New: Kedeyo Voice Bot is here!

Book a free demo
DPDP Act 2023 · IT Act 2000 compliant

Privacy Policy

How Kedeyo collects, uses and protects personal data — written for humans, aligned with India's Digital Personal Data Protection Act 2023 and the IT Act 2000.

Effective 01 April 2026

1. Who we are

Kedeyo (operated by SureshWari Techno IT Park CHS, Mumbai) is a cloud contact-center platform for Indian businesses. This Privacy Policy explains what data we collect, why we collect it, and how we protect it under India's Digital Personal Data Protection Act 2023 (DPDP), the IT Act 2000 and TRAI's outbound calling rules.

2. Data we collect

  • Account data — name, work email, phone, company name, role, billing address.
  • Customer call data you upload or process through Kedeyo — phone numbers, call recordings, dispositions, transcripts and CRM context.
  • Usage data — log files, IP address, browser fingerprint, agent activity timestamps.
  • Support data — chat transcripts, tickets, screenshots you share with our team.

3. How we use it

We process personal data only for the purposes you signed up for: providing the Kedeyo platform, billing you, supporting your team, and improving service quality. Customer call data uploaded to Kedeyo is processed on your instructions — we are a data processor for that data, you remain the data fiduciary.

  • Run your contact-center workflows (calls, WhatsApp, IVR, recording, reporting).
  • Bill, prevent fraud and meet TRAI / RBI / IRDAI obligations applicable to you.
  • Send service updates, security alerts and product communications.
  • Improve features using aggregated, de-identified usage telemetry.

4. Sharing & sub-processors

We don't sell personal data. We share it only with sub-processors required to deliver the platform — telecom carriers for call termination, AWS Mumbai / Chennai for hosting, payment gateways for billing and approved analytics vendors. A current list is available on request from privacy@kedeyo.com.

5. Your rights

Under the DPDP Act 2023 you have the right to access, correct, update, erase and port your personal data, and to withdraw consent at any time. Email privacy@kedeyo.com from the email on your account and we'll respond inside the timelines required by law.

6. Data residency & retention

All Kedeyo customer data is stored in India (AWS Mumbai with Chennai DR). Default call-recording retention is 90 days on Starter, 6 months on Growth, 12 months on Business; longer retention is configurable per regulator and per customer contract.

7. Security

  • AES-256 encryption at rest, TLS 1.3 in transit.
  • Role-based access controls and full agent / admin audit logs.
  • Annual penetration testing, DPDP-aligned data-protection-impact assessments.
  • Incident response with 72-hour regulator notification where applicable.

8. TRAI & DND compliance

Outbound voice and WhatsApp dispatched through Kedeyo is auto-scrubbed against the TRAI National Customer Preference Register. We block dialing inside restricted hours and enforce per-customer DND lists.

9. Cookies & tracking

Our marketing site uses functional and analytics cookies. The product app uses session cookies only — no third-party advertising trackers in the agent console.

10. Changes to this policy

If we make material changes we'll email account owners 30 days in advance and post a banner on this page. Continued use after the effective date constitutes acceptance.

Questions? Email legal@kedeyo.com or visit our contact page.