Effective: February 18, 2026 · Last Updated: March 22, 2026
Vendetta Labs ("we", "us") operates the SecureCall mobile application. This Privacy Policy describes how we collect, use, and protect your information.
Our Commitment
SecureCall is built on the principle that privacy is a fundamental right. We collect the absolute minimum data necessary to provide our service, and in most cases, we collect no data at all.
Data We Collect
Call content: End-to-end encrypted — we cannot access it
Call metadata: No persistent call history or recordings stored on servers. Signaling metadata (session IDs, connection IDs) is processed transiently for connection setup.
Contacts: Never leave your device
IP address: Visible during signaling and STUN/TURN connectivity; not persistently logged by our servers. TURN relay providers may see IPs required for WebRTC.
Push tokens: FCM tokens may be stored for push delivery and cleared on deregistration.
Advertising (FREE Version Only)
The free version displays ads via Google AdMob. AdMob may collect device identifiers for ad personalization. You can opt out in your device settings. See Google's Privacy Policy. Pro and Premium versions contain no ads.
IFR Token
IFR token verification queries on-chain data only. No personal data is collected or stored during wallet verification.
Third-Party Services
FREE: Firebase Crashlytics (anonymous crash reports, opt-out), Google AdMob (ads).
PRO & PREMIUM: No ads. Firebase Cloud Messaging (FCM) is used for push notifications across all tiers. STUN/TURN relay services are used for WebRTC connectivity.
Your Rights (GDPR)
You have the right to access, rectify, erase, and port your data. Since we collect virtually no personal data, these rights are satisfied by default.
Account & Data Deletion
To delete your account and all associated data:
Open SecureCall → Settings → Reset App
Or use STEALTH-DELETE (5 rapid taps on "Reset App" in Settings)
Or contact: kaspartisan@proton.me
All data is deleted immediately:
SecureID and phone number registration
Contact list
Call history
All app data on device
No call content or call recordings are stored on our servers. FCM push tokens are cleared on deregistration. Uninstalling the app removes all remaining local data.
Source Transparency
The SecureCall client source code is publicly available for transparency and independent security auditing. Official SecureCall/StealthX branding, backend services, store releases, and paid Pro/Premium licensing remain operated by Vendetta Labs.
SecureChat (in development) — Messaging. E2E encrypted via XChaCha20-Poly1305 + Double Ratchet. Messages routed through decentralized Kaspa relay nodes. No central server stores messages. SecureChat Security Design
Chameleon (alpha) — Privacy overlay for Android. Encrypts text in any app via AccessibilityService. All data stored locally with SQLCipher. No internet permission by default.
All three products share the same cryptographic stack (XChaCha20-Poly1305, X25519, Double Ratchet, Argon2id) and the same zero-data-collection principle.
Vendetta Labs ("wir", "uns") betreibt die mobile App SecureCall. Diese Datenschutzerklärung beschreibt, wie wir Ihre Daten erfassen, nutzen und schützen.
Unser Grundsatz
SecureCall basiert auf dem Prinzip, dass Privatsphäre ein Grundrecht ist. Wir erfassen ein absolutes Minimum an Daten — in den meisten Fällen überhaupt keine.
Datenerfassung
Gesprächsinhalte: Ende-zu-Ende verschlüsselt — wir können nicht darauf zugreifen
Metadaten: Keine Anrufprotokolle auf unseren Servern
Kontakte: Verlassen niemals Ihr Gerät
IP-Adresse: Nur vorübergehend sichtbar; wird nicht gespeichert
Werbung (nur FREE-Version)
Die kostenlose Version zeigt Werbung über Google AdMob. Sie können personalisierte Werbung in Ihren Geräteeinstellungen deaktivieren. Siehe Googles Datenschutzerklärung. PRO und PREMIUM enthalten keine Werbung.
Ihre Rechte (DSGVO)
Sie haben das Recht auf Auskunft, Berichtigung, Löschung und Datenübertragbarkeit. Da wir praktisch keine personenbezogenen Daten erfassen, sind diese Rechte standardmäßig erfüllt.