Privacy Policy
Last updated: Jun 27, 2026
Effective for: Rojiroti TC — the internal telecaller platform at https://tc.rojiroty.com, its mobile application, and related workforce services operated by RojiRoty ("RojiRoty", "we", "us", or "our").
This Privacy Policy describes how we collect, use, disclose, retain, and protect personal information when authorized team members use Rojiroti TC (the "Service"). It is intended to meet Google Play's User Data policy and applicable privacy laws, including India's Digital Personal Data Protection Act, 2023 (DPDPA), where applicable.
Rojiroti TC is for internal workforce use only. Accounts are created by RojiRoty administrators; there is no public sign-up, no self-registration, and no open enrollment on https://tc.rojiroty.com or in the mobile app. Only employees and authorized contractors with a provisioned account may sign in.
By accessing the Service with credentials provisioned by your organization, you acknowledge that you have read this Privacy Policy.
1. Who this policy applies to
The Service is a private, internal business workforce tool for authorized RojiRoty telecalling staff and operations managers (agents, recruiters, team leaders, and administrators). It is not a consumer-facing product and is not offered to the general public.
- Access requires an account created for you by an administrator in the RojiRoty CRM.
- There is no public registration on https://tc.rojiroty.com or in the mobile app.
- The Service is not intended for children and is not directed to anyone under 18 years of age.
If you are using the Service on behalf of RojiRoty or a partner organization, your employer or contracting party may also have policies that apply to your work data.
2. Information we collect
We collect information in the following categories:
2.1 Account and profile information
Information provided or assigned by your organization when your telecaller account is created:
- Full name
- Work email address
- Mobile phone number (used for login and identification)
- Role (for example: agent, recruiter, team leader)
- Account status and last activity timestamp
2.2 Authentication and security data
When you sign in with phone OTP on the web portal (https://tc.rojiroty.com) or mobile app:
- One-time passwords (OTPs) sent to your registered mobile number
- OTP verification attempts and expiry metadata
- API session tokens (for example, Laravel Sanctum bearer tokens on mobile; web session cookies on the portal)
- Optional device name you provide at mobile login (for session management)
We do not offer open registration. Mobile login uses OTP; managers may also sign in on the web with email and password where enabled.
2.3 Work activity and performance data
When you use calling, queue, and CRM features, we process:
- Agent availability status (for example: active, busy, break, offline) and presence logs
- Leads and enrollments assigned or queued to you
- Outbound call records initiated from the App
- Call dispositions, wrap-up notes, sub-options, and timestamps
- Scheduled callbacks and follow-up tasks you create or complete
- Dashboard and progress metrics derived from your calling activity
2.4 Lead and prospect information you access
To perform telecalling work, the App displays information about leads and delivery-partner prospects supplied by your organization, which may include:
- Name and contact phone number (often masked in list views; full number may be used only when you initiate a call)
- City, state, pincode, and language preferences
- Vehicle or onboarding-related attributes
- Client/campaign enrollment status and referral or performance data
- Prior contact history, remarks, and timeline events
You should only use this information for authorized business calling and must not copy, export, or misuse it outside the Service.
2.5 Call-related technical data
Depending on your organization's telephony configuration:
- Device dialer mode: the Service may open your phone's native dialer (
tel:link). Calls are placed from your SIM; we record call metadata and dispositions you enter in the Service, not your device's native call log. - Cloud telephony mode (Exotel): when enabled, call initiation and status updates may be processed through our telephony provider. Call recordings may be stored when recording is enabled for quality assurance (QA) and compliance review.
2.6 Technical and service logs
Our servers may automatically collect:
- IP address, request timestamps, and API access logs
- Error and diagnostic information needed to secure and operate the service
- App/API version and configuration flags returned at bootstrap (for example, calling mode, filter catalogs)
We do not use the Service to collect precise GPS location from your device unless a future feature explicitly requests that permission and updates this policy.
2.7 Microphone (optional voice dictation)
When you tap the microphone button on call-note fields, the app may use your device microphone to transcribe speech into text. Audio is processed on-device or via your platform speech service; we do not store raw audio recordings in the CRM unless your organization configures otherwise.
2.8 Device call log cleanup (optional)
On Android, after you save a call disposition, the app may request permission to remove the matching outbound entry from your device's native call log so lead numbers are not left in personal call history. This is optional; the app works if you deny call-log access.
3. How we use your information
We use personal information to:
| Purpose | Examples |
|---|---|
| Provide the Service | Login, session management, lead queue, dialer, dispositions, callbacks, tasks |
| Workforce operations | Assign leads, track productivity, manage campaigns and enrollments |
| Security & fraud prevention | OTP rate limits, token revocation, abuse detection |
| Quality & compliance | QA review of calls and recordings where enabled by your organization |
| Service improvement | Debugging, performance monitoring, feature configuration |
| Legal obligations | Respond to lawful requests and enforce our terms |
Legal bases (where applicable): performance of your work arrangement with RojiRoty or its partners, legitimate interests in operating a secure CRM and telecalling platform, and compliance with law.
