Twinline Get the app

Legal

Privacy Policy

Last updated May 15, 2026

This Privacy Policy describes how Twinline ("we", "our", or "us") collects, uses, and shares information when you use the Twinline mobile app and twinline.io website (together, the "Service"). We aim to keep this short and plain. You can email us at hello@twinline.io with any questions.

1. Information we collect

We collect the following categories of information:

  • Account information: email, name, password (hashed), and any sign in identifiers from Google or Apple if you choose those options.
  • Telephony data: phone numbers you add to Twinline, call and message metadata (from/to numbers, timestamps, duration, status), voicemail recordings and transcriptions, and any notes you attach to calls.
  • Twilio credentials (BYOC only): if you bring your own Twilio account, we store your Account SID and Auth Token (or API Key/Secret) encrypted at rest using AES 256. We never display your auth token back to you after you save it.
  • Wallet and billing: top up history, transaction ledger, and subscription status. Payment instruments are handled by Google Play, Apple, and RevenueCat. We never see your card details.
  • Device data: push tokens, app version, OS version, crash logs, and basic analytics events.

2. How we use information

  • To route your calls and messages through Twilio.
  • To bill your subscription and meter your wallet usage.
  • To send service notifications (incoming calls, missed calls, new SMS, low balance).
  • To investigate abuse, fraud, and security incidents.
  • To improve the product through aggregated, anonymized analytics.

3. Sharing

We share information only with the following parties, and only as needed to operate the Service:

  • Twilio: telephony provider; receives call and message data necessary to deliver service.
  • RevenueCat: subscription and IAP receipt validation.
  • Google Firebase and Apple Push: push notification delivery.
  • Sentry, PostHog: error monitoring and analytics.
  • Legal requests: if compelled by valid legal process, with reasonable notice to you where permitted.

We do not sell your personal information.

4. Retention

We keep account data for as long as your account is active. When you delete your account, we purge personal data within 30 days, release any Managed phone numbers, and revoke any BYOC links. Aggregated, anonymized data may be retained for analytics.

5. Security

We use TLS in transit and AES 256 at rest for sensitive credentials. Access to production systems is restricted and audited. No system is perfectly secure. If we become aware of a breach involving your data, we will notify you as required by applicable law.

6. Your rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your data. To exercise these rights, email hello@twinline.io. You can also delete your account from inside the app at any time (Settings → Account → Delete account).

7. Children

Twinline is not directed to children under 13 (or 16 in the EEA) and we do not knowingly collect their personal information.

8. International transfers

Twinline is operated from the United States. By using the Service, you consent to the transfer and processing of your information in the United States and any countries where our service providers operate.

9. Changes

If we make material changes to this policy, we will notify you inside the app and via email. The "last updated" date at the top reflects the most recent revision.

10. Contact

Questions, requests, or complaints? hello@twinline.io.