Privacy Policy

1. Who We Are

Jingle Plug-In is a product of Minutes Network FZ-LLC, a company licensed in Ras Al Khaimah, United Arab Emirates (Licence No. 47016932). For partner and website data - such as partner applications and business contact details - Minutes Network FZ-LLC is the data controller. For end-user personal data processed through the Jingle Plug-In inside a partner's app, the app developer is the data controller and Minutes Network FZ-LLC acts as data processor on the developer's behalf, as set out in our Data Processing Agreement - acting as an independent controller only where required for billing, fraud prevention and legal compliance.

Contact: privacy@jingleplugin.com

2. What Data We Collect

2.1 End User Data (collected via the SDK)

• Phone number: Collected during the one-time verification process to activate the user on the Jingle network. This is essential for call routing.
• Device identifiers: A pseudonymised device token used to identify the Jingle endpoint. The Jingle Plug-In does not collect IMEI, Android ID, or advertising IDs.
• Country / region (from verified number): The user's country, derived from the phone number they verify during setup, used solely for geographic call routing. No location permission is requested and no precise GPS location is collected.
• Network state: Whether the device is connected to WiFi or mobile data, used solely to ensure call quality.
• Call metadata: Incoming call timestamps, duration, routing status, and the caller's phone number. Caller phone numbers are processed transiently for CLI-based call routing and are exposed to the host app only as call metadata; we do not use them to identify or profile callers, and they are retained only in line with our call-metadata retention policy (see Section 6). We never access or record call content or audio.
• Call quality metrics: Aggregated technical metrics (jitter, packet loss, codec performance) used to monitor and improve service quality. Retained for 30 days in aggregated form.
• IP address: Logged for connectivity and quality-of-service monitoring. Retained for 30 days in rolling logs.
• Error and diagnostic logs: Technical logs used to debug plug-in integration issues. Retained for 14 days.
• Audio (ephemeral): Audio data is processed in real-time for the purpose of call routing. It is never recorded, stored, or accessible after the call session ends.

2.2 App Developer Data

• Company name, contact email, and app identifiers provided during registration.
• Revenue and analytics data related to Jingle performance in your app.

2.3 Website Visitor & Enquiry Data

• Enquiry and application details: Name, work email, company, role, app details (name or store link), approximate monthly active users, target geographies, platform, timeline, and any message you choose to include, submitted via the partner application form or the AI chat assistant's contact form.
• AI chat transcripts: Messages you exchange with the website's AI chat assistant (see Section 12).
• Essential operational data: Standard web server logs (IP address, browser user agent, pages requested), used solely for security, abuse prevention, and capacity monitoring.
• Chat session identifier: A random identifier stored in your browser's local storage so the chat assistant can keep your conversation continuous. It identifies a browser session, not you, and is not used for advertising or cross-site tracking.

2.4 Data We Do NOT Collect

• Call audio recordings (audio is processed in real-time and never stored)
• SMS content
• Contact lists or address books (an optional contacts permission, where granted, is used only to display a saved contact's name on the incoming-call screen; contact data is read on-device only and is never uploaded or shared)
• Precise or GPS location of any kind
• Browsing history
• Photos, files, or other device content
• Advertising or tracking identifiers

3. How We Use Data

• Call routing: To route incoming calls to verified Jingle users via our network.
• Revenue calculation: To calculate and distribute revenue shares to app developers.
• Service operation: To maintain, monitor, and improve the Jingle service.
• Fraud prevention: To detect and prevent abuse of the network.
• Partner onboarding and support: To respond to enquiries and applications (including via the AI chat assistant), assess potential partnerships, and provide the Partner Portal.
• Legal compliance: To keep billing, accounting, and tax records we are legally required to hold.

We never use any collected data for advertising, profiling, selling to third parties, or any purpose other than operating the Jingle service.

4. Lawful Bases for Processing (UK GDPR / EU GDPR)

Where we act as processor for SDK end-user data, the lawful basis is established by the app developer as controller; the consent basis above reflects the consent flow we contractually require developers to implement before the plug-in is activated.

5. Data Sharing

We do not sell, rent, or trade personal data. Data may be shared with:

• Telecommunications partners: Phone numbers are shared with carrier interconnections solely for the purpose of call routing. These interconnections are bound by telecom regulations and contractual data protection obligations.
• Infrastructure providers: Cloud hosting and CDN providers who process data on our behalf under strict data processing agreements.
• App developers: We share aggregate, anonymised analytics about Jingle performance via the Partner Portal; Minutes Network™ does not provide developers with end users' phone numbers. Note that the plug-in delivers per-call completion events (caller number, duration, timestamp, outcome) to the host app on the device to enable call history and reward features - handling of that data within the app is governed by the developer's own privacy policy and our Data Processing Agreement.
• Legal requirements: Where required by law, regulation, or valid legal process.

