This Privacy Policy describes how Dial Anyone ("we", "our", or "us") collects, uses, shares, and protects your personal information when you use our web-based telecommunications service.
Dial Anyone provides VoIP (Voice over Internet Protocol) calling services that allow users to make phone calls worldwide directly from their web browser using a credit-based system. We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Personal Information
When you register for an account, we collect:
- Your name
- Email address
- Phone number (optional, for verification purposes)
- Password (encrypted and securely stored)
1.2 Google Sign-In Information
If you choose to sign in using Google, we receive the following information from your Google account:
- Your email address
- Your name
- Your profile picture (if available)
1.3 Call Data and Usage Information
When you use our VoIP calling service, we collect:
- Phone numbers you dial (destination numbers)
- Call duration and timestamps
- Call quality metrics and connection data
- Time and date of calls
- IP address used to connect to our service
- Credit usage and balance information
- Service usage patterns and preferences
Important: We do not record or store the actual content of your calls unless you explicitly use any recording features (where available and legally permitted).
1.4 Analytics and Usage Data
We use analytics services to understand how our service is used and to improve user experience:
- Google Analytics - for website usage statistics and user behavior analysis
- PostHog - for product analytics and feature usage tracking (when enabled)
- Page views, session duration, and navigation patterns
- Device type and browser information (anonymized)
- Geographic location (country/region level only)
1.5 Payment and Billing Information
When you purchase credit packages or subscribe to our services, we collect:
- Payment method details (processed securely through Stripe and other payment providers)
- Billing address and contact information
- Transaction history and payment records
- Credit purchase and usage history
- Subscription status and renewal information
- Auto-topup preferences and settings
Security Note: We do not store complete credit card numbers on our servers. Payment information is processed and stored securely by our certified payment processors in compliance with PCI DSS standards.
2. How We Use Your Information
We use the information we collect for various purposes, including:
- Providing, operating, and maintaining our VoIP calling service
- Processing credit purchases, subscriptions, and billing transactions
- Managing auto-topup services and payment processing
- Providing phone number rental and management services
- Improving call quality and connection reliability
- Personalizing and expanding our Service offerings
- Understanding and analyzing service usage patterns
- Developing new features and functionality
- Communicating with you for customer service, account updates, and service notifications
- Processing account verification and security measures
- Preventing fraud, abuse, and violations of our Terms of Service
- Complying with legal obligations and regulatory requirements
3. Google Sign-In Data
When you sign in to Dial Anyone using your Google account, we access limited information from your Google profile to create and manage your account.
3.1 What Google Data We Access
- Your email address (to create your account and for communication)
- Your name (to personalize your account)
- Your profile picture (to display in your account, if available)
3.2 How We Use Your Google Data
Your Google data is used only for the following purposes:
- To create and authenticate your Dial Anyone account
- To identify you when you sign in to our service
- To personalize your user experience
3.3 Google Data Sharing and Transfer
Important Disclosure:
- We do NOT share your Google account data with any third parties
- We do NOT sell or transfer your Google data to other companies
- We do NOT use your Google data for advertising or marketing purposes
- Your Google data is used solely for authentication and account management within Dial Anyone
3.4 Revoking Google Access
You can revoke Dial Anyone's access to your Google account at any time by visiting your Google Account permissions page at https://myaccount.google.com/permissions. After revoking access, you will need to use an alternative sign-in method to access your Dial Anyone account.
4. Data Sharing and Third-Party Services
We work with trusted third-party service providers to operate our platform. Below is a complete list of third parties who may receive your data and the purpose for which they receive it:
| Service Provider | Data Shared | Purpose |
|---|
| Twilio | Phone numbers, call metadata | Voice calling and SMS services |
| Stripe | Email, billing information | Payment processing |
| Supabase | Account data, usage records | Database hosting and authentication |
| Google Analytics | Anonymized usage data | Website analytics |
| PostHog | Anonymized usage data | Product analytics |
| Brevo | Email address | Transactional emails |
| Vercel | IP addresses, request logs | Web hosting |
We do NOT sell your personal data. Your information is only shared with the service providers listed above for the specific purposes described. We do not sell, rent, or trade your personal information to third parties for their marketing purposes.
For more information about how these providers handle your data, please review their privacy policies:
5. Data Protection and Security Measures
We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.
