Privacy Policy
Last updated: 8 March 2026
1. Who we are
PiPcall Ltd (“we”, “us”, “our”) is the data controller for personal data processed through switch.pipcall.com (the “Platform”), our BT One Phone migration platform. If you have any questions about how we handle your data, or wish to exercise your rights, please contact us at privacy@pipcall.com.
2. Data we collect
We collect and process the following categories of personal data through the Platform:
Enquiry form submissions
Name, email address, phone number, company name, and any notes you provide when submitting an enquiry.
Migration case data
Company details, contact details, BT account references, CUG references, DDI ranges, and number counts required to process your migration.
Letter of Authority (LOA) signing
Signer name, job title, company name, address, email address, phone number, typed signature, IP address, and user agent string. This information is captured to create a legally binding record of authorisation.
Portal access
Email address and access tokens used to authenticate your session when viewing migration progress.
Communication logs
Email addresses, subject lines, and timestamps of emails sent through the Platform in connection with your migration.
3. Legal bases for processing
We rely on the following legal bases under the UK General Data Protection Regulation (UK GDPR):
- Contract performance — Processing your data is necessary to deliver the migration service you have requested, including coordinating with BT, managing your migration case, and generating LOA documents.
- Legitimate interest — We process data for business communications, service improvement, and the secure operation of the Platform. We have assessed that these interests do not override your rights and freedoms.
- Consent — Where you submit an enquiry form or opt in to marketing communications, we process your data on the basis of your consent. You may withdraw consent at any time by contacting privacy@pipcall.com.
4. Third-party processors and data sharing
We share personal data with the following third parties, each acting as a data processor or joint controller where applicable:
| Provider | Purpose | Location | Safeguards |
|---|---|---|---|
| SendGrid (Twilio) | Email delivery | United States | EU Standard Contractual Clauses |
| Pipedrive | CRM | European Union | EU-based processing |
| Railway | Platform hosting | United States | EU Standard Contractual Clauses |
| BT | Migration partner | United Kingdom | Data shared as required for service migration |
Where data is transferred outside the UK, we ensure appropriate safeguards are in place, including EU Standard Contractual Clauses (SCCs) as recognised under UK GDPR.
5. Data retention
We retain personal data only for as long as necessary for the purposes set out in this policy:
- Active migration cases — Retained for the duration of the migration plus 2 years.
- Completed migration cases — Retained for 2 years after completion, then anonymised.
- Portal access tokens — Automatically expire after 24 hours.
- LOA documents — Retained for 7 years as contractual records.
- Communication logs — Retained for 2 years.
6. Your rights
Under UK GDPR, you have the following rights in relation to your personal data:
- Right of access — Request a copy of the personal data we hold about you.
- Right to rectification — Request correction of inaccurate or incomplete data.
- Right to erasure — Request deletion of your personal data where there is no compelling reason for continued processing.
- Right to data portability — Request a machine-readable copy of data you have provided to us.
- Right to object — Object to processing based on legitimate interest.
- Right to complain — Lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.
To exercise any of these rights, please email privacy@pipcall.com. We will respond within one month of receiving your request.
7. Security
We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS), token-based authentication for portal access, and access controls limiting data access to authorised personnel.
8. Changes to this policy
We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.
9. Contact us
If you have any questions about this privacy policy or our data practices, please contact us at privacy@pipcall.com.