Dial — Privacy Policy

Effective date: June 21, 2026

This Privacy Policy explains how we handle personal data in connection with Dial, our platform that provisions programmable voice, SMS, and WhatsApp numbers for AI agents (the "Service"), available at getdial.ai.

"Dial," "we," "us," and "our" mean Genway Inc, a Delaware corporation (EIN 35-2822767), 108 W 13th St, Wilmington, DE 19801, USA, for customers in the United States, and Genway Israel Ltd (company registration number 516887684), an Israeli company and subsidiary of Genway Inc, for customers elsewhere. "Dial" is the brand under which the Service is offered.

Two roles, two documents. This Privacy Policy covers personal data for which Dial is the controller — principally data about our account holders, website visitors, and marketing contacts. When we handle the personal data that flows through your calls and messages (recordings, message content, transcripts, and related metadata), we act as a processor on our customer's behalf, governed by our Data Processing Addendum (DPA). In that case the customer is the controller and its own privacy notice governs its end users.

1. Information we collect

Information you give us

  • Account information. Your name and email address.
  • Support and other communications. Messages you send us and information you choose to share when you contact support or correspond with us.
  • Marketing. Details you provide when you subscribe to updates or sign up for events.

Payments. Billing details (billing address, company name, payment-card data, and related information) are collected and processed by our payment processor, Stripe, which acts as an independent controller for that data under its own privacy policy. We do not store full payment-card details; we receive only limited confirmation and account-status information needed for billing.

Information generated through use of the Service

  • Usage and metadata. Call detail records (including recording references, call status, originating and destination numbers, timestamps, and duration), message metadata, API logs, and IP addresses.
  • Communications content. Call audio/recordings and SMS/WhatsApp message content that pass through the Service, together with transcripts. Transcription is performed by a third-party transcription provider. This content is generally processed on behalf of our customers under the DPA; it is hosted on our infrastructure.
  • Device and technical data. Information about the devices and systems that connect to the Service, collected through logs and similar means for security and operation.

Website data and product analytics

We currently do not use advertising or third-party analytics cookies on our public website beyond what is essential for the site to function. We use a third-party product-analytics provider to understand how the product is used. We may introduce analytics and advertising cookies in the future; if and when we do, we will update this Policy and, where required, present a cookie banner so you can manage your choices.

2. How we use personal data

  • To provide, operate, secure, and maintain the Service and your account;
  • To process billing and payments (through Stripe);
  • To prevent, detect, and investigate fraud, abuse, and violations of our Terms and Acceptable Use Policy, and to comply with carrier and platform requirements;
  • To provide support and respond to your requests;
  • To send you service and transactional messages, and — where permitted — marketing emails and newsletters, which you can opt out of at any time;
  • To comply with legal obligations and enforce our agreements; and
  • To produce aggregated or de-identified analytics and to improve the Service.

We do not train AI models on your content. We do not use call recordings, message content, or transcripts to train, fine-tune, or develop machine-learning or AI models. We use such content only to provide the Service to you.

3. Legal bases (EEA/UK)

Where the EU or UK GDPR applies, we rely on: performance of a contract (to provide the Service and manage your account); our legitimate interests (to secure and improve the Service, prevent abuse, and conduct direct marketing to business contacts), balanced against your rights; your consent (for certain marketing and, in future, non-essential cookies), which you may withdraw; and compliance with legal obligations.

4. Marketing communications

We send marketing emails and a newsletter to customers and people who opt in. You can unsubscribe using the link in any marketing email or by contacting us at [email protected]. We will still send you necessary service and account messages.

5. How we share personal data

We do not sell your personal data. We share it only as described here:

  • Service providers / sub-processors who help us run the Service, each under appropriate contractual protections — including providers of cloud hosting and infrastructure, telecommunications connectivity, speech-to-text and voice processing, logging and monitoring, and product analytics. All are currently located in the United States. A current list of our specific sub-processors, including their identities and locations, is available to customers on request at [email protected].
  • Stripe, our payment processor, for billing.
  • Within our group — between Genway Inc and Genway Israel Ltd — to operate the Service.
  • Legal and safety — to comply with law, lawful requests, and carrier or platform obligations, and to protect our rights, users, and the public.
  • Business transfers — in connection with a merger, acquisition, financing, or sale of assets.

6. International transfers

We host and process data in the United States. Where we transfer personal data from the EEA, the UK, or Israel to a country without an adequacy decision, we use appropriate safeguards, including the European Commission's Standard Contractual Clauses and the UK International Data Transfer Addendum. Israel benefits from an EU adequacy decision. You can request information about these safeguards at [email protected].

7. Data retention

We retain personal data for as long as your account is active and thereafter for as long as necessary for the purposes described in this Policy, including to provide the Service, comply with legal and regulatory obligations, resolve disputes, prevent abuse, and enforce our agreements. We do not apply fixed deletion timelines to account records and communications data, and may retain them on this basis. You may request deletion of your personal data as described in Section 9, and we will honor such requests subject to our legal and legitimate-business retention needs.

8. Security

We use technical and organizational measures designed to protect personal data, including encryption in transit and at rest, access controls, and logging and monitoring. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Your rights and choices

Depending on where you live, you may have some or all of the following rights regarding personal data we control:

  • EEA/UK (GDPR): access, rectification, erasure, restriction, portability, objection (including to direct marketing), and the right to withdraw consent and to complain to a supervisory authority.
  • Israel (Privacy Protection Law): the right to review and request correction or deletion of personal data held about you.
  • California (CCPA/CPRA): the right to know, access, delete, and correct personal information, and to opt out of "sale" or "sharing" (we do not sell or share personal information for cross-context behavioral advertising). We will not discriminate against you for exercising your rights, and you may use an authorized agent.

To exercise any right, email [email protected]. We may need to verify your identity. If your personal data was provided to us by one of our customers (for example, because you were contacted by their AI agent), please contact that customer directly; where appropriate we will refer your request to them as the controller.

10. Children

The Service is for business and professional use and is not directed to children. We do not knowingly collect personal data from anyone under 18 (or under 16 in the EEA).

11. Changes to this Policy

We may update this Policy from time to time. We will post the updated version with a new effective date and, where changes are material, take reasonable steps to notify you.

12. Contact us

For privacy questions or requests, contact us at [email protected].

United States: Genway Inc, 108 W 13th St, Wilmington, DE 19801, USA (EIN 35-2822767).

All other regions: Genway Israel Ltd (company registration number 516887684), Israel.

Our EU/UK representative under Article 27 of the GDPR is to be appointed; details will be added here once designated.