Privacy Policy

Effective date: [2 March 2026]
Last updated: [2 March 2026]

This Privacy Policy explains how CallsU a brand owned and operated by CES Communications Ltd. (trading as CES, “we”, “us”, or “our”) collects, uses, stores, shares, and protects personal data when you visit callsu.com, contact us, request information, book a meeting, submit a form, or otherwise interact with us.

This Policy is intended to support transparency under applicable data protection laws, including the UK GDPR, the EU GDPR (where applicable), and related privacy and electronic communications rules.

If you have any questions about this Policy or how we handle personal data, please contact us using the details below.

1. Who we are

Controller:
CES Communications Ltd.
Regent House, 61 Bisazza Street, SLM1640
C58105
Malta

Trading name: CallsU
Website: callsu.com
General contact: support@callsu.net
Privacy contact: privacy@callsu.net

For most website and direct business enquiries, we act as the data controller for the personal data described in this Policy. In some service-delivery scenarios, we may act as a processor on behalf of our business customers under a separate contract.

2. Scope of this Policy

This Policy applies to personal data collected through:

visits to callsu.com;
contact forms, demo requests, meeting bookings, and enquiry submissions;
email, telephone, and other direct communications with us;
newsletter, thought leadership, or business update sign-ups (if used);
cookies and similar technologies on our website;
lead-generation, sales, and account-management interactions;
supplier, partner, and prospective customer communications.

This Policy does not necessarily cover personal data we process solely on behalf of customers as a processor in the course of delivering contracted services. In those cases, the relevant customer will typically be the controller and their privacy notice will also apply.

3. The personal data we collect

Depending on how you interact with us, we may collect the following categories of personal data:

A. Identity and contact data

name;
job title;
company name;
business email address;
business phone number;
postal address (where relevant).

B. Enquiry and communications data

the contents of your messages, enquiries, or requests;
meeting notes;
call records and correspondence;
information you provide when requesting a proposal, consultation, or service information.

C. Technical and usage data

IP address;
browser type and version;
device type;
operating system;
referring URL;
pages viewed;
session timing;
approximate location derived from IP;
website interaction data collected through analytics or similar tools.

D. Marketing and preference data

communication preferences;
consent records;
subscription choices;
engagement data (for example, whether emails are opened or links are clicked, if tracking is enabled lawfully).

E. Commercial and relationship data

organisation type;
market or sector;
status as a prospect, customer, partner, or supplier;
pipeline or account stage;
records relevant to proposals, onboarding, service delivery, or relationship management.

We do not intentionally collect special category data through the website unless it is clearly and lawfully required. Please do not submit unnecessary sensitive personal data through our website forms.

4. How we collect personal data

We collect personal data:

directly from you when you submit forms, contact us, book a meeting, or communicate with us;
automatically when you use our website, through cookies, analytics, server logs, and similar technologies;
from publicly available business sources (for example, corporate websites or professional profiles) where permitted by law;
from referrals, business introductions, or partners;
from our customers or prospective customers during legitimate B2B sales and onboarding discussions.

Where we collect personal data indirectly, we will handle it in accordance with applicable law and provide information as required.

5. Why we use personal data and our legal bases

We only process personal data where we have a valid legal basis.

A. To respond to enquiries and requests

We use your data to respond to contact requests, demo bookings, service enquiries, and general communications.

Legal basis:

legitimate interests (running and responding to business enquiries); and/or
taking steps prior to entering into a contract.

B. To provide and manage our services

We use personal data to prepare proposals, onboard customers, manage accounts, provide services, support customers, and maintain commercial relationships.

Legal basis:

performance of a contract;
legitimate interests; and/or
compliance with legal obligations.

C. To operate, secure, and improve our website

We use technical and usage data to maintain website functionality, diagnose issues, prevent misuse, improve performance, and understand how the website is used.

Legal basis:

legitimate interests; and/or
consent, where required for non-essential cookies or similar technologies.

D. To send business communications and marketing

We may send marketing, thought leadership, service updates, event invitations, or similar communications to business contacts where permitted by law.

Legal basis:

consent, where required; and/or
legitimate interests in promoting our B2B services, subject to applicable direct marketing rules and your rights.

E. To manage compliance, legal claims, and business administration

We may process data to maintain records, meet regulatory duties, enforce our rights, defend legal claims, prevent fraud, and manage internal governance.

Legal basis:

compliance with legal obligations;
legitimate interests; and/or
establishment, exercise, or defence of legal claims where relevant.

6. Legitimate interests

Where we rely on legitimate interests, these may include:

operating and growing a B2B business;
responding to inbound requests;
managing customer and supplier relationships;
improving our website, services, and communications;
maintaining network and information security;
protecting our legal and commercial interests.

Where required, we balance those interests against the rights and freedoms of individuals.

