VoipMe

Privacy Policy

Last updated · May 19, 2026

Effective: May 19, 2026 · Last updated: May 19, 2026

Short version: VoipMe doesn't run an account system, doesn't record calls, and doesn't sell data. The app talks SIP directly to your provider. We see almost nothing.

What we collect

Device push token. When you enable inbound calls, the app sends your device's push token (Apple's APNs on iOS, Google's FCM on Android) to our push relay so we can wake the app when your PBX signals an incoming call. The token is stored alongside your push routing identifier and nothing else.

Inbound call metadata. When your PBX webhooks the relay about an incoming call, we receive the caller number and an opaque call ID so we can deliver the push. We don't persist this beyond the few seconds needed to deliver the notification.

Crash and diagnostic reports. If the app crashes or hits an unexpected error, an anonymous crash report is sent to our error-tracking service (Sentry) so we can diagnose and fix it. Reports include a stack trace, app version, OS version, and device model. They do not include your SIP password, contacts, call history, or audio. You can also tap Settings → Reports → Send report to attach your recent registration status and a free-form note to a manual report.

Third parties involved in service delivery. Push notifications are dispatched by Apple's APNs (iOS) and Google's FCM (Android); both Apple and Google receive your device token to deliver the wake-up message. Our relay infrastructure runs on Fly.io; Fly receives the relay's request traffic. None of these parties receive your SIP password or call audio.

What we don't collect

  • Your SIP password (stored only in your device's Keychain).
  • Audio from your calls — at any point, ever.
  • Your contacts.
  • Your call history (lives only on your device).
  • Analytics, marketing identifiers, or advertising data.

Where data lives

Push relay infrastructure is hosted on Fly.io (Singapore region). Apple Push Notification service is operated by Apple. Your SIP traffic (signaling and audio) flows directly between your phone and your SIP provider — it does not transit our servers.

Your rights

Delete your data. Open the app and tap Settings → Privacy → Delete account. This removes your push token from our relay, wipes the SIP credentials and call history stored on your device, and signs you out. You may also email us at johnrlopena@gmail.com for a manual purge.

Access, export, correction. Because we hold so little data (push token + routing id), there's no meaningful export. Email us at johnrlopena@gmail.com for any data-rights request and we'll respond within 30 days.

Region-specific rights. If you're in the EU/EEA or UK (GDPR), the legal basis for processing your push token is legitimate interest in delivering the inbound-call feature you enabled; you may object at any time by signing out. If you're in California (CCPA/CPRA), we don't sell or share personal information and there's no opt-out to surface.

Retention

Push tokens are kept until you sign out, delete your account, or your device unregisters them. Inbound call metadata is held in transit only — typically under five seconds — and not persisted. Crash reports are retained for 90 days by Sentry.

Children

VoipMe is not directed at children under 13 (or 16 in the EU). We do not knowingly collect data from children.

Changes

Material changes will be announced via the app and on this page; the effective date above will be updated.

Contact

Questions? Email johnrlopena@gmail.com.