Privacy Policy

1. Introduction

This Privacy Policy explains how Tazi ("Tazi," "we," "our," or "us") collects, uses, shares, and protects information when you use the Tazi mobile application and our related services (collectively, the "Service").

By using Tazi, you agree to the collection and use of information in accordance with this policy. If you don't agree with this policy, please don't use the Service.

2. Information we collect

2.1 Information you provide

• Account information. When you sign up, we collect your phone number, email address, and (if you choose) your display name. If you sign in with Apple or Google, we receive the basic profile information they share with us.
• Phone numbers you call. When you place a call through Tazi, we record the destination phone number to provide the calling service and to look up or save the menu structure for that number.
• Subscription information. If you subscribe to Tazi Pro, our payment partner (RevenueCat) processes your subscription and shares your subscription status with us. We do not see or store your payment card details.

2.2 Information collected automatically

• Call metadata. The date, time, duration, and outcome (connected, missed, ended) of calls you place through Tazi.
• Call audio (temporary). See Section 4 — Audio recordings & menu detection for the details. In short: we briefly process call audio to identify phone menu options, then delete it.
• Device information. Your iPhone model, iOS version, app version, and a unique device identifier we use for diagnostics and abuse prevention.
• Diagnostic information. Crash logs and performance metrics so we can find and fix bugs.

2.3 Information we do not collect

• We do not collect your contacts list.
• We do not collect your location.
• We do not access your photos, calendar, or other apps' data.
• We do not use third-party advertising or analytics SDKs (no Facebook Pixel, no Google Analytics, no AppsFlyer, etc.).

3. How we use your information

We use the information we collect to:

• Provide the calling service — placing your call, connecting you to the recipient, and routing audio.
• Detect, save, and display phone-menu structures so you (and other Tazi users) can skip them on future calls.
• Maintain your call history inside the app.
• Authenticate you, manage your account, and prevent fraud or abuse.
• Process subscriptions (via RevenueCat and the Apple App Store).
• Diagnose crashes and improve app performance.
• Communicate with you about service updates, security notices, and account matters.
• Comply with legal obligations.

We do not use your data to train general-purpose AI models, and we do not sell your data to anyone.

4. Audio recordings & menu detection

This is the part of Tazi that involves the most sensitive processing, so we want to be very clear.

4.1 What gets recorded

When you place a call through Tazi and the recipient appears to be an automated phone-menu system (an "IVR" — interactive voice response system), the call audio is briefly captured and processed on our servers to identify the spoken menu options.

4.2 What we extract

From that audio, we extract only the structural elements of the menu — for example: the option number ("1"), the option label ("Billing & payments"), and the order of options. We do not extract or store the agent's voice characteristics, ambient sound, or any portion of the conversation that occurs after you reach a human or complete a menu interaction.

4.3 What gets deleted

Once menu detection is complete (typically within minutes of the call ending), the original audio file is permanently deleted from our servers. Only the extracted menu structure (numbers, labels, and tree shape) is retained.

4.4 Calls to humans

If your call connects directly to a human (no menu system), no audio processing occurs. Audio is processed only when the call routes through an automated menu.

4.5 Opt-out

You can disable menu detection entirely in Settings → Privacy → Menu detection. With detection off, Tazi still works as a normal calling app, but new menus won't be added to the database from your calls.

5. The crowdsourced menu database

Tazi's main feature is a shared database of phone-menu structures. The first time any Tazi user calls a phone number with a menu, our system maps that menu and saves the structure. From then on, every Tazi user who calls that same number gets the menu instantly.

The database stores only:

• The phone number associated with the menu
• The menu structure (option numbers, labels, and how they branch)
• Aggregate statistics (e.g., how many times the menu has been used, the date it was last verified)

The database does not store any information identifying which Tazi user contributed which menu, when individual users called a number, or anything tied to your account.

6. How we share your information

We share information only in the limited circumstances described below.

6.1 Service providers

We use the following third-party service providers to operate Tazi. Each is contractually required to handle your data only as needed to provide their service to us, and none are permitted to use your data for their own purposes.

