Skip to content
Legal

Privacy policy

How we collect, use, and protect personal data when you use Voxora.

Last updated: 24 June 2026

This privacy policy explains how Speed Connect Network Limited (trading as Voxora) ("Voxora", "we", "us", "our") collects and uses personal data when you visit our website, create an account, or use our cloud phone system. We are committed to protecting your personal data and handling it in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

The data controller for the personal data described in this policy is Speed Connect Network Limited (trading as Voxora), a company registered in England and Wales with company number 08003632, registered office 5 Brayford Square, London E1 0SG. We are registered with the Information Commissioner's Office (ICO) as required for the personal data we process, and our registration can be confirmed on the ICO's public register.

For questions about this policy or your data, contact our data protection contact at privacy@voxora.co.uk, or write to us at the registered office above.

2. Our role: when we are controller and when we are processor

For the personal data relating to your account, billing, our website, and our marketing, we are the data controller - we decide why and how it is used, and this policy explains how.

For the personal data inside the calls, recordings, transcripts, voicemails, and contacts that you process using the service - including data about your own staff and the people who call you - you are the controller and we act as your data processor, handling that data on your instructions to deliver the service, under the data protection terms agreed between us. If you are an employee of a Voxora customer, or someone who has called one, that customer controls how your data is used and you should contact them first (see section 15).

3. The personal data we collect

Depending on how you use Voxora, we may process the following categories of personal data:

  • Account and contact data: name, business name, email address, telephone number, job role, and login credentials.
  • Billing data: billing address, VAT details, payment card or bank details (held by our payment processor, not by us), invoices, and payment history.
  • Call data and metadata: call detail records (CDRs) such as the numbers involved, date, time, duration, direction, and call outcome, used to operate and bill the service.
  • Call recordings and transcriptions (where enabled): where you choose to enable call recording or AI call transcription, we process the recorded audio and any transcript or summary produced from it.
  • Website and analytics data: IP address, device and browser information, pages viewed, and similar information collected through cookies and similar technologies (see section 13).
  • Support data: the content of messages, tickets, and calls when you contact our support team.

4. How we use your data and our lawful bases

Under UK GDPR we must have a lawful basis for using your personal data. We rely on the following:

  • Performance of a contract - to provide the phone system, set up your account, route and connect calls, provide voicemail and other features, and deliver support.
  • Legal obligation - to meet our obligations such as keeping financial records, responding to lawful requests from regulators or law enforcement, and complying with telecoms regulation.
  • Legitimate interests - to run, secure, and improve the service, prevent fraud and abuse, manage billing, and communicate with you about your account, where this is not overridden by your rights and interests.
  • Consent - for certain marketing communications and for non-essential cookies. You can withdraw consent at any time.

5. Call recording and transcription

Call recording and AI call transcription are optional features that you, as our customer, choose to enable and control. Where you enable them, you are the controller of the recorded conversations and any transcripts, and you are responsible for telling callers that calls may be recorded and for obtaining any consents required by law. We process this content on your behalf to provide the feature, and we apply appropriate security and access controls. Recordings and transcripts are retained according to your settings and our retention periods (see section 9).

6. Marketing and your choices

We will always send you service messages about your account, billing, security, and important changes - you cannot opt out of these while you hold an account, as we need them to run the service.

We only send marketing by email or other electronic means where you have agreed, or where the law allows us to contact an existing customer about our own similar services (the "soft opt-in"). You can opt out of marketing at any time using the unsubscribe link in any marketing message or by contacting us, and we will stop. We handle electronic marketing in line with the Privacy and Electronic Communications Regulations (PECR) and UK GDPR.

7. Who we share data with

We do not sell your personal data. We share it only as needed to run the service, including with:

  • Carrier and network providers (including our wholesale voice carrier) to originate, route, and terminate calls and to port numbers.
  • Our payment processor, Stripe, to take payments securely. Stripe processes your payment details under its own terms and privacy policy.
  • Sub-processors and service providers that help us host, secure, support, and improve the platform (for example cloud hosting and, where you enable AI transcription, the transcription provider that processes the audio).
  • Regulators, law enforcement, or other authorities where we are required to do so by law (see section 8).
  • Professional advisers or a buyer in connection with a corporate transaction, subject to appropriate confidentiality.

A current list of our sub-processors is available on request from privacy@voxora.co.uk.

8. Communications data and lawful requests

As a provider of an electronic communications service, we may be required by law to retain certain communications data (such as call detail records) for defined periods, and to disclose data in response to a valid legal request - for example from law enforcement, a court, or a regulator. Where we receive such a request we disclose only what we are legally required to provide, and we keep a record of the request. We do not give any third party general or routine access to the content of your calls.

9. How long we keep data

We keep personal data only for as long as necessary for the purposes set out in this policy. We keep account and billing records for as long as you have an account, and afterwards only for as long as we need to meet our legal, accounting, and tax obligations (for financial records this is generally six years). Call recordings and transcriptions are kept for as long as you choose to keep them in your account settings; we delete or anonymise data once it is no longer needed for the purposes in this policy. You can ask us about the retention that applies to a particular type of data at any time.

10. Automated decision-making

We do not make decisions that produce legal effects, or similarly significant effects, about you based solely on automated processing. We use automated systems to help detect and prevent fraud, abuse, and security threats (for example unusual call patterns), but these support - rather than replace - human judgement where a decision would significantly affect you.

11. International transfers

We aim to host and process personal data in the UK or the European Economic Area. Where any of our providers process data outside the UK, we put appropriate safeguards in place as required by UK data protection law, such as the UK International Data Transfer Agreement or addendum, or transfers to countries the UK government recognises as providing adequate protection.

12. Security

We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and monitoring. No system is completely secure, but we work hard to protect your data. In the event of a personal data breach: where we act as controller, we will notify the ICO and affected individuals where we are legally required to do so; where we act as processor for one of our customers, we will notify that customer without undue delay so they can meet their own obligations.

13. Cookies

Our website uses cookies and similar technologies to make the site work and to understand how it is used. Essential cookies are needed for the site and your account to function. Non-essential cookies, such as analytics, are used only where you have given consent. You can manage your preferences through your browser and through any cookie controls we provide.

14. Children

Our service is intended for businesses and is not directed at children. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, please contact us and we will delete it.

15. Your rights

Under UK GDPR you have rights over your personal data, including the right to:

  • access a copy of the personal data we hold about you;
  • have inaccurate data corrected;
  • have your data erased in certain circumstances;
  • restrict or object to certain processing;
  • data portability, in certain circumstances; and
  • withdraw consent where we rely on it.

To exercise any of these rights, contact us at privacy@voxora.co.uk. Where we are the controller of your data, we will respond within the timescales set by law. If your data is processed by us on behalf of a Voxora customer (for example, if you are an employee or someone who has called one of our customers), that customer is the controller and you should contact them first; we will assist them in responding to your request.

16. Complaints to the ICO

If you are unhappy with how we have handled your personal data, you can complain to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection, at ico.org.uk. We would, however, appreciate the chance to address your concerns first, so please contact us before approaching the ICO.

17. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top shows when it was last changed. Where changes are significant, we will take reasonable steps to bring them to your attention.