MB KPM ESC (“we,” “our,” or “us”) provides an AI-driven communication and customer experience platform. We respect your privacy and are committed to protecting the personal information you entrust to us. This Privacy Policy explains what data we collect, how we use it, and your rights. We follow the EU’s General Data Protection Regulation (GDPR) and applicable European laws.

Our platform integrates calls, SMS, live chat, email, video meetings, social media messaging, team messaging, and more. We collect and process data needed to deliver these services effectively, while safeguarding your privacy. We use personal and usage data to operate our platform, communicate with you, improve our services, and comply with legal obligations. We do not sell your data to third parties.

Below, we outline the types of data we collect, how we use and share it, how we protect it, and your rights under GDPR. If you have any questions, contact us at contact@kpmesc.com.

Information We Collect

We collect information you provide directly and information collected automatically when you use our services:

• Identity and Contact Data: name, company name, position, email address, phone number, and billing details (if applicable).
• Account and Company Data: username, password (stored securely), company ID/registration number, account settings, and user preferences.
• Communication Content: call recordings, messages, emails, chat logs, video recordings, and any text or media content you send or receive through our platform.
• Technical and Usage Data: IP address, browser type, device type, operating system, device identifiers, pages visited, time stamps, and usage metrics (such as which features you use and how you navigate our platform).
• Performance and Analytics Data: engagement metrics, performance logs, error logs, and statistics to monitor and improve our services.
• Call and Interaction Metadata: dates, times, durations, participating user IDs, and other metadata associated with calls, chats, and meetings.
• Cookies and Tracking Data: data from cookies and similar technologies, including session identifiers and analytics (see Cookies section below).

We collect this data only as necessary to provide our services and improve our platform.

How We Use Your Information

We use your information for the following purposes:

• Service Delivery: To set up and operate your account, manage your use of our AI communication platform, and provide customer support. For example, to route calls, send messages, schedule video meetings, and generate chat or call transcriptions.
• Communication: To respond to your inquiries and send service-related announcements, such as account notifications, security alerts, or updates to our terms and policies.
• Payments and Billing: To process orders, send invoices, and manage payments for any subscription or services you purchase from us.
• Platform Improvement: To analyze how our platform is used and improve functionality, security, and user experience. For example, we may use data to optimize AI-driven workflows, detect and fix bugs, and develop new features.
• Research and Analytics: To generate aggregated, anonymized analytics about usage trends. We may use aggregated data to measure the performance of our services and for internal product research. Individual personal data is not identified in these reports.
• Legal Compliance and Protection: To comply with legal and regulatory obligations (such as accounting rules) and to protect our rights and property. For example, we may use your data to detect or prevent fraud or to establish, exercise, or defend legal claims.
• Marketing (with Consent): If you agree, we may use your contact information to send newsletters or marketing information about our products and services. You may opt out of marketing communications at any time (see “Your Rights” below).

We handle your data only for the purposes described here. We do not use your data for unrelated purposes without notifying you.

Legal Basis for Processing

We process personal data based on the following legal grounds under the GDPR:

• Performance of a Contract: When we need to use your data to provide our platform and fulfill our service agreement with you (including account setup, billing, and support).
• Legitimate Interests: For internal business purposes such as maintaining our platform’s security, ensuring the quality of our services, developing new features, and direct marketing (where applicable). These interests do not override your fundamental rights and freedoms.
• Consent: When you have given permission, for example to process call recordings or send marketing emails. You can withdraw consent at any time.
• Legal Obligations: To comply with applicable laws and regulations, such as financial recordkeeping or responding to lawful requests by authorities.

We will always ensure that our processing of personal data is lawful, fair, and transparent.

Call Recording & Transcription

Our platform allows you to record and transcribe calls, meetings, and conversations as part of our services.

• Recording and Transcription Usage: Recordings and transcriptions help us provide and improve our services (e.g., enabling you to play back conversations, automate tasks, or analyze interactions). They may be used for quality assurance, training AI models (in an anonymized manner), dispute resolution, or analytics.
• Consent and Notification: We comply with applicable laws on recording communications. Typically, we will inform all participants that a call or meeting may be recorded or transcribed. In jurisdictions where required, we seek consent before recording. You are responsible for obtaining any necessary consent from participants when using the recording/transcription features.
• Access and Storage: Call recordings and transcripts are stored securely and are accessible only to authorized users in your organization (and our personnel on a need-to-know basis). You may request deletion of recordings or transcripts by contacting us (see Contact section).

