← Back to CallJots
Privacy Policy
Effective Date: May 19, 2026 — Last Updated: May 19, 2026
🔒 Our Privacy Promise: CallJots is built on zero-knowledge architecture. We cannot read your calls, access your notes, or decrypt your data. Your encryption keys are yours alone. We built this on the same principles as the Matrix protocol — your data is yours, always.
1. Introduction
This Privacy Policy ("Policy") describes how Joomo Enterprises ("Joomo," "we," "us," or "our") collects, uses, stores, and protects personal information when you use CallJots ("Service," "Platform," "App"), accessible at www.calljots.com and operated by Joomo Enterprises at www.joomo.enterprises.
By accessing or using our Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.
2. Data Controller
Joomo Enterprises is the data controller for personal data collected through CallJots. For inquiries: privacy@joomo.enterprises
3. Information We Collect
3.1 Information You Provide
- Account Data: Name, email address, phone number, date of birth, country
- Payment Data: Bitcoin/Lightning wallet addresses, Stellar XLM public keys (we never store private keys)
- Communications: Support requests, feedback, survey responses
3.2 Automatically Collected Data
- Technical Data: IP address, browser type/version, operating system, screen resolution, timezone, language preference
- Usage Data: Pages visited, features used, session duration, referral source
- Device Data: Device type, unique device identifiers (hashed)
3.3 Call & Transcription Data
- Call Metadata: Call duration, timestamps, participant count, call quality metrics
- Transcriptions: AI-generated call transcripts and summaries (encrypted at rest with AES-256)
- Audio Data: Call audio is processed in real-time and is not permanently stored unless you explicitly enable recording
4. How We Use Your Data
- Provide, maintain, and improve the Service
- Process transactions (Bitcoin/Lightning, Stellar XLM)
- Send service-related communications (account verification, security alerts)
- Generate AI transcriptions and summaries of your calls
- Monitor and analyze usage patterns to improve performance
- Comply with legal obligations
- Prevent fraud, abuse, and security threats
5. Encryption & Security
E2E ENCRYPTED ZERO-KNOWLEDGE AES-256 SRTP/DTLS
- End-to-End Encryption (E2E): All call media is encrypted via SRTP + DTLS-SRTP (RFC 3711 / RFC 5763). Only participants hold the decryption keys.
- Zero-Knowledge Architecture: Call notes and transcripts are encrypted at rest using AES-256. We cannot decrypt your data.
- Forward Secrecy: Key exchange uses ephemeral ECDH. A compromise today cannot decrypt yesterday's calls.
- Transport Security: All API traffic travels over TLS 1.3.
- Password Hashing: All passwords are hashed using Argon2id with memory-hard parameters.
- Session Security: Session tokens are cryptographically random, stored server-side, and expire after 30 minutes of inactivity.
6. Data Sharing & Disclosure
We do not sell, rent, or trade your personal data to third parties.
We may share data only in these limited circumstances:
- Service Providers: Infrastructure providers (hosting, CDN) under strict data processing agreements
- Legal Requirements: When required by law, court order, or governmental regulation
- Safety: To protect the rights, property, or safety of Joomo, our users, or the public
- Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
7. Data Retention
- Account Data: Retained until you request account deletion
- Call Transcripts: Stored encrypted until you delete them or your account is terminated
- Call Audio: Not permanently stored unless you enable recording (then retained per your settings)
- Technical Logs: Retained for 90 days for security and debugging purposes
- Payment Records: Retained as required by applicable financial regulations
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request a copy of your personal data
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your account and associated data
- Portability: Request export of your data in a machine-readable format
- Restriction: Request restriction of processing
- Objection: Object to certain processing activities
- Withdraw Consent: Withdraw consent at any time (where consent is the basis for processing)
To exercise these rights, contact: privacy@joomo.enterprises
9. International Data Transfers
Your data may be processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) where required.
10. Children's Privacy
Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will delete it promptly.
11. Cookies & Tracking
- Essential Cookies: Required for authentication and session management
- Analytics: We use privacy-respecting analytics (no third-party trackers)
- No Advertising Cookies: We do not use advertising or behavioral tracking cookies
12. Changes to This Policy
We may update this Policy from time to time. We will notify you of material changes by posting the new Policy on this page and updating the "Last Updated" date. Continued use of the Service after changes constitutes acceptance.
13. Contact Us
Joomo Enterprises
Website: www.joomo.enterprises
Email: privacy@joomo.enterprises
For data protection inquiries: dpo@joomo.enterprises
© 2026 Joomo Enterprises. All rights reserved. CallJots is a product of Joomo Enterprises.