7. Cookies and similar technologies

Our website may use cookies, pixels, tags, local storage, and similar technologies.

These may include:

strictly necessary technologies required for the site to function;
analytics technologies to understand site usage and improve performance;
functional technologies to remember preferences;
marketing technologies to measure campaigns or support remarketing, where used.

Where required by law, we will request your consent before placing or using non-essential cookies or similar technologies.

You can usually manage cookies through:

our cookie banner or preference tool (if implemented);
your browser settings; and/or
device settings.

For more detail, you may also publish a separate Cookie Policy or cookie table.

8. Direct marketing

We may use business contact details to send information about our services, updates, insights, or relevant commercial communications where permitted by applicable law.

You can opt out of marketing communications at any time by:

using the unsubscribe link (where available);
replying to the communication requesting removal; or
contacting us at privacy@callsu.net.

Opting out of marketing will not affect service or transactional communications that are necessary for an existing relationship or contract.

9. Who we share personal data with

We may share personal data with trusted third parties where reasonably necessary, including:

website hosting and infrastructure providers;
email and communications providers;
CRM and pipeline management providers;
analytics providers;
meeting booking or calendar tools;
cloud storage and collaboration providers;
professional advisers (such as lawyers, accountants, auditors, or insurers);
regulators, authorities, courts, or law enforcement where required;
actual or prospective buyers, investors, or corporate advisers in connection with a merger, acquisition, financing, or restructuring, subject to confidentiality controls.

We require service providers acting on our behalf to process personal data under appropriate contractual and security obligations.

Processor list, for example:

Servers: AWS or similar
CRM: Pipedrive or Similar
ESP: SendGrid or Similar
Intelligence Platform: CRMTracker or Similar
Calendar: Google or Similar
Data Enrichment: LinkedIn or Similar

10. International data transfers

Your personal data may be stored in or accessed from countries outside the UK or EEA.

Where we transfer personal data internationally, we will take steps designed to ensure an appropriate level of protection, such as:

using adequacy regulations or adequacy decisions where available;
entering into standard contractual clauses or equivalent safeguards;
implementing supplementary contractual, technical, or organisational measures where appropriate.

You may contact us for more information about relevant transfer safeguards.

11. Data retention

We keep personal data only for as long as reasonably necessary for the purposes set out in this Policy, including to satisfy legal, regulatory, tax, accounting, contractual, and dispute-resolution requirements.

Retention periods may vary depending on the category of data and the context in which it was collected.

As a general guide:

website logs and analytics data: [insert period];
enquiry records: [insert period, e.g. 12–24 months];
prospect and pipeline records: [insert period, subject to review];
customer and contract records: [insert period aligned with legal/accounting needs];
suppression / opt-out records: as long as reasonably necessary to honour your preference.

Where data is no longer required, we will delete it, anonymise it, or securely archive it in accordance with our retention practices.

12. Your data protection rights

Depending on the applicable law and circumstances, you may have the right to:

be informed about how your data is used;
request access to your personal data;
request correction of inaccurate or incomplete data;
request erasure of your personal data;
request restriction of processing;
object to certain processing, including processing based on legitimate interests and certain direct marketing;
request portability of data, where applicable;
withdraw consent at any time where we rely on consent (this will not affect processing carried out before withdrawal);
lodge a complaint with a supervisory authority.

These rights are not absolute and may be subject to legal limitations or exemptions.

To exercise your rights, contact us at privacy@callsu.net. We may need to verify your identity before responding.

13. Complaints

If you have concerns about how we handle personal data, please contact us first and we will try to resolve the issue.

You may also have the right to complain to the relevant supervisory authority, such as:

the UK Information Commissioner’s Office (ICO), if UK law applies; and/or
your local EEA data protection authority, if EU law applies.

14. Security

We use appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

These measures may include:

access controls;
role-based permissions;
encryption where appropriate;
secure hosting environments;
logging and monitoring;
internal policies and contractual controls with suppliers.

No method of transmission or storage is completely secure, but we take commercially reasonable steps to reduce risk.

15. Third-party links

Our website may contain links to third-party websites, services, or platforms. We are not responsible for the privacy practices of third parties. We encourage you to review their privacy notices before providing personal data.

16. Children

This website and our services are intended for business and professional audiences. They are not directed to children, and we do not knowingly collect personal data from children through callsu.com.

17. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in law, guidance, technology, our services, or our processing practices.

When we update this Policy, we will revise the Last updated date above. Where appropriate, we may also take additional steps to notify users.

18. Contact us

If you have questions, requests, or concerns about this Privacy Policy or our use of personal data, please contact:

Privacy Contact

privacy@callsu.net
CES Communications Ltd.
Regent House, 61 Bisazza Street, SLM1640
C58105
Malta

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.