Neverhold Privacy Policy

1. Introduction

Neverhold is committed to protecting your privacy. This Privacy Policy describes our practices regarding the collection, use, and disclosure of information when you use our Services. By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy.

This Privacy Policy complies with:

• California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
• Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
• General Data Protection Regulation (GDPR) - where applicable
• Google Play Store Data Safety requirements
• Android privacy and security best practices

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you provide directly to us, including:

• Account Information: Name, email address, phone number, and password when you create an account;
• Profile Information: Profile photo, preferences, and settings you configure in the App;
• Verification Information: Phone numbers you verify for use with our Services;
• Payment Information: Billing address and payment method information (processed by third-party payment processors, not stored by us);
• Communications: Information you provide when contacting us for support or feedback;
• User-Generated Content: Custom voicemail messages, call recordings (if enabled), and spam reports you submit.

2.2 Information We Collect Automatically

When you use the Services, we automatically collect certain information, including:

• Device Information: Device type, operating system, unique device identifiers, mobile network information, and device settings;
• Usage Information: How you interact with the App, features you use, time spent in the App, and crash reports;
• Call Information: Call logs, call duration, phone numbers called/received, call timestamps, and call status (connected, missed, etc.);
• Contact Information: Contacts stored on your device that you grant us access to (used for caller identification and call management);
• Location Information: Approximate location based on IP address or device settings (if location services are enabled);
• Network Information: IP address, internet service provider, and network connection type;
• Log Information: App logs, error logs, and diagnostic information.

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Service Providers: Information from VoIP service providers (e.g., Twilio) regarding call status, call quality, and billing;
• Spam Detection Services: Information from third-party spam detection APIs (if enabled) regarding phone number reputation;
• Analytics Providers: Aggregated usage and analytics data from services like Firebase Analytics and Google Analytics;
• App Stores: Basic account information from Google Play Store if you download the App through an app store.

3. How We Use Your Information

We use the information we collect for the following purposes:

3.1 Providing and Improving the Services

• Deliver, maintain, and improve the Services;
• Process and complete transactions, including VoIP calls and subscription payments;
• Provide customer support and respond to your inquiries;
• Customize your experience and personalize content;
• Develop new features and services.

3.2 Call Management and Screening

• Identify incoming callers using your device contacts and our databases;
• Screen calls for spam, fraud, or unwanted calls using local and community-based filtering;
• Provide optional API-based spam detection services;
• Display caller information and call history;
• Manage call routing and call features.

3.3 Communication

• Send you service-related communications (account updates, security alerts, etc.);
• Send you marketing communications (with your consent, which you can opt-out of at any time);
• Notify you about changes to our Services, Terms of Service, or Privacy Policy;
• Respond to your comments, questions, and requests.

3.4 Security and Fraud Prevention

• Detect, prevent, and address fraud, security threats, and abuse;
• Verify your identity and prevent unauthorized access;
• Monitor for suspicious activity and violations of our Terms of Service;
• Protect the rights, property, and safety of Neverhold, our users, and others.

3.5 Legal Compliance

• Comply with applicable laws, regulations, and legal processes;
• Respond to government requests and court orders;
• Enforce our Terms of Service and other agreements;
• Protect our legal rights and interests.

3.6 Analytics and Research

• Analyze usage patterns and trends to improve the Services;
• Conduct research and development;
• Generate aggregated, anonymized data for business intelligence.

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

• VoIP Service Providers: Twilio and other providers for VoIP calling services;
• Cloud Storage Providers: For storing your data securely (e.g., Supabase, Firebase);
• Payment Processors: For processing subscription payments;
• Analytics Providers: Firebase Analytics, Google Analytics for usage analytics;
• Spam Detection Services: Third-party APIs for optional spam detection (if enabled);
• Customer Support: Service providers that assist with customer support operations.

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required by law or in response to:

• Valid legal process (subpoenas, court orders, search warrants);
• Government requests and regulatory inquiries;
• Legal obligations to protect rights, property, or safety;
• Emergency situations involving immediate danger to life or physical safety.

4.3 Business Transfers

If Neverhold is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your information.

4.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for research, analytics, or business purposes.

5. Call Screening and Spam Detection

5.1 Local and Community-Based Filtering

Neverhold uses local and community-based spam filtering that operates on your device and through community reports. This includes:

• Storing spam reports and phone number reputation data locally on your device;
• Sharing anonymized spam reports with the Neverhold community (without identifying you);
• Using community-contributed data to identify potential spam calls.

5.2 Optional API-Based Screening

If you enable API-based screening services, we may:

• Send phone numbers to third-party spam detection APIs to check reputation;
• Receive spam detection results and display them in the App;
• Use this information to improve our spam detection algorithms.