5.1 Encryption
- Data in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher (HTTPS)
- Data at Rest: Sensitive data stored in our databases is encrypted using AES-256 encryption
- Password Security: User passwords are never stored in plain text. We use bcrypt hashing with unique salts for each password
5.2 Payment Security
- Payment processing is handled by Stripe, which is PCI DSS Level 1 certified (the highest level of certification)
- We never store complete credit card numbers on our servers
- All payment transactions are processed over secure, encrypted connections
5.3 Access Controls
- Role-Based Access Control (RBAC): Employee access to user data is strictly limited based on job function
- Row Level Security (RLS): Database-level policies ensure users can only access their own data
- Authentication: Secure session management with JWT tokens and HTTP-only cookies
5.4 Infrastructure Security
- Our application is hosted on Vercel, which maintains SOC 2 Type II compliance
- Our database is hosted on Supabase, which maintains SOC 2 Type II compliance
- Regular security assessments and vulnerability monitoring
- Automated monitoring for unauthorized access attempts
5.5 Session Security
- Secure JWT tokens with expiration
- HTTP-only, secure cookies to prevent XSS attacks
- Automatic session invalidation on logout
- Session timeout for inactive users
6. International Data Transfers
Dial Anyone is based in the United States, and your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers maintain facilities.
- Primary Data Processing: United States
- EU Data Transfers: Where we transfer personal data from the European Economic Area (EEA) to countries outside the EEA, we rely on Standard Contractual Clauses approved by the European Commission
- Data Protection: Regardless of where your data is processed, we apply the same security protections described in this policy
7. Data Retention
We retain your personal information for different periods depending on the type of data and our business needs:
- Account Information: Retained while your account is active and for a reasonable period after account closure
- Call Records: Retained for billing, quality assurance, and compliance purposes as required by telecommunications regulations
- Payment Data: Retained as required for financial record-keeping and fraud prevention
- Subscription Data: Retained for the duration of your subscription and billing history requirements
- Terminated Accounts: Data may be retained for legal compliance and fraud prevention, with remaining credits forfeited per our policies
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to improve your experience on our platform.
8.1 Types of Cookies We Use
- Essential Cookies: Required for the website to function properly (authentication, security, preferences)
- Analytics Cookies: Help us understand how visitors interact with our website (Google Analytics, PostHog)
- Functional Cookies: Enable enhanced functionality and personalization
8.2 Managing Cookies
You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our service. Most browsers allow you to refuse or accept cookies, delete existing cookies, or automatically accept or refuse cookies for specific websites.
9. Your Data Protection Rights
Depending on your location, you may have certain rights regarding your personal information:
9.1 Rights for All Users
- Access: The right to access the personal information we have about you
- Correction: The right to request correction of inaccurate personal information
- Deletion: The right to request deletion of your personal information (subject to legal retention requirements)
- Objection: The right to object to processing of your personal information
- Portability: The right to receive your data in a portable format
- Withdrawal: The right to withdraw consent at any time
9.2 Additional Rights for EU Residents (GDPR)
If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR):
- Lawful Basis: We process your data based on consent, contract performance, legitimate interests, or legal obligations
- Right to Lodge Complaint: You have the right to lodge a complaint with a supervisory authority in your country of residence
- Restriction of Processing: You may request that we restrict the processing of your personal data under certain circumstances
9.3 Additional Rights for California Residents (CCPA)
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):
- Right to Know: You have the right to know what personal information we collect, use, and disclose
- Right to Delete: You have the right to request deletion of your personal information
- Right to Opt-Out: You have the right to opt-out of the sale of your personal information. Note: We do not sell your personal information.
- Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
To exercise any of these rights, please contact us at support@dialanyone.com. We will respond to your request within the timeframes required by applicable law.
10. Children's Privacy
Our Service is not intended for use by children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children under these ages.
- We do not knowingly collect or solicit personal information from children under 13
- If we learn that we have collected personal information from a child under 13, we will promptly delete that information
- If you believe that a child under 13 has provided us with personal information, please contact us immediately at support@dialanyone.com
11. Data Breach Notification
In the event of a data breach that affects your personal information, we are committed to notifying you promptly.
- We will notify affected users within 72 hours of becoming aware of a qualifying data breach
- Notification will be sent via email to the address associated with your account
- We will provide information about the nature of the breach, the data affected, and steps you can take to protect yourself
- We will also notify relevant regulatory authorities as required by applicable law
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last Updated" date at the top of this policy
- Sending you an email notification for significant changes (where required by law)
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
13. Contact Us
If you have questions or comments about this Privacy Policy, wish to exercise your data protection rights, or have any concerns about our data practices, please contact us at:
We will respond to all legitimate requests within a reasonable timeframe and in accordance with applicable data protection laws.