4. How we share information
We do not sell your personal information.
We may share information only as follows:
4.1 Service providers (processors)
| Provider | Purpose | Data involved |
|---|---|---|
| Nimbus IT (or configured SMS gateway) | Deliver login OTP SMS | Phone number, OTP message content |
| Exotel (when enabled) | Cloud calling, call status, recordings | Agent phone, lead phone, call metadata, recordings |
| Cloud hosting & infrastructure | Secure storage and delivery of the App and API | Account, activity, and lead data stored on our systems |
These providers are authorized to process data only to perform services for us and subject to appropriate contractual safeguards.
4.2 Your organization
Managers, operations staff, and administrators authorized by RojiRoty may access your activity, assignments, and performance data within the CRM for workforce management, reporting, and QA.
4.3 Legal and safety
We may disclose information if required by law, court order, or government request, or when necessary to protect rights, safety, and security of users, RojiRoty, or the public.
4.4 Business transfers
If RojiRoty undergoes a merger, acquisition, or asset sale, user information may transfer as part of that transaction, subject to this policy or equivalent protections.
5. Data retention
We retain information for as long as needed to provide the App and for legitimate business purposes, including:
- Active accounts: profile, session, and work activity data while your account remains active.
- OTP records: short-term retention (typically minutes) until verification or expiry.
- Call and lead records: may be retained for reporting, QA, and legal compliance even after your telecaller account is deactivated, as required by RojiRoty and applicable law.
- Deleted telecaller accounts: when you delete your account in the mobile app, we revoke access tokens, remove your phone number from the account, anonymize personal identifiers (name/email), and mark the account inactive. Historical call activity tied to your agent ID may remain in anonymized or pseudonymized form for business records.
Retention periods may vary by data type and organizational policy. Contact us to request more detail.
6. Your choices and rights
Depending on applicable law, you may have the right to:
- Access personal information we hold about you
- Correct inaccurate account information (often via your administrator)
- Delete your telecaller account in the mobile app (Menu → Delete account), which requires OTP confirmation — available only to provisioned mobile users
- Withdraw consent where processing is consent-based (without affecting prior lawful processing)
- Lodge a complaint with a supervisory authority
Account deletion (Google Play requirement): Authenticated mobile users can delete their account in-app (OTP required) or via DELETE /api/v1/mobile/auth/account. Step-by-step instructions are published at https://tc.rojiroty.com/delete-account. After deletion you cannot log in again with the same phone number until an administrator creates a new account.
To exercise other rights, email info@rojiroty.com or contact your RojiRoty administrator.
7. Security
We implement administrative, technical, and organizational measures designed to protect personal information, including:
- Encrypted transport (HTTPS/TLS) for API communication
- Token-based mobile authentication with expiration
- OTP rate limiting and verification attempt caps
- Role-based access controls in the CRM
- Phone number masking in lead list views
- Access logging and operational monitoring
No method of transmission or storage is 100% secure. Please protect your device and do not share OTP codes.
8. International data transfers
Our servers and service providers may process data in India and other countries where our infrastructure or subprocessors operate. Where required, we implement appropriate safeguards for cross-border transfers.
9. Children's privacy
The Service is not directed to children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us data, contact info@rojiroty.com and we will take appropriate steps.
10. Third-party links and dialer
The Service may open external apps (for example, your phone dialer or WhatsApp links where configured). Those services are governed by their own privacy policies. We are not responsible for their practices.
11. Changes to this policy
We may update this Privacy Policy from time to time. We will post the revised version at https://tc.rojiroty.com/privacy-policy and update the "Last updated" date. Material changes may also be communicated through the App or your administrator. Continued use after changes constitutes acceptance of the updated policy.
12. Google Play data safety summary
For Google Play compliance, this internal workforce app:
| Topic | Practice |
|---|---|
| Audience | Authorized RojiRoty telecallers only — not for children or the general public |
| Registration | Administrator-provisioned accounts only; no external sign-up |
| Data collected | Name, work phone, email, call activity, dispositions, device session tokens; optional microphone for voice notes; optional call-log cleanup on device |
| Sensitive permissions | Phone (outbound calls), optional call log (device cleanup), optional microphone (voice dictation) — disclosed in-app before use |
| Data shared | SMS/OTP provider, cloud telephony (when enabled), hosting providers — not sold |
| Account deletion | In-app with OTP; instructions at https://tc.rojiroty.com/delete-account |
| Encryption | Data in transit protected with HTTPS/TLS |
See sections above for full detail.
13. Contact us
RojiRoty — Rojiroti TC
Website: https://tc.rojiroty.com
Email: info@rojiroty.com
For workplace-specific questions about lead data, account access, or employment records, contact your team leader or operations manager.