Last revised: 5 January 2024
This privacy policy sets out how Cryptify AB uses and protects any information that you give.
Cryptify AB is committed to ensuring that your privacy is protected. Should you be asked to provide certain information by which you can be identified when using this Cryptify Call service, then you can be assured that it will only be used in accordance with this privacy statement.
Cryptify AB may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
Personal information in Cryptify Call
IP address and diagnostic information
Your IP address is used when the app makes network connections.
To allow other users to communicate with you, Cryptify Call needs to maintain a connection to a Cryptify Rendezvous Server (CRS). Your organization configures which CRS the app uses in the Cryptify Management System (CMS), and may also operate the CRS themselves.
To help troubleshoot problems that may prevent you from using Cryptify Call, the app transmits to the CRS, in encrypted form, its version, the version of your device’s operating system, the current system time and the time when the app was first configured.
Please contact your CMS administrator to learn about the privacy policy of the CRS used by your organization.
Contacts
Cryptify Call uses your device’s contact book to translate phone numbers to contact names. Calling or messaging an entry in the contact book uses only the phone number; in particular, the name of the contact entry will not be stored in the app or transmitted out of the app. If you choose to administer a contact list within the app, then the numbers and names of the contacts you select will be stored in the app and transmitted in encrypted form to the subscribers. Contact lists are also included in encrypted backups that are stored on the CRS, making it easier to migrate to a new device.
Your CMS administrator may also configure Cryptify Call to allow other specially designed apps on your device to retrieve your phone number and to translate phone numbers to contact names.
The app does not store or transmit any contact information in any other case.
Camera
Cryptify Call uses the camera for three purposes.
When first launched, Cryptify Call needs to be configured with settings for your organization. For this purpose, Cryptify Call uses the device’s camera to scan a QR-code generated by the Cryptify Management System. No images are stored or transmitted out of Cryptify Call when scanning QR-codes.
Secondly, Cryptify Call allows you to use the camera take photos or record videos and attach them to secure text messages. The images and videos are stored in the app as part of the conversation. The attachments are always encrypted before being transmitted over the network, to ensure that no one except the intended recipient is able to view them.
Thirdly, you may choose to activate the camera during a call to transmit video to the other party. Before being transmitted over the network, the video stream is encrypted to prevent eavesdropping. The video is discarded from the app as soon as it has been transmitted over the network.
Microphone
Cryptify Call requires access to your device’s microphone in order to make calls. Before being transmitted over the network, the audio from the microphone is encrypted to prevent eavesdropping. The audio is discarded from the app as soon as it has been transmitted over the network.
Phone status
To block secure calls within Cryptify Call while an unsecured call takes place, Cryptify Call needs to read the phone status. This information is only used to block secure calls within Cryptify Call. In particular, Cryptify Call does not extract any personal information about your device or calls.
Photos and other files
Cryptify Call also allows you to attach photos, or other content generated in other apps, to secure text messages. The files you choose to attach are stored in Cryptify Call as part of the conversation. The attachments are always encrypted before being transmitted over the network, to ensure that no one except the intended recipient is able to view them.