• Telnyx — places and routes voice calls.
• Amazon Web Services (AWS) — cloud hosting, storage, and serverless processing.
• OpenAI — used in a narrow capacity to extract menu structures from transcribed audio. Audio sent to OpenAI is not used to train OpenAI models per our agreement with them.
• RevenueCat — manages your subscription status with the Apple App Store.
• Apple — for Sign in with Apple, App Store payments, and APNs push notifications.
• Google — for Sign in with Google, if you choose to use it.

6.2 Legal compliance

We may disclose information when required by law, valid legal process, or to protect the rights, property, or safety of Tazi, our users, or others.

6.3 Business transfers

If Tazi is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

6.4 What we never do

• We never sell your personal information.
• We never share your information with advertisers.
• We never share your call recordings, transcripts, or call content with anyone outside the narrow processing described in Section 4.

7. Data retention

• Account data — retained as long as your account is active. Deleted within 30 days after you delete your account.
• Call audio — deleted within minutes of menu detection completing. Never retained beyond that.
• Call metadata (numbers, durations, timestamps) — retained for as long as your account is active. You can delete individual entries at any time from inside the app.
• Menu structures — retained indefinitely as part of the shared community database, with no link to your account.
• Diagnostic logs — retained for up to 90 days.
• Backups — encrypted backups may persist for up to 35 days after deletion before being cycled out.

8. Your rights and choices

You have the following rights regarding your information:

• Access. Request a copy of the personal information we hold about you.
• Correction. Update incorrect or outdated information about you.
• Deletion. Delete your account and associated data. You can do this directly in the app under Settings → Account → Delete account, or by emailing privacy@tazi.app.
• Portability. Export your call history as a structured file you can keep or transfer.
• Opt out of menu detection. See Section 4.5.
• Withdraw consent. Where we rely on your consent, you can withdraw it at any time.

To exercise any of these rights, email us at privacy@tazi.app. We'll respond within 30 days.

8.1 California residents (CCPA/CPRA)

If you live in California, you have the rights described above plus the right to know what personal information has been collected, the right to opt out of the "sale" or "sharing" of personal information (we don't sell or share, but you have the right regardless), and the right to non-discrimination for exercising your rights.

8.2 EEA, UK, and Swiss residents (GDPR)

If you live in the European Economic Area, the United Kingdom, or Switzerland, you have the rights described above plus the right to lodge a complaint with your local data protection authority. Our legal bases for processing are: performance of a contract (account, calls, subscriptions), legitimate interests (fraud prevention, service improvement), consent (where applicable), and legal obligation.

9. Security

We protect your information with industry-standard technical and organizational measures, including:

• Encryption of call audio in transit using DTLS-SRTP (the standard used for secure VoIP).
• Encryption of stored data at rest using AES-256.
• Encrypted device-to-server connections via TLS 1.3.
• Authentication tokens stored in iOS Keychain on your device.
• Least-privilege access controls for our staff and infrastructure.
• Routine security reviews and dependency scans.

No security system is perfect. If we ever discover a breach affecting your information, we will notify you and any required regulators promptly.

10. Children's privacy

Tazi is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact privacy@tazi.app and we will delete it.

11. International data transfers

Tazi is operated from the United States. If you use Tazi from outside the United States, your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those of your country. Where required by law (e.g., for EEA residents), we use Standard Contractual Clauses or equivalent mechanisms to safeguard international transfers.

12. Third-party services

Tazi integrates with the following third-party services. Each has its own privacy policy that governs how they handle your data:

• Apple (Sign in with Apple, App Store, Push Notifications) — apple.com/legal/privacy
• Google (Sign in with Google) — policies.google.com/privacy
• Telnyx (voice calling) — telnyx.com/legal/privacy-policy
• Amazon Web Services (cloud hosting) — aws.amazon.com/privacy
• OpenAI (menu structure extraction) — openai.com/policies/privacy-policy
• RevenueCat (subscriptions) — revenuecat.com/privacy

13. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we'll notify you in the app and by email at least 14 days before the changes take effect. The "Last updated" date at the top of this page tells you when this policy was last revised.

Your continued use of Tazi after the changes take effect means you accept the updated policy.

14. Contact us

If you have any questions, concerns, or requests about this Privacy Policy or how we handle your data, please reach out:

• Email: privacy@tazi.app
• Mail: Tazi, [Your business address]
• Data Protection Officer: dpo@tazi.app