Last updated: January 2026
Texalo is committed to protecting your data and the data of your customers. This page summarises our approach in plain English. For full details, see our Privacy Policy.
Whitepath Ltd is registered with the Information Commissioner's Office (ICO) as a data processor. We process personal data only as instructed by you, our customer, and only to provide the Texalo service.
When a caller's phone number and SMS messages are processed through Texalo, you are the data controller — Texalo is your data processor. This means you decide why and how that data is used. We just follow your instructions.
You should have a lawful basis for processing your customers' communications data. For most businesses using a missed call follow-up service, legitimate interest is the appropriate basis — but you should confirm this with your own legal adviser if unsure.
We only collect what we need. Caller phone numbers, message content, and timestamps. Nothing more. We do not build profiles, sell data, or use it for advertising.
SMS message content is automatically deleted after 90 days. Account data is held for the duration of your subscription plus 30 days. You can request deletion at any time.
Your data is stored on servers within the UK and EU. SMS delivery is handled by Twilio (US-based, EU data residency available). AI processing uses Anthropic's API. Both providers are covered by appropriate data transfer mechanisms.
All data is encrypted in transit (TLS 1.2+). Passwords are hashed with bcrypt. We do not store payment card data — Stripe handles all billing.
Under UK GDPR you have the right to access, correct, delete, or export your data at any time. Contact privacy@texalo.co.uk and we will respond within 30 days.
For any GDPR-related questions, contact privacy@texalo.co.uk.