Privacy Policy Version History

This page contains an archive of all versions of the Kalum Privacy Policy. We maintain complete version history for transparency. The current version is always available at the main privacy policy page.

All Versions

Version 2026-05-24

Current Version

Effective Date: May 24, 2026

Status: Active

Summary: Updated to reflect the rollout of Apple in-app purchases on iOS and additional opt-in flows. Added Apple Inc. as a sub-processor for App Store payment processing, restructured the iOS/Android permissions section to list optional permissions invoked by the Stripe SDK (camera, photo library, biometrics, approximate location) and the new opt-in contact-import flow (iOS Contacts / Android READ_CONTACTS), removed absolute "does not collect" claims that no longer fit the optional flows, and noted that account deletion is now available in-app at Settings โ†’ Delete Account.

Key Points:
  • Apple Inc. added as a sub-processor for iOS in-app purchase processing (StoreKit)
  • Stripe role clarified: Android and web only (cards, Google Pay)
  • New ยง2.5 documents opt-in permission flows (contacts, camera, photo library, biometrics, location)
  • Android READ_CONTACTS added for opt-in "Import from contacts"
  • iOS permission section expanded to list all Info.plist declarations
  • Apple privacy policy added to third-party notices
  • Account deletion now available in-app (Settings โ†’ Delete Account)
  • Receipt-validation idempotency added to security controls
View Current Version

Version 2026-05-04

Archived

Effective Date: May 4, 2026

Status: Superseded by 2026-05-24

Summary: Aligned the Privacy Policy with the current product. Disclosed Firebase App Check and Firebase Crashlytics, clarified that contacts are manually added in-app (no device address-book import), added GDPR/UK lawful bases and EEA/UK rights, expanded data-retention disclosure for financial records, and enumerated the iOS/Android permissions actually requested by the app (no AD_ID, no location).

Key Points:
  • Sub-processors expanded: Firebase Auth, Firebase App Check, Firebase Crashlytics, Twilio, Stripe, Fly.io
  • Apple Pay and Google Pay disclosed as Stripe-routed payment methods
  • "Manually added" contacts only โ€” no OS address-book import
  • GDPR / UK GDPR rights and lawful bases added
  • iOS and Android permissions explicitly listed; AD_ID confirmed removed
  • Financial-records retention up to 7 years for tax and anti-fraud
  • Standard Contractual Clauses for international transfers
  • No analytics, telemetry, or advertising SDKs
View Archived Copy

Version 2026-02-07

Archived

Effective Date: February 7, 2026

Status: Superseded by 2026-05-04

Summary: Initial privacy policy for Kalum prepaid VoIP calling service.

Key Points:
  • Phone number verification via Firebase Authentication
  • Call metadata collected for billing (destination, duration, timestamps)
  • Payment processing via Stripe (we never see card details)
  • Voice call audio handled by Twilio (we never access call content)
  • No advertising or third-party marketing
  • CCPA compliance for California residents
  • 18+ age requirement
  • Data security with encryption in transit and at rest
View Archived Copy

About Our Version History

We believe in transparency. Every time we update our privacy policy, we:

  • Create a permanent archived copy of the previous version
  • Update the effective date on the new version
  • List all versions on this page for your reference
  • Maintain this archive indefinitely

Our core commitment remains unchanged: we collect only the minimum data necessary to provide our calling service, and we never sell your personal information.