Legal
Privacy Policy
Last updated May 21, 2026
This Privacy Policy describes how Twinline ("we", "our", or "us") collects, uses, and shares information when you use the Twinline mobile app and twinline.io website (together, the "Service"). We aim to keep this short and plain. Email us at hello@twinline.io with any questions.
1. Information we collect
We collect the following categories of information.
- Account information. Email, name, password (stored salted and hashed with bcrypt), and any sign in identifiers from Google or Apple if you choose those options in a future release.
- Telephony data. Phone numbers you connect to Twinline, call and message metadata (caller and recipient numbers, timestamps, duration, status), voicemail recordings and transcriptions, and any contact labels you add.
- Twilio link. Twinline uses your own Twilio account through Twilio Connect. We store the Twilio Account SID we receive from the authorization flow. We do not store your Twilio password or master auth token at any point.
- Subscription state. Subscription status, trial dates, and any in app receipts. Payment instruments themselves are handled by Google Play and Apple. We never see your card or bank details.
- Device data. Push tokens, app version, OS version, crash reports, and basic events used to detect bugs and abuse.
2. How we use information
- To route your calls and messages through Twilio on your behalf.
- To deliver push notifications for incoming calls, new SMS, and voicemail.
- To bill the Twinline subscription through Google Play or Apple.
- To investigate abuse, fraud, and security incidents.
- To improve the product through aggregated, anonymized analytics and crash reports.
3. Sharing
We share information only with the following parties, and only as needed to operate the Service.
- Twilio. Your telephony carrier. Twilio receives the call and message data necessary to deliver service. Twilio also bills you directly for your usage.
- Google Firebase Cloud Messaging and Apple Push Notification Service. Push notification delivery to your device.
- Mailgun. Outbound transactional email such as password resets.
- Sentry. Crash and error monitoring. We configure Sentry to scrub personally identifying request payloads before they leave your device or our server.
- Google Play and Apple. Subscription billing and receipt validation.
- Legal requests. If compelled by valid legal process, with reasonable notice to you where permitted.
We do not sell your personal information.
4. Retention
We keep account data while your account is active. When you delete your account we purge personal data within 30 days, revoke the Twilio Connect link, and stop sending you any notifications. Aggregated, anonymized data may be retained for analytics.
5. Security
We use TLS in transit and standard server side hardening at rest. Twilio Connect means your master Twilio credentials never leave Twilio. Access to production systems is restricted and audited. No system is perfectly secure. If we become aware of a breach involving your data we will notify you as required by applicable law.
6. Your rights
Depending on your jurisdiction, you may have rights to access, correct, export, or delete your data. To exercise these rights, email hello@twinline.io. You can also delete your account directly from the app under Settings, Account, Delete account.
7. Children
Twinline is not directed to children under 13 (16 in the European Economic Area). We do not knowingly collect personal information from children.
8. International transfers
Twinline is operated from the United States. By using the Service you consent to the transfer and processing of your information in the United States and any countries where our service providers operate.
9. Changes
If we make material changes to this policy we will notify you inside the app and via email. The "last updated" date at the top reflects the most recent revision.
10. Contact
Questions, requests, or complaints? hello@twinline.io.