Data Retention & Security

• Retention: We retain your personal data only as long as necessary to fulfill the purposes stated above, or as required by law. For example, we keep billing and account records for the legally mandated period (typically several years). Usage data and communication logs are kept for the duration of your subscription plus an additional period, unless you ask us to delete them earlier. Once data is no longer needed, we delete it or anonymize it securely.
• Security: We implement industry-standard technical and organizational measures to protect your personal data. This includes encryption of data in transit and at rest, secure authentication methods, regular security assessments, and restricting access to authorized personnel only. While we strive to keep your data safe, no system can be completely impervious to threats. You are responsible for maintaining the security of your own account credentials.

Data Sharing & Disclosure

We do not sell or rent your personal data to third parties. We may share your information in the following limited circumstances:

• Service Providers: We engage trusted third-party vendors and partners to perform services on our behalf (such as cloud hosting, analytics, payment processing, and customer support). These providers are contractually obligated to use your data only to provide the agreed services and to safeguard your information in compliance with GDPR.
• Within Our Group: We may share data with our affiliated companies or subsidiaries as needed to deliver the platform and for administrative purposes. These entities also adhere to this Privacy Policy.
• Legal and Safety: We may disclose data if required by law, a court order, or government authority. We may also release data to protect our rights, property, or safety (for example, in cases of fraud or security breaches).
• Business Transfers: If MB KPM ESC undergoes a merger, acquisition, or sale of assets, user data may be transferred to the new owner. If this occurs, we will notify you and require that any new owner abide by this Privacy Policy or obtain your consent for any new data usage.

In all cases of sharing, we ensure appropriate safeguards and limit data access to what is necessary.

Cookies & Tracking

Our website and platform use cookies and similar tracking technologies to enhance your experience:

• Essential Cookies: Necessary for core functionality (like keeping you logged in or managing security).
• Performance and Analytics: To collect data about how visitors use our site (for example, Google Analytics or Matomo). This helps us understand usage patterns and improve our services.
• Preferences: To remember your settings and preferences.

You can control or reject non-essential cookies through your browser settings. Disabling certain cookies may affect the functionality of the website or platform.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Access: You can request a copy of the personal data we hold about you.
• Rectification: You can ask us to correct or update inaccurate or incomplete data.
• Erasure (Right to be Forgotten): You can request deletion of your personal data if it is no longer needed for the purposes we collected it, or if you withdraw consent. Certain legal obligations may require us to retain some data despite your request.
• Restriction of Processing: You can ask us to restrict processing if you believe the data is inaccurate, unlawful, or if you have objected to processing (pending verification).
• Data Portability: You can request a machine-readable copy of your data to transfer to another service provider.
• Objection: You can object to our processing of your data for direct marketing or for our legitimate interests. Once we have received your objection, we will stop processing your data for those purposes unless we have compelling legitimate grounds.
• Withdraw Consent: If our processing is based on your consent, you can withdraw that consent at any time for future processing.
• Lodge a Complaint: You may file a complaint with a data protection authority in the EU/EEA (for example, in Lithuania the State Data Protection Inspectorate) if you believe your rights have been violated.

To exercise your rights, please contact us at the details below. We will respond to verified requests without undue delay, as required by law.

Children’s Privacy

Our services are designed for business use and are not intended for children. We do not knowingly collect personal data from anyone under the age of 16. If we become aware that we have collected such data, we will take steps to delete it promptly. If you believe a minor has provided us with personal data, please contact us immediately.

International Data Transfers

MB KPM ESC is based in Lithuania (EU). We do not transfer personal data outside the European Economic Area (EEA) except as necessary to provide the service. When transfers do occur (for example, to cloud hosting providers or analytics services located outside the EEA), we take steps to ensure proper safeguards:

• We rely on the EU Standard Contractual Clauses or ensure the recipient is in a country recognized by the EU as having adequate protections.
• We require third parties to protect transferred data in accordance with GDPR requirements.

By using our services, you consent to such transfers and to the safeguards implemented for your data.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the revised policy on our website and update the “Last Updated” date above. We encourage you to review this page periodically. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

Contact Information

If you have any questions about this Privacy Policy or our data practices, you may contact MB KPM ESC at:

MB KPM ESC
Šiaulių r. sav., Kuršėnų kaimiškoji sen., Paringuvio k., Ringuvos g. 7A-3, LT-81107
Email: contact@kpmesc.com
Phone: +371 28662175