Features How it Works Pricing FAQ Get Started
Legal

Privacy Policy

Last updated: April 2026.

Introduction

At SecondLine, privacy isn't a feature — it's the foundation of the product. This Privacy Policy describes how SecondLine ("we", "us", "our") collects, uses, shares, and protects information about you when you use our website, mobile apps, and services (together, the "Service"). By using SecondLine, you agree to the practices described here.

Information we collect

We collect the minimum information needed to run a reliable, secure phone service:

  • Account information: your email address, password (stored as a salted hash), display name, and time zone.
  • Phone numbers: the virtual numbers you provision through SecondLine and the country/region they belong to.
  • Communication metadata: the time, duration, and parties involved in calls and messages, used to route and bill traffic.
  • Payment information: billing address and the last four digits of your card. Full card details are handled by our PCI-compliant payment processor — we never see or store them.
  • Device & log data: IP address, device type, browser, OS version, and crash logs to keep the service stable and detect abuse.
  • Support communications: messages you send to our support team and any attachments you include.

How we use your information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Route calls and messages to and from your virtual numbers.
  • Authenticate your account and protect it from unauthorized access.
  • Detect, investigate, and prevent fraud, spam, and abuse.
  • Send transactional notifications (billing receipts, security alerts, service updates).
  • Comply with legal obligations and respond to lawful requests.

We never sell your personal data, and we don't use the content of your calls or messages to train AI models or serve ads.

Sharing your information

We share information only in limited circumstances:

  • Telecom carriers: to actually connect your calls and deliver your messages.
  • Service providers: trusted vendors (hosting, analytics, payment processing) who are bound by contracts requiring confidentiality.
  • Legal requests: when we receive a valid subpoena, court order, or other legal process. We push back on overly broad requests and notify users when permitted.
  • Business transfers: if SecondLine is acquired, your information may transfer to the new owner under the same protections.

Data retention

Call and message content is held only long enough to deliver it — typically seconds for calls and up to 30 days for unread messages. Metadata (caller, callee, duration) is retained for up to 12 months to support billing, dispute resolution, and abuse prevention. Account information is kept while your account is active and for 90 days after closure to handle final billing and legal obligations, after which it is permanently deleted.

Security

We protect your data with industry-standard safeguards: TLS 1.3 in transit, AES-256 at rest, hardware-backed key management, mandatory two-factor authentication for our staff, and regular third-party security audits. No system is perfectly secure, but we work hard to make SecondLine one of the safest places for your phone identity.

Your rights

Depending on where you live, you may have the right to:

  • Access a copy of the personal data we hold about you.
  • Correct inaccurate or incomplete information.
  • Delete your account and associated data.
  • Export your data in a portable format.
  • Object to or restrict certain processing.
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, email privacy@secondline.app. We respond within 30 days.

International transfers

SecondLine operates globally. Your information may be processed in countries other than your own, including the United States and the European Union. When we move data across borders, we rely on Standard Contractual Clauses and equivalent safeguards to keep it protected.

Children's privacy

SecondLine is not intended for anyone under 16. We do not knowingly collect data from children. If you believe a child has created an account, contact us and we will delete it promptly.

Changes to this policy

We'll update this policy from time to time. If changes are material, we'll notify you by email or in-app banner at least 30 days before they take effect. The "Last updated" date at the top always reflects the most recent revision.

Contact us

Questions, concerns, or compliments about privacy? Reach our Data Protection Officer at privacy@secondline.app, or write to us at SecondLine Inc., 548 Market St, PMB 92345, San Francisco, CA 94104, USA.