Privacy Policy

Last Updated: March 25, 2026

1. Data We Collect

• Account Data: Email and billing information (processed securely via Stripe).

• Query Metadata: We log the timestamp and API key used for each request for billing and rate-limiting purposes.

2. Carrier Data

When you use Telebase's phone number verification services, you authorise your mobile carrier to disclose your mobile account details for the purpose of verifying your identity. Those details may include your name and address. This data is used solely to help identify you or your wireless device and to prevent fraud. Phone numbers submitted to Telebase are stored in hashed form only and are never retained in plaintext. Query logs are retained for a maximum of 90 days and automatically deleted thereafter.

3. How We Handle Phone Numbers (The "Hash" Rule)

To protect user privacy, Telebase does not store raw phone numbers in our permanent query logs.

• Hashing: We convert phone numbers into a SHA256 hash immediately after processing.

• Transit: Raw numbers are only held in temporary memory long enough to fulfill the request to our upstream providers (Twilio).

4. Third-Party Data Processors

We share the minimum necessary data (the phone number) with our upstream telecom providers to retrieve the intelligence you requested. These providers have their own privacy policies regarding data handling.

5. Data Retention

We retain billing records and account information for as long as your account is active. Hashed query logs are kept for 90 days for troubleshooting and then deleted.

6. Your Rights

Under GDPR and other privacy frameworks, you have the right to access, delete, or export your account data. For requests, contact hello@telebase.io.