7. Data Security

We implement industry-standard security measures including:

• Encryption in transit (TLS 1.3) and at rest (AES-256)
• Access controls and authentication for all internal systems
• Regular security audits and penetration testing
• Employee access limited to minimum necessary
• Incident response procedures compliant with GDPR 72-hour notification requirements

8. International Data Transfers

As a telecommunications service operating globally, data may be transferred to countries outside the UK/EEA. We ensure appropriate safeguards through:

• The UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, as issued by the Information Commissioner's Office, for restricted transfers from the UK
• EU Standard Contractual Clauses adopted by the European Commission, for transfers originating in the EEA
• UK adequacy regulations or European Commission adequacy decisions, where applicable
• Transfer risk assessments, and supplementary measures where those assessments identify them as necessary

Separately, we maintain data processing agreements with all sub-processors in accordance with Article 28 UK GDPR. You can request a summary of the safeguards applied to a specific transfer by contacting privacy@jingleplugin.com.

9. Your Rights (GDPR / UK DPA 2018)

End users and developers have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interest
• Withdraw consent: Withdraw consent at any time by deactivating Jingle, without affecting the lawfulness of processing carried out before withdrawal

We do not make decisions based solely on automated processing that produce legal or similarly significant effects about you.

How to exercise your rights: Contact privacy@jingleplugin.com. We will respond within one month of receiving your request; for complex or numerous requests we may extend this by up to two further months, and we will tell you within the first month if so. Exercising your rights is free of charge, unless a request is manifestly unfounded or excessive. We may ask you to verify your identity before acting on a request, to protect your data from unauthorised disclosure.

Where Minutes Network™ acts as processor for end-user data collected through the plug-in, the app developer is the controller responsible for your request. You may contact the developer directly through its app or privacy policy; if you contact us instead, we will pass your request to the relevant developer promptly and assist in fulfilling it, as required by our Data Processing Agreement.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk (Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF). If you are in the EEA, you may instead complain to the supervisory authority in the country where you live, work, or where the issue occurred. We would, however, appreciate the chance to address your concerns first.

10. Children's Privacy

Our services are business-to-business. This website and our partner services are not directed at anyone under 18, and we do not knowingly collect personal data from anyone under 18 through them.

Within partner apps, the Jingle Plug-In is designed to be activated only by adult users through the consent flow we require, and the app developer - as data controller - is responsible for ensuring its app, audience targeting, and consent flows are appropriate for its user base. Developers must not activate Jingle for users they know to be children.

If we become aware that we have collected personal data from a child, we will delete it promptly. If you believe a child has provided us with personal data, contact privacy@jingleplugin.com.

11. Cookies, Analytics & Website Data

This website does not use third-party analytics, advertising cookies, tracking pixels, or social media trackers, and we do not carry out cross-site tracking of any kind. The only data handled by the site itself is:

• Essential operational data: Standard web server logs (IP address, browser user agent, pages requested), retained for 30 days on a rolling basis and used solely for security, abuse prevention, and capacity monitoring.
• A chat session identifier: A random identifier stored in your browser's local storage so the AI chat assistant can keep your conversation continuous. It identifies a browser session, not you, is not used for advertising or cross-site tracking, and you can remove it at any time by clearing your browser's site data.
• Lead form submissions and chat transcripts: Details you choose to send us for follow-up, retained for up to 24 months from our last contact with you (see Section 6).

Third-party content: Our pages load fonts and styling libraries from third-party content delivery networks (Google Fonts and the Tailwind CSS CDN). When your browser requests those resources, your IP address is sent to the provider as part of the request; we do not send those providers any other information about you.

12. AI Chat Assistant

An AI chat assistant is available on this website to answer questions about the Jingle Plug-In and to capture partnership enquiries. If you use it:

• Your messages are sent to our servers and processed to generate answers and, where you ask us to get in touch, to capture your contact details for follow-up.
• Chat transcripts, and any contact details you provide through the chat, are retained for up to 24 months from our last contact with you and may be reviewed by our team to follow up on your enquiry and to improve answer quality.
• The assistant is informational only. Its answers do not form part of any contract and do not override our Terms, this Policy, the Data Processing Agreement, or any agreement you sign with us.
• Please do not share sensitive or special-category personal data (for example, health information) or other confidential information in the chat - it is intended for questions about the Jingle Plug-In and partnerships only.

13. SDK Developer Obligations

App developers integrating the Jingle Plug-In are required to:

• Include Jingle's data practices in their own privacy policy
• Obtain appropriate user consent before activating Jingle
• Accurately declare Jingle's data collection in app store data safety sections (Google Play Data safety policy)
• Comply with all applicable data protection laws in their markets

14. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated to app developers via email and reflected with an updated "Last updated" date at the top of this page. Earlier versions of this policy are available on request from privacy@jingleplugin.com. Continued use of the service constitutes acceptance of the updated policy.