What we know.
And what we don't.

Callora Networks ("Callora", "we", "us", or "our") operates the website at this domain and the peer-to-peer voice service accessed through it (the "Service"). This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have. It is published in accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 of India.

1. The short version

Callora is designed so we touch your conversations as little as technically possible. Voice and video on Callora travel directly between members' devices over encrypted WebRTC. Our servers help two members find each other; after that, the audio path is between you and the other peer. We do not record, store, or analyse the content of your calls.

2. Information we collect

a) Information you provide to us. When you create an account, we collect the email address (or other identifier) you register with, a password (stored only as a salted hash), and the 10-digit Callora number that is allocated to your account. If you contact us through the contact form or by email, we receive the contents of that message.

b) Information collected automatically. When you use the Service, our servers automatically receive certain technical information, including your IP address, browser type and version, operating system, the pages you visit on our website, referring URLs, approximate location derived from IP, and timestamps of requests. This information is collected through standard server logs and cookies (see our Cookie Policy).

c) Signaling metadata. To establish a call, our signaling server briefly relays connection information ("offers", "answers" and ICE candidates) between the two devices. This includes the Callora numbers of the parties to the call, network addresses needed to negotiate the peer connection, and a timestamp. We retain minimal call metadata (caller number, callee number, start time, duration, success/failure) for up to 90 days for fraud prevention, abuse handling and quality of service.

d) What we do NOT collect. We do not record, store, transcribe, listen to, or otherwise process the audio or video content of your calls. The media stream does not pass through our infrastructure. We do not collect government identifiers, payment card details (the Service is free), biometric data, or contact lists from your device.

3. How we use information

We use the information described above to:

• create and maintain your account and your 10-digit number;
• route signaling so two members can establish a peer connection;
• operate, secure and improve the Service, including diagnosing technical problems;
• detect, prevent and respond to abuse, fraud, spam and violations of our Acceptable Use Policy;
• respond to support requests, questions and feedback you send us;
• comply with applicable laws, valid legal process, and lawful requests from government authorities.

4. Legal bases (for users in India and elsewhere)

Where applicable law requires a legal basis to process your information, we rely on: (i) your consent, given when you create an account; (ii) the necessity to perform the contract for the Service; (iii) our legitimate interests in operating, securing and improving Callora; and (iv) compliance with legal obligations.

5. Sharing and disclosure

We do not sell your personal information. We share information only in the limited circumstances below:

• Other members on a call. When you place or receive a call, the other peer(s) on that call necessarily learn your Callora number and the network information required to establish the direct media path.
• Service providers. We use a small number of vendors for hosting, email delivery and error monitoring. These providers process information only on our instructions and under written confidentiality and security obligations.
• Legal and safety. We may disclose information if we believe in good faith that disclosure is required by law, a valid court order, or is reasonably necessary to protect the rights, safety or property of Callora, our members or the public, including to investigate violations of our policies.
• Business transfers. If Callora is involved in a merger, acquisition, financing or sale of assets, information may be transferred as part of that transaction; we will give notice before your information becomes subject to a different privacy policy.

6. Retention

We keep account information for as long as your account is active. Call signaling metadata is retained for up to 90 days. Server access logs are typically retained for up to 12 months. When you delete your account, we delete or irreversibly anonymise associated personal data within 30 days, except where retention is required by law or is necessary to resolve disputes, prevent fraud or enforce our agreements.

7. Security

Audio and video on Callora are encrypted in transit between peers using the encryption built into WebRTC (DTLS-SRTP). Passwords are stored only as one-way salted hashes. Access to backend systems is limited to authorised personnel and protected by strong authentication. No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security; if we ever become aware of a security incident affecting your personal data, we will notify you and the relevant authorities as required by law.

8. Your rights and choices

Depending on where you live, you may have the right to access, correct, update, port or delete the personal information we hold about you, to withdraw consent, and to object to or restrict certain processing. You can exercise these rights at any time by writing to us at the address below. We will respond within the timelines required by applicable law. You can also delete your account from within the Service, which removes your 10-digit number from the directory.

9. Children

Callora is not intended for children under the age of 16, and we do not knowingly collect personal information from anyone under that age. If you believe a child has provided us information, please contact us and we will delete it.

10. International transfers

Callora is operated from India. If you access the Service from outside India, your information will be transferred to, processed and stored in India and any other country where our service providers operate. We take steps to ensure that information transferred internationally receives an adequate level of protection.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, for material changes, give prominent notice on the Service. Your continued use of Callora after a change takes effect constitutes your acceptance of the revised policy.

12. Grievance Officer (India)

In accordance with the Information Technology Act, 2000 and the rules made thereunder, the contact details of the Grievance Officer are:

Grievance Officer — Callora Networks
Sector 17, Chandigarh, India
Email: support@callora.cc
Hours: Monday–Saturday · 09:00–19:00 IST

Contact us. For any privacy question, request or complaint, write to support@callora.cc.