Callo
Back to homePrivacy

Privacy Policy

We collect what's strictly needed to place your calls, charge you fairly, and keep the service safe. Nothing else.

Last updated · May 17, 2026

1. Data we collect

When you create a Callo account and use the service, we hold:

  • Identity — your name, email address, and profile picture as provided by Google during sign-in (OAuth 2.0).
  • Call logs — destination number, country, duration, per-minute rate, total cost, and call status (completed, failed, no-answer) for every call you place.
  • Balance history — top-up amounts, currency, timestamps, and the running spendable balance on your account (incl. any locked signup bonus).
  • Contacts — any phone numbers you save to your in-app Contacts, with optional name and note.
  • Session tokens — an opaque, HTTP-only cookie used to keep you signed in for 7 days. We do not store passwords; authentication is delegated to Google.

2. How we use it

Your data is used exclusively to:

  • Provide the calling service (routing, audio, caller ID).
  • Bill you accurately, debit your balance per second of talk time, and display your transaction history.
  • Detect and prevent fraud or abuse — including premium-rate dialing, automated/robocall patterns, and account take-over attempts.
  • Improve the product — aggregated, de-identified usage signals (e.g. "calls to Pakistan failed at rate X") help us refine routing and rates. We do not profile individual users for advertising.

3. Third parties we share data with

Callo runs on top of a small set of trusted infrastructure providers. Data flows to them only as needed to deliver the service:

  • Google — authentication (OAuth 2.0). We receive your name, email, and profile picture; Google does not see your call activity.
  • Voice carrier — our upstream telecom partner. The destination phone number and call duration are transmitted to the carrier to place the call. Audio is encrypted in transit; Callo does not record call content.
  • Paddle — merchant of record for payments. Card details are entered directly into Paddle's hosted checkout and never touch our servers. Paddle handles VAT/sales tax and refund processing.
  • MongoDB Atlas — encrypted-at-rest database storage in a single region. No third-party analytics ever reads from this store.

We do not sell, rent, or trade your personal data. We do not run advertising trackers, retargeting pixels, or session-replay scripts.

4. Data retention

  • Call logs — retained for 12 months from the date of the call, then automatically purged. The aggregate cost remains on your transaction history.
  • Account data (profile, contacts, balance) — retained for as long as your account is active. Deleted permanently when you delete your account.
  • Payment records — Paddle retains transaction records as required by tax law (up to 10 years in some jurisdictions); we hold only the receipt summary.

5. Your rights

You can, at any time:

  • Access the data we hold about you — request a copy by emailing contact@callo.app.
  • Delete your account from Settings → Danger zone → Delete account. This removes your profile, contacts, call history, top-up history, and sessions immediately and permanently. The action cannot be undone.
  • Object to the processing described here — in which case you should stop using Callo and request deletion.

EU/UK residents: this policy honors GDPR and the UK Data Protection Act. Our legal basis is contract performance (Art. 6(1)(b)) and legitimate interest in fraud prevention (Art. 6(1)(f)).

6. Cookies

Callo uses one cookie: a session cookie named session_token, set HTTP-only, secure, and SameSite=None. It expires after 7 days and exists solely to keep you signed in.

We do not run analytics cookies, advertising cookies, or third-party tracking pixels. No banner is required because there is nothing to consent to beyond the strictly-necessary cookie above.

7. Contact

Questions about your data, this policy, or a deletion request — reach us at contact@callo.app. We aim to respond within 5 business days.