Privacy Policy
Last updated 9 July 2026 · CallLatch · ABN 27 303 263 028
CallLatch ("we", "us") is a missed-call recovery service operated by a sole trader in Sydney, Australia. This policy explains what information we collect, why, and how we handle it, in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
What we collect
- From our clients (the businesses that subscribe): business name, contact name, email, mobile number, suburb, and payment details. Payments are processed by Stripe — we never see or store your full card number.
- From our clients' callers: when a call to a client's number rings out and is forwarded to CallLatch, we record the caller's phone number, the time, and the text of any SMS reply they send. This is the service working as described — capturing the missed call so the business can respond.
- From website visitors: standard technical logs (via Cloudflare) used for security and performance. We don't run advertising trackers.
Why we collect it
- To deliver the service: sending the text-back, alerting the business, and showing the business its own call activity in its dashboard.
- To bill subscriptions and provide support.
- To meet our legal obligations, including the Spam Act 2003 — every automated text identifies the business and includes a STOP opt-out, which is honoured automatically.
Who can see it
Each client can only see activity for their own business — caller numbers and replies belong to that business and are never shared with anyone else, used for marketing, or sold. Ever.
We use a small number of service providers to run CallLatch: Twilio (call forwarding and SMS), Cloudflare (website, database and email routing) and Stripe (payments). Each receives only what it needs to do its job, and some may process data outside Australia under their own privacy safeguards.
How long we keep it
Call and message records are kept while the client's subscription is active so their dashboard and statements work. If a client cancels, their conversation records are deleted within 30 days, and their number is released. Clients can request a full export of their data at any time and we'll provide it within 48 hours.
Security
Data is stored with Cloudflare in an encrypted database. Dashboard logins use hashed passwords and secure session cookies. All traffic is over HTTPS.
Opting out (for callers)
If you received a text from a business via CallLatch and don't want any more, reply STOP — it's honoured automatically. The text you received was a reply to your own call, not marketing.
Access, correction and complaints
Email [email protected] to access or correct your information, ask questions, or make a complaint. We'll respond within a few business days. If you're not satisfied, you can contact the Office of the Australian Information Commissioner (oaic.gov.au).