Privacy Policy

Effective Date: January 1st, 2025

1. Who We Are

Gixo Services Ltd (“we”, “us”, “our”) provides business-to-business telephone answering services, including Asterisk FreePBX hosting and Windows VM hosting for nCall applications. Our infrastructure is monitored and managed to ensure high availability, data protection, and service reliability.

2. Data We Collect

We collect and process only essential business data:

  • Client contact information (name, company address, email, phone)
  • Billing and payment details
  • System logs and access records from hosted environments

We do not collect data from your customers unless directly related to support, in which case such data is never stored and is accessed only transiently.

3. Why We Process Your Data

Your data is processed solely to:

  • Provide and support our services
  • Generate invoices and manage contracts
  • Resolve technical issues or provide bespoke programming

We only contact clients for operational reasons and never for marketing. We do not share or sell client data under any circumstances.

4. Monitoring and Logs

We monitor our infrastructure 24/7 using platforms like Zabbix, Atera, and Homer. These tools collect system-level data for performance, availability, and security diagnostics. Access is strictly logged, controlled via IP and RSA-key authentication, and reviewed as part of our operational security process.

5. Data Security

  • Access to servers is restricted via IP whitelisting and SSH RSA-key pairs
  • Multi-Factor Authentication (MFA) is enforced across critical systems
  • System logs and alerts are monitored continuously

We follow industry best practices to prevent unauthorized access and respond promptly to any security incident, though no such incidents have occurred to date.

6. Subprocessors and Hosting

We utilize the following service providers in our operations:

  • OVH and Hetzner – for data center hosting (EU, UK, US)
  • Zabbix, Atera, Homer – for monitoring and diagnostics

We ensure these vendors follow strict data protection standards and have appropriate agreements in place.

7. Data Transfers

We host data in the UK, EU, or US depending on the client’s region. When data is transferred internationally, we rely on legally recognized safeguards such as Standard Contractual Clauses (SCCs) where applicable.

8. Data Retention and Client Offboarding

Billing records are retained for a minimum of six years as required under UK tax laws. Upon service termination, clients have 14 days to request data (e.g., CDRs or nCall exports). After that, all client data is securely deleted from our systems. Configuration files and bespoke software remain the intellectual property of Gixo Services Ltd and are not transferred.

9. Your Rights

As a business client, you may:

  • Request access to your account data
  • Request corrections or updates
  • Request deletion (except where legal retention applies)

To make a request, please contact us using the details below.

10. Updates to This Policy

We may occasionally update this policy to reflect changes in regulation or our operations. Updates will be posted to this page with a new effective date.

11. Contact Information

Leo Fazzi
Privacy Officer, Gixo Services Ltd
Suite 4.3.02 Block 4 Eurotowers
Gibraltar, GX11 1AA
Email: [email protected]