Security First

Enterprise-Grade Security & Privacy

TLS 1.3 encrypted signalling, ephemeral call audio that is never recorded or stored, encryption at rest, and compliance-by-design - built directly into the core of Jingle Plug-In.

Become a Partner arrow_forward View Compliance Details verified

Encryption Performance Metrics

Protocol
TLS 1.3
lock_clock
Signalling Encrypted
Audio
Ephemeral
graphic_eq
Real-time only Never stored
Transport
HTTPS (TLS)
globe
SECURE
Uptime 99%+
Storage
AES-256
database
At Rest Encrypted

Encryption Stack

Encryption In Transit & At Rest

Call signalling is encrypted in transit with TLS 1.3, and data stored on our servers is encrypted at rest with AES-256. For users who have explicitly opted in, call audio is processed in real time for routing only - never recorded or stored - and calls hand off to Tier 1 carrier networks (PSTN) beyond our edge.

lock

TLS 1.3 Signalling

All call signalling traffic is encrypted with TLS 1.3, the current industry standard for transport security.

hub

mTLS Between Services

Every internal service authenticates with mutual TLS - no implicit trust between services inside the network.

swap_horiz

Secure Plug-In Communication

Plug-in-to-server communication runs over HTTPS (TLS), with real-time call signalling handled over SIP.

database

AES-256 At Rest

Data stored on our servers is encrypted at rest with AES-256.

mic_off

Ephemeral Audio Processing

Call audio is processed ephemerally for real-time call routing only. It is never recorded and never stored.

cell_tower

Tier 1 Carrier Handoff

For users who have explicitly opted in, calls terminate on the public telephone network (PSTN) via Tier 1 carrier interconnections. The encryption described here applies between your device and our network edge.

Transparency

Data Collection Transparency

We believe in radical transparency. Here is exactly what we process, why we process it, and how long we keep it.

Data Points Collected

Data Point Purpose Retention Period
Call Audio Real-time call routing (processed ephemerally) Never stored
Call Duration Billing and usage metering 90 Days, then anonymised
Call Quality Metrics Service quality monitoring 30 Days
Network Type Route optimization and call quality Session only
Country (from verified number) Country / region only, derived from the user's verified phone number, for geographic routing - no GPS or location permission Session only
Plug-In Error Logs Debugging plug-in integration issues 7 Days (aggregated)
Anonymous Session Token App functionality and fraud prevention Expires within 7 days

Zero Access Policy

What We Don't Collect

Trust is built on boundaries. Our plug-in is architected to minimize data footprint - it is built so it cannot access this data, ensuring privacy by design.

warning

Zero Access Policy

Our servers automatically reject data payloads containing these identifiers.

mic_off

Call Audio

Never recorded or stored

contacts

Contacts

Never collected or uploaded - optional on-device caller-name display only

sms_failed

SMS Content

Zero message access

location_off

Precise (GPS) Location

Never collected - only coarse, country-level region, derived from the verified number, for call routing

history

Browsing History

Completely isolated

folder_off

Personal Files

No file system access

Infrastructure

Infrastructure Security

Multiple layers of defense protect every component of our platform, from the edge network to the database layer.

cloud

Distributed Cloud Architecture

Multi-region deployment across geographically isolated data centers. Automatic failover keeps the service available during transitions.

shield

DDoS Mitigation

Edge-level traffic analysis and rate limiting. Volumetric, protocol, and application-layer attacks are mitigated automatically.

vpn_key

mTLS Between Internal Services

Every internal service authenticates via mTLS. No implicit trust between services. All inter-service communication is encrypted and verified at every hop.

storage

Encrypted Storage (AES-256)

All data at rest is encrypted with AES-256, in line with the data minimisation and retention commitments in our Privacy Policy.

monitoring

Real-Time Fraud Detection

Automated monitoring flags anomalies and abusive traffic patterns in real time, protecting partners and the integrity of the network.

security_update_good

Ongoing Security Review

The platform undergoes ongoing security review and vulnerability assessment, and findings are prioritised for remediation.

Compliance

Regulatory Compliance

Our platform is designed to meet the highest standards for data protection and privacy regulation worldwide.

euro_symbol
check_circle

GDPR Ready

European Union Privacy

Full support for right to erasure, data portability, and consent management APIs.

gavel
check_circle

UK DPA 2018

United Kingdom Standards

Compliant with post-Brexit data protection standards and ICO guidelines.

android
check_circle

Play Safety

Google Data Safety

Pre-filled Data Safety form responses and prominent-disclosure templates for Google Play submission.

Documentation

Legal Resources

Privacy Policy

Last updated: June 13, 2026

arrow_forward

Terms of Service

Last updated: June 13, 2026

arrow_forward

Data Processing Agreement

Standard Contractual Clauses

arrow_forward

Secure your app today.

Join the partner network built on the international carrier interconnects with Jingle Plug-In.

Start Building for Free arrow_forward Contact Security Team email