Privacy Policy

Last updated: April 9, 2026

This Privacy Policy describes how Interconnected Software, Inc. ("we," "us," or "our") collects, uses, and shares information in connection with the IncNumber service ("the Service") available at incnumber.com.

1. Information We Collect

1.1 Information You Provide

• Email address — Used as your SMS forwarding destination, account identifier, and for service-related communications.
• Voice greeting text — The custom greeting message you configure for incoming callers.
• Feedback submissions — Any feedback or support requests you submit through the Service.

1.2 Information Generated by the Service

• US phone number — The number provisioned and assigned to your account.
• SMS message content — The content of text messages received on your number, stored for forwarding and message history.
• Call metadata — Caller phone number and call timestamp. No call audio is recorded or stored.

1.3 Information Collected Automatically

• Usage data — Pages visited, features used, and interaction patterns, collected via Google Analytics (GA4).
• Error and performance data — Application errors and performance metrics, collected via Sentry.
• Network data — IP address, browser type, and device information processed by Cloudflare for security and content delivery.

1.4 Payment Information

Payment information (credit card number, billing address) is collected and processed directly by Stripe. We do not receive, store, or have access to your full card details. We receive only a confirmation of payment status and the billing country you provide.

2. How We Use Your Information

We use your information for the following purposes:

• To provision and maintain your US phone number
• To forward incoming SMS messages to your email address
• To play your custom voice greeting for incoming callers
• To process and manage your subscription payments
• To display your message and call history in the dashboard
• To send service-related communications (e.g., account alerts)
• To monitor and improve the reliability and performance of the Service
• To detect and prevent fraud, abuse, and violations of our terms
• To comply with legal obligations

3. Data Sharing and Third-Party Services

We share your information only with the following categories of service providers, solely to operate the Service:

• Telecom infrastructure provider — Processes your phone number, incoming SMS content, and call metadata to deliver telephony services.
• Stripe — Processes your payment information and manages your subscription. See Stripe's Privacy Policy.
• Email delivery provider — Transmits forwarded SMS messages and service emails to your email address.
• Google Analytics (GA4) — Collects anonymized usage data to help us understand how the Service is used. See Google's Privacy Policy.
• Sentry — Collects error reports and performance data to help us identify and fix issues.
• Cloudflare — Provides CDN, DDoS protection, and DNS services. Processes network-level data.
• Firebase (Google Cloud) — Provides authentication and database infrastructure.

We do not sell, rent, or trade your personal information to any third party for marketing or advertising purposes.

4. Data Retention

• SMS content and call records: Retained for 90 days after receipt, then automatically deleted.
• Account information: Retained for the duration of your subscription and for 30 days after cancellation, after which it is deleted.
• Deleted account archives: Minimal account metadata (excluding message content) may be retained for up to 12 months after deletion for fraud prevention and legal compliance purposes.
• Payment records: Retained by Stripe in accordance with their data retention policies and applicable financial regulations.

5. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption in transit (TLS/HTTPS) for all data transmissions
• Encrypted database storage with access controls
• Authentication via Firebase Auth (OAuth-based; we never store passwords)
• Payment data handled entirely by PCI-DSS compliant Stripe infrastructure

While we take reasonable precautions, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. International Data Transfers

The Service is operated from the United States. If you are located outside the United States (including the European Economic Area, United Kingdom, or other jurisdictions), your personal data will be transferred to and processed in the United States.

For transfers from the EEA/UK, we rely on the following legal mechanisms:

• Contractual necessity — Processing is necessary to perform the contract (your subscription) with you, pursuant to Article 49(1)(b) of the GDPR.
• Standard Contractual Clauses — Where applicable, our third-party service providers maintain appropriate data transfer mechanisms.

7. Your Rights Under the GDPR (EEA/UK Residents)

If you are located in the European Economic Area or the United Kingdom, you have the following rights under the General Data Protection Regulation:

• Right of access — Request a copy of the personal data we hold about you.
• Right to rectification — Request correction of inaccurate or incomplete data.
• Right to erasure — Request deletion of your personal data, subject to legal retention requirements.
• Right to restriction — Request that we limit processing of your data in certain circumstances.
• Right to data portability — Request your data in a structured, machine-readable format.
• Right to object — Object to processing based on legitimate interests.

Legal bases for processing: We process your personal data on the following grounds:

• Performance of a contract — Processing necessary to provide the Service you subscribed to (Article 6(1)(b) GDPR).
• Legitimate interests — Processing necessary for fraud prevention, service improvement, and security (Article 6(1)(f) GDPR).
• Legal obligation — Processing required to comply with applicable laws (Article 6(1)(c) GDPR).

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. If you believe your rights have been violated, you have the right to lodge a complaint with your local data protection authority.

8. Your Rights Under the CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

• Right to know — Request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to delete — Request deletion of your personal information, subject to certain exceptions.
• Right to opt-out of sale — We do not sell your personal information. No opt-out is necessary.
• Right to non-discrimination — We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, contact us at [email protected]. We will verify your identity and respond within 45 days.

9. Cookies and Tracking Technologies

The Service uses the following tracking technologies:

• Google Analytics (GA4) — Uses cookies and similar technologies to collect anonymized usage statistics. You can opt-out using the Google Analytics Opt-out Browser Add-on.
• Sentry — Collects error and performance data using session identifiers. No marketing cookies are used.
• Cloudflare — May set security-related cookies (e.g., __cf_bm) for bot detection and DDoS protection.
• Firebase — Uses local storage and cookies for authentication session management.

We do not use any third-party advertising cookies or cross-site tracking technologies.

10. Children's Privacy

The Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at [email protected].

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and notify you by email. Your continued use of the Service after such changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related inquiries, data access requests, or complaints, contact us at:

Interconnected Software, Inc.
131 Continental Dr, Suite 305, Newark, DE 19713, United States
Email: [email protected]