Privacy Policy

Last updated: January 2026

This Privacy Policy explains how CallMeLater collects, uses, and protects personal data in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

CallMeLater is operated by Canell SRL, a company registered in Belgium (VAT: BE0778.716.691). For more information about our company, visit canell.be.

Canell SRL acts as:

  • Data Controller for account and billing data
  • Data Processor for reminder recipient data submitted by users

Users of CallMeLater are responsible for ensuring they have a lawful basis to process recipient data.

2. Personal Data We Collect

We may collect and process the following data:

  • Account information (email address, name)
  • Authentication and security data
  • Scheduled action metadata
  • Reminder recipient email addresses
  • Execution logs and timestamps
  • IP addresses for security and abuse prevention

3. How We Use Personal Data

We process personal data to:

  • Provide and operate the Service
  • Execute scheduled actions and reminders
  • Secure the platform and prevent abuse
  • Manage billing and subscriptions
  • Communicate service-related information

4. Legal Bases for Processing (GDPR Art. 6)

We process data based on:

  • Contract performance (providing the Service)
  • Legitimate interest (security, reliability, abuse prevention)
  • Consent, where required by law

5. Data Retention

We retain personal data only for as long as necessary to operate the Service or comply with legal obligations. Logs and execution data are retained for a limited period and may be deleted automatically.

6. Data Sharing and Subprocessors

We may share data with trusted subprocessors, including:

  • Email delivery providers (e.g. Postmark)
  • Payment processors (e.g. Stripe)
  • Hosting and infrastructure providers

These providers process data under contractual and GDPR-compliant safeguards.

7. International Transfers

Where data is transferred outside the EU, appropriate safeguards such as Standard Contractual Clauses (SCCs) are applied.

8. Data Subject Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion ("right to be forgotten")
  • Restrict or object to processing
  • Request data portability

Requests can be made by contacting us.

9. Security Measures

We implement appropriate technical and organizational measures to protect personal data, including access controls, encryption where applicable, and monitoring.

10. Cookies

CallMeLater uses only strictly necessary cookies required for authentication and security. See the Cookie Notice for details.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page.

12. Governing Law

This Privacy Policy is governed by the laws of Belgium and the General Data Protection Regulation (GDPR). You have the right to lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) or your local supervisory authority.

13. Contact

For privacy-related questions or requests, please contact us.