This Privacy Policy applies to Kamunic8 and its related services. By using our platform, you agree to the practices described here. We comply with the Protection of Personal Information Act, 2013 (POPIA) of South Africa and applicable data protection laws across the jurisdictions in which we operate.
1. Who We Are
Kamunic8 ("we", "our", or "us") is a technology company incorporated in South Africa, providing AI-powered call centre and communication management software to businesses across Africa. Our registered contact address for data protection enquiries is privacy@kamunic8.com.
We act as the responsible party (as defined under POPIA) for personal information we process about you, and as a operator for personal information you ask us to process on behalf of your customers.
2. Information We Collect
2.1 Account and Business Information
When you register for or use Kamunic8, we collect:
- Full name, business name, and job title
- Email address and phone number
- Billing and payment details (processed by our payment providers — we do not store full card numbers)
- Country and time zone
- Twilio credentials and WhatsApp Business API credentials you provide to connect your numbers
2.2 Customer Interaction Data
Through your use of our AI voice and messaging features, we process data relating to your customers on your behalf. This includes:
- Inbound and outbound call recordings and transcripts
- WhatsApp message threads and broadcast campaign content
- Caller phone numbers and contact details provided during calls
- Appointment bookings, reschedule requests, and confirmed slot data
- CSAT scores and sentiment analysis outputs
You are responsible for ensuring your customers have been appropriately informed about and, where required, have consented to the recording and AI processing of their calls and messages.
2.3 Usage and Technical Data
- Log data: IP addresses, browser type, device identifiers, pages visited
- Dashboard usage patterns and feature interaction metrics
- Error logs and performance diagnostics
- Session tokens and authentication records
2.4 Cookies and Tracking
We use strictly necessary cookies for authentication and session management. We do not use third-party advertising cookies. You may disable non-essential cookies in your browser settings without affecting core functionality.
3. How We Use Your Information
We use the information we collect to:
- Deliver and operate the service — routing calls, processing WhatsApp messages, generating analytics, and powering the live dashboard
- Provide AI features — transcribing calls, scoring sentiment, booking appointments, and generating auto-replies via our AI voice and messaging engines
- Billing and account management — processing payments, sending invoices, and managing subscriptions
- Communications — sending service notifications, product updates, and support responses to your registered email
- Security and fraud prevention — monitoring for abuse, verifying account activity, and protecting our infrastructure
- Legal compliance — retaining records as required by applicable law
- Service improvement — analysing aggregated, anonymised usage patterns to improve AI accuracy and platform performance
We do not sell your personal information or your customers' personal information to any third party. We do not use call recordings or transcripts to train our AI models without your explicit written consent.
4. Third-Party Processors
We share information with the following sub-processors to deliver our service. All processors are bound by data processing agreements and appropriate safeguards:
- Twilio — telephony infrastructure for voice calls and SMS
- VAPI — AI voice agent processing and call orchestration
- Meta (WhatsApp Business API) — messaging delivery and thread management
- Google Firebase — authentication, database, and cloud storage
- Google Cloud Platform — secure secret management and infrastructure
- SendGrid (Twilio) — transactional email delivery
- OpenAI — natural language understanding and response generation
We will notify you of any material changes to our list of sub-processors at least 14 days in advance where operationally feasible.
5. Call Recordings and AI Processing
Kamunic8 records calls handled by the AI agent by default, as this is necessary to provide transcription, CSAT scoring, and agent coaching features. You may configure your account to disable call recording for specific numbers or call flows, subject to applicable local laws that may require retention.
Call recordings are stored for 90 days by default. You may download or delete recordings at any time through the dashboard. After 90 days, recordings are permanently deleted from our systems unless you have enabled extended retention on your plan.
Your obligation: If you operate in a jurisdiction that requires parties to a call to be notified that the call is being recorded (e.g., two-party consent states), you are responsible for playing an appropriate disclosure message at the start of each call. Kamunic8 provides configurable intro prompts to help you comply.
6. Data Retention
- Call recordings: 90 days (configurable)
- Call transcripts and AI summaries: 12 months
- WhatsApp message threads: Duration of your subscription + 30 days post-termination
- Account data: Retained for the life of your account and deleted within 60 days of account closure upon request
- Aggregated analytics: Retained indefinitely in anonymised form
- Billing records: 5 years, as required by South African tax law
7. Your Rights Under POPIA
As a data subject under the Protection of Personal Information Act, 2013, you have the right to:
- Access — request a copy of the personal information we hold about you
- Correction — request that inaccurate or incomplete information be corrected
- Deletion — request that we delete your personal information, subject to our legal retention obligations
- Objection — object to processing of your personal information on legitimate grounds
- Complaint — lodge a complaint with the Information Regulator of South Africa at inforegulator.org.za if you believe your rights have been infringed
To exercise any of these rights, email us at privacy@kamunic8.com. We will respond within 30 days, as required by POPIA.
8. International Data Transfers
Our sub-processors operate data centres globally, including in the United States and European Union. When we transfer personal information outside South Africa, we ensure that appropriate safeguards are in place — including standard contractual clauses or adequacy decisions — consistent with POPIA Section 72.
9. Security
We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, role-based access controls, and Google Cloud Secret Manager for API credential storage. We conduct periodic security reviews and penetration testing.
In the event of a data breach that is likely to prejudice your rights, we will notify you and the Information Regulator within the timeframes prescribed by POPIA.
10. Children
Kamunic8 is a business-to-business service. We do not knowingly collect personal information from individuals under the age of 18. If you believe a minor has provided us with personal information, please contact us immediately at privacy@kamunic8.com.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting a prominent notice on our website at least 14 days before the changes take effect. Your continued use of the service after the effective date constitutes acceptance of the updated policy.
12. Contact Us
For any privacy-related enquiries or to exercise your data subject rights:
- Email: privacy@kamunic8.com
- General: hello@kamunic8.com
- Location: South Africa
Information Regulator of South Africa: www.inforegulator.org.za