Privacy Policy

Last updated: April 2026

1. Introduction

iTNet Solutions ("we", "our", or "us") operates the iTNet Softphone and enterprise communication services. This Privacy Policy outlines our comprehensive approach to data privacy, data security, and how we collect, use, disclose, and safeguard your information.

2. Information We Collect

• Personal Data: We collect personally identifiable information required for enterprise account provisioning, such as your name, corporate email address, and assigned telephone/extension number.
• Device and Telemetry Data: We automatically collect device information, including IP address, device identifiers, operating system version, and FCM (Firebase Cloud Messaging) tokens exclusively for the reliable delivery of push notifications for incoming calls.
• Contacts (Address Book): To facilitate efficient communication within the app, our application requests access to your device's contact list. We do not upload or store your personal contacts on our servers. Contacts are processed entirely locally on your device to display caller ID information and within the app's dialer interface.
• Microphone and Audio Data: The application requires microphone access to transmit your voice during active VoIP calls. We do not record or store your voice data on our servers unless explicitly requested by the enterprise administrator for compliance purposes (and subject to separate agreements).

3. How We Use Your Information

We use the collected information strictly to provide, maintain, and optimize our enterprise telephony services:

• Facilitating secure VoIP calls, SIP registrations, and media streaming.
• Sending critical push notifications to ensure timely call delivery.
• Managing enterprise accounts, billing, and subscription provisioning.
• Providing technical support, proactive network monitoring, and responding to inquiries.
• Analyzing aggregated telemetry data to improve network performance and application stability.

4. Data Security & Protection

As a provider of enterprise infrastructure, security is paramount. We implement robust, military-grade administrative, technical, and physical security measures, including:

• End-to-End Encryption: Utilizing TLS encryption for all SIP signaling and SRTP (Secure Real-Time Transport Protocol) for WebRTC media streams.
• Zero-Trust Architecture: Employing strict access controls and zero-trust principles within our internal infrastructure.
• Data Minimization: We only collect the absolute minimum data necessary to operate the private PBX network.

5. Data Retention

We retain personal information only for as long as is necessary for the purposes set out in this Privacy Policy. Enterprise account data is maintained for the duration of the active contract. Upon account termination, personal data is securely deleted or anonymized within 30 days, except where retention is required by law or for resolving disputes.

6. GDPR and User Rights

In compliance with the General Data Protection Regulation (GDPR) and other applicable privacy laws, users have the following rights regarding their personal data:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You may request correction of inaccurate or incomplete data.
• Right to Erasure (Right to be Forgotten): You can request the deletion of your personal data, subject to legal and contractual obligations.
• Right to Restrict Processing: You have the right to request a restriction on how your data is processed.

To exercise any of these rights, please contact our Data Protection Officer using the details provided below.

7. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: privacy@itnet247.com