Cobinar Phone

Privacy Policy

Last updated: January 2025

Cobinar Phone ("we", "us", "our") is a product of Cobinar. This policy explains what data we collect when you use phone.cobinar.com and console.phone.cobinar.com, how we use it, and your rights.

1. Data we collect

Account data. When you create a developer account we collect your name, email address, and profile photo (if you sign in with Google).

Virtual phone identity. Each account is assigned a unique virtual phone number (e.g. +999 482 918 102). This number is generated at random and is not derived from any personal attribute.

Usage data. We log OTP request metadata — virtual phone number addressed, timestamp, status (pending / verified / failed / expired) — for analytics, billing, and security. We never log the OTP code itself; only a salted hash is stored and it is deleted after verification or expiry.

Application credentials. We store salted hashes of Client Secrets and API Keys. Plaintext values are shown exactly once at creation time and are not retained by us.

2. How we use your data

  • To provide and operate the platform.
  • To authenticate you into the developer console.
  • To send signed webhook events to endpoints you register.
  • To show usage analytics in your console dashboard.
  • To detect and prevent abuse.

We do not sell personal data. We do not use it for advertising.

3. Third-party services

We use Firebase Authentication and Cloud Firestore (Google) to store developer accounts and application data. We use Cloudflare Workers to process API requests at the edge. Both providers maintain their own security and privacy programs.

4. Data retention

OTP request records are retained for 90 days, then automatically deleted. Account data is retained while your account is active. You may request deletion at any time.

5. Your rights

You may request a copy of the data we hold about you, correction of inaccurate data, or deletion of your account and associated data. Email privacy@cobinar.com.

6. Security

All traffic is encrypted in transit via TLS. Secret credentials are stored only as salted SHA-256 hashes. OTP codes are hashed before storage and never returned by the API. Access to production Firestore is restricted to service-account credentials held exclusively by our Cloudflare Workers.

7. Contact

Questions? Email privacy@cobinar.com or write to Cobinar, privacy team, c/o cobinar.com.

Cobinar Phone
Home Terms Cobinar
© 2025 Cobinar