You can disable API-based screening at any time in the App settings.

5.3 Spam Reporting

When you report a number as spam, we collect:

• The phone number you report;
• The date and time of the report;
• Anonymized information about the call (without identifying you personally).

This information is used to improve spam detection for all users.

6. Call Recording

If you enable call recording features:

• We store recorded calls securely on our servers or your device (depending on your settings);
• Recorded calls are encrypted and accessible only to you (unless you share them);
• You are responsible for complying with applicable call recording laws and obtaining consent from all parties where required;
• You can delete recorded calls at any time through the App;
• We retain recorded calls according to your settings or until you delete them.

7. Data Security

We implement reasonable technical and organizational measures to protect your information, including:

• Encryption: Data in transit is encrypted using TLS/SSL, and sensitive data at rest is encrypted;
• Access Controls: Limited access to personal information on a need-to-know basis;
• Secure Storage: Information stored on secure servers with appropriate access controls;
• Regular Security Audits: Periodic security assessments and vulnerability testing;
• Incident Response: Procedures to detect, respond to, and mitigate security incidents.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Your Rights and Choices

8.1 Access and Correction

You have the right to:

• Access the personal information we hold about you;
• Request correction of inaccurate or incomplete information;
• Update your account information through the App settings.

8.2 Deletion

You can request deletion of your personal information by:

• Deleting your account through the App settings;
• Contacting us at [YOUR EMAIL] with a deletion request.

We will delete your information subject to legal retention requirements and our need to maintain certain records for legitimate business purposes.

8.3 Data Portability

You can request a copy of your personal information in a portable format by contacting us at [YOUR EMAIL].

8.4 Opt-Out Rights

You can opt-out of:

• Marketing Communications: Unsubscribe from marketing emails through the unsubscribe link or App settings;
• Analytics: Disable analytics data collection in App settings (may limit some features);
• API-Based Screening: Disable third-party spam detection APIs in App settings;
• Location Services: Disable location access through your device settings.

8.5 California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of categories and specific pieces of personal information we collect, use, and share;
• Right to Delete: Request deletion of your personal information (subject to exceptions);
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell your information);
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights;
• Right to Correct: Request correction of inaccurate personal information;
• Right to Limit Use of Sensitive Information: Request limits on the use of sensitive personal information.

To exercise these rights, contact us at [YOUR EMAIL] or through the App settings.

8.6 Canadian Privacy Rights (PIPEDA)

If you are a Canadian resident, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA):

• Right to Access: Request access to your personal information;
• Right to Correction: Request correction of inaccurate information;
• Right to Withdraw Consent: Withdraw consent for collection, use, or disclosure of your information (subject to legal and contractual restrictions);
• Right to File a Complaint: File a complaint with the Privacy Commissioner of Canada if you believe we have violated your privacy rights.

9. Data Retention

We retain your personal information for as long as necessary to:

• Provide the Services to you;
• Comply with legal obligations;
• Resolve disputes and enforce our agreements;
• Maintain security and prevent fraud.

When you delete your account, we will delete or anonymize your personal information within a reasonable timeframe, except where we are required to retain it for legal or legitimate business purposes.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where data protection laws may differ. We ensure that such transfers comply with applicable data protection laws by:

• Using standard contractual clauses approved by relevant data protection authorities;
• Implementing appropriate safeguards to protect your information;
• Complying with applicable data protection laws, including GDPR where applicable.

11. Children's Privacy

The Services are not intended for children under 13 years of age (or 16 in the European Economic Area). We do not knowingly collect personal information from children under 13 (or 16 in the EEA). If you believe we have collected information from a child, please contact us immediately, and we will delete such information.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Remember your preferences and settings;
• Analyze usage patterns and improve the Services;
• Provide personalized content and advertisements (with your consent).

You can control cookies through your device or browser settings, though this may affect some features of the Services.

13. Third-Party Links and Services

The Services may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party services you access.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated Privacy Policy on our website and in the App;
• Updating the "Last Updated" date;
• Sending you an email notification (if you have provided an email address);
• Displaying an in-app notification requiring you to review and accept the updated policy.

Your continued use of the Services after changes become effective constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

16. Data Safety Information (Google Play)

In compliance with Google Play Store Data Safety requirements, we disclose the following:

Data Type	Collected	Shared	Purpose
Phone number	Yes	Yes (service providers)	Account creation, call management, verification
Email address	Yes	No	Account creation, communications
Call logs	Yes	No	Call management, history
Contacts	Yes (with permission)	No	Caller identification
Device identifiers	Yes	Yes (analytics)	App functionality, analytics
Location (approximate)	Yes (if enabled)	No	Service improvement

By using Neverhold, you acknowledge that you have read and understood this Privacy Policy.