data Protection Regulation (GDPR) (European Union) - Standard contractual clauses for EU data

  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) (United States)

  • Telephone Consumer Protection Act (TCPA) (United States) - AI voice call compliance

  • Health Insurance Portability and Accountability Act (HIPAA) (United States) - Available with Business Associate Agreement

  • Payment Card Industry Data Security Standard (PCI DSS) - For payment data handling

  • Australian Privacy Act and ACMA regulations - For Australian deployments

For HIPAA-compliant deployments or PCI DSS requirements, customers must enable appropriate settings and execute required agreements. Contact compliance@rolkol.com for Business Associate Agreements or compliance documentation.
 

9. Children's Privacy

The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will take steps to delete such information promptly.

​

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain session state and user preferences

  • Analyze Platform usage and performance

  • Enhance security and prevent fraud

  • Deliver personalized content and features

You may disable cookies through your browser settings, though this may affect Platform functionality.

​

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be effective immediately upon posting on our website. We will notify registered users of material changes via email. Your continued use of the Platform after changes constitutes acceptance of the updated Privacy Policy.

​

12. Contact Information

For questions, concerns, or requests regarding this Privacy Policy, contact:

Zodiva Web Services Pvt Ltd
Operating as: Rolkol
Registered Office: [Complete registered address to be inserted]
Email: privacy@rolkol.com
Support: support@rolkol.com
Compliance: compliance@rolkol.com
Data Protection Officer: dpo@rolkol.com (for DPDP Act inquiries)
Website: https://rolkol.com

For DPDP Act Rights Requests: Submit requests to dpo@rolkol.com with subject line "Data Rights Request - DPDP Act

bottom of page