Privacy Policy

This Privacy Policy explains how BUFRO LTD collects and uses personal data for the BuFro website, web application, customer support, payments, and digital voice services.

1. Data controller

The data controller is BUFRO LTD, company number 17182686, a private company limited by shares registered in England and Wales. Registered office: 71-75 SHELTON STREET, COVENT GARDEN, LONDON, UNITED KINGDOM, WC2H 9JQ.

2. Personal data we collect

• Account data, such as name, phone number, login details, language, and account status.
• Transaction data, such as wallet top-up amount, currency, payment status, invoice records, and processor reference.
• Call service data, such as caller number, recipient number, destination country, language pair, selected service mode, timestamps, estimated cost, and opt-out status.
• Support data, such as email messages, WhatsApp messages, support requests, and complaint information.
• Technical data, such as device, browser, IP address, security logs, and local storage preferences.
• Where required for the selected service, voice, transcript, or translation processing data may be processed to provide the service.

3. How we use personal data

• To create and secure accounts.
• To provide voice translation, calling, wallet, and support services.
• To process payments, refunds, invoices, disputes, and fraud checks.
• To comply with legal, tax, accounting, sanctions, telecom, and security obligations.
• To detect misuse, enforce opt-out requests, and protect recipients and users.

4. Lawful basis

We process personal data where necessary to perform a contract, comply with legal obligations, protect legitimate business and security interests, handle claims or disputes, or where consent is required by law.

• Contract: account creation, call setup, wallet balance, customer support, and enterprise services.
• Legal obligation: tax, accounting, fraud prevention, sanctions, telecom compliance, and regulatory requests.
• Legitimate interests: service security, abuse prevention, route quality, dispute defence, product reliability, and business administration.
• Consent: optional marketing, non-essential cookies if introduced, and call recording or retained transcripts where consent is legally required.

5. Service providers

We may share data with providers that help us operate BuFro, including cloud hosting, Firebase/Google Cloud, payment processors such as Stripe or Paynkolay, telecom and SMS providers, analytics or security tools, legal/accounting providers, and customer support tools. These providers may process data only as needed for their services and legal obligations.

Payment processors may receive payment, billing, fraud-prevention, device, and authentication information. BuFro does not store full card numbers, card security codes, or bank authentication credentials on its own servers.

6. International transfers

BuFro is a cross-border digital service. Personal data may be processed in the United Kingdom, European Economic Area, Turkiye, United States, or other countries where our service providers operate. Where required, we use appropriate transfer safeguards.

7. Retention

We keep personal data only as long as needed for service delivery, security, accounting, tax, legal, dispute, and compliance purposes. Payment and accounting records may be retained for statutory periods. Call and technical logs are kept for operational and security needs, then deleted or anonymised where practical.

• Account and billing records: for the life of the account and then as required for tax, accounting, fraud prevention, or legal claims.
• Payment records: retained according to payment processor, accounting, tax, chargeback, and anti-fraud requirements.
• Call metadata and opt-out records: retained as needed to provide the service, prove delivery, handle disputes, prevent abuse, and honour opt-out requests.
• Voice, transcript, and translation content: processed only as needed for the selected service unless an explicit product feature, support request, legal duty, or enterprise agreement requires retention.
• Support messages: retained as needed to resolve requests and maintain complaint, refund, and compliance records.

8. Your rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, request portability, withdraw consent, or complain to a data protection authority. To make a request, contact onasuh@mysimtr.site or orhunnasuh@gmail.com.

If you are in the United Kingdom, you can also complain to the Information Commissioner's Office at ico.org.uk/make-a-complaint. We ask that you contact us first so we can try to resolve your concern.

9. Security

We use technical and organisational measures designed to protect personal data, including access controls, hosted payment processors, authentication, and operational monitoring. No internet service can be guaranteed to be completely secure.

10. Automated checks and abuse prevention

We may use automated or semi-automated checks to detect fraud, payment risk, spam, sanctions risk, recipient opt-out matches, security threats, or misuse. These checks may affect whether a payment, account, route, or call is allowed. You can contact us if you believe a restriction was applied incorrectly.

11. Data sources and required information

Most data is collected directly from you when you register, use the service, contact support, or make a payment. We may also receive payment status, fraud, dispute, and authentication data from payment processors; delivery and routing data from telecom providers; and opt-out or abuse signals from recipients. Some account, payment, and call information is required to provide the service; without it, we may not be able to create an account, process payment, or deliver calls.

12. Marketing

We do not sell personal data. If we send marketing messages, you can opt out at any time. Service, security, payment, legal, and account messages may still be sent where necessary.

13. Children

BuFro is not intended for children under 18. We do not knowingly provide accounts to children.

14. Changes

We may update this Privacy Policy when our services, providers, laws, or operations change. The latest version will be published on this page.

15. Contact

Email: onasuh@mysimtr.site / orhunnasuh@gmail.com. WhatsApp: +90 531 294 05 34.