Privacy Policy

This Privacy Policy explains how Mord & Co. LLC, a Wyoming limited liability company ("Traceback," "we," "us," or "our"), collects, uses, shares, and protects personal information when you use the Traceback mobile applications, web application, and websites including trytraceback.com (collectively, the "Service"). It applies to users in the United States. Please read it together with our Terms of Service.

By using the Service, you agree to this Privacy Policy. If you do not agree, do not use the Service. The Service is intended only for individuals 18 years of age or older.

---

1. Summary

• Traceback reveals the phone number, and where available the name, behind blocked and "No Caller ID" calls using conditional call forwarding.
• To do this we collect your account details, access your contacts and call information (with your permission), and capture the originating number of forwarded calls.
• We share data with service providers (such as our payment processors, hosting, analytics, and messaging providers), with advertising partners through tracking pixels, and, as part of the core service, we add caller-identification data to a shared database available to the Traceback community.
• We do not sell your personal information for money, but our use of advertising pixels may be considered "sharing" or a "sale" under some U.S. state laws. You can opt out (see Section 9).
• You have rights to access, delete, and correct your data, and anyone (including non-users) can request removal from our caller database (see Sections 8 and 10).

This summary is for convenience only; the full policy controls.

2. Information We Collect

Information you provide:

• Account information: name, phone number, and email address.
• Payment information: subscriptions purchased on our website are processed by Stripe, and subscriptions purchased inside our mobile apps are processed through RevenueCat together with the Apple App Store or Google Play. We receive limited billing details (such as a purchase confirmation and the brand and last digits of your card); we do not store your full card number.
• Communications: information you provide when you contact support by email, live chat, WhatsApp, or Telegram, and your messaging preferences.

Information collected automatically or with your device permission:

• Contacts: with your permission, we upload the names and phone numbers in your device's address book to our servers to improve caller identification for you and the Traceback community (see Section 8).
• Call information / call log: with your permission, we access call information to identify the most recent blocked or "No Caller ID" call.
• Captured caller numbers: when a call is forwarded to our system, we capture the originating phone number and associate it with a name or label where available.
• Technical and device information: IP address, device type and operating system, app version, unique device and installation identifiers, and similar diagnostic data used for security, analytics, and reliability.
• Cookies and similar technologies: on our websites we use cookies, pixels, and SDKs (including analytics and advertising technologies) as described in Section 7.

We do not intentionally collect precise geolocation. Your IP address may indicate approximate (city/region-level) location.

3. Sensitive Information

Some information we process may be considered "sensitive personal information" under California and other state laws, including the contents of your contacts and information about your communications (call data). We use this information only to provide and improve the Service (caller identification) and related security, and not for purposes that would require offering a right to limit beyond what the law requires. You may request that we limit the use of sensitive personal information as described in Section 10.

4. How We Use Information

We use personal information to:

• Provide the core service: identify blocked, hidden, and "No Caller ID" callers and notify you across your devices;
• Build, maintain, and improve our caller-identification database (including community/crowdsourced identification);
• Create and manage your account and process subscriptions and payments;
• Provide customer support and respond to your requests;
• Send service and marketing communications, subject to your choices (see Section 11);
• Maintain security, prevent fraud and abuse, and debug and improve the Service;
• Perform analytics and research (often in aggregated or de-identified form); and
• Comply with legal obligations and enforce our Terms.

5. How We Share Information

We share personal information with the following categories of recipients:

• Service providers / processors who act on our behalf, including our payment processors (Stripe for website purchases and RevenueCat for in-app purchases), and our hosting, security, storage, analytics, error-monitoring, email, SMS, messaging, and push-notification providers. They may use your information only to provide services to us and are required to protect it. The specific providers we currently use are listed in the table below.
• Advertising and analytics partners. On our websites we use advertising and analytics technologies (including pixels and tags from providers such as Meta and TikTok) that may receive identifiers, device data, and activity data. This may be considered "sharing" or "selling" under state law (see Section 9).
• The Traceback community (caller database). Caller-identification data (phone numbers and associated names/labels), including information derived from uploaded contacts, is added to our database and used to identify callers for other users. This is a core function of the Service. We do not share your own account identity (your name and number as the subscriber) with other users for marketing purposes.
• Third-party data sources that we query to associate names with numbers.
• Legal, safety, and business transfers. We may disclose information to comply with law, respond to lawful requests, protect rights and safety, or in connection with a merger, acquisition, financing, or sale of assets.

Service providers we use. The table below lists the main third-party providers that process personal information on our behalf and what they are used for. Providers may change over time; we will update this table accordingly.

Provider	What we use it for
Stripe	Payment processing for website subscriptions
RevenueCat	Subscription management and payment processing for in-app purchases (together with the Apple App Store and Google Play)
Cloudflare	Website security and protection, content delivery and caching, traffic and website analytics, and object storage (R2) used to generate and store reports
PostHog	Product and usage analytics, primarily on an aggregated or de-identified basis
Google Analytics	Website analytics
Sentry	Error monitoring, crash reporting, and performance analytics
Resend	Sending operational and marketing emails
Prelude	Sending operational and marketing SMS text messages
Meta (WhatsApp)	Sending operational and marketing messages over WhatsApp
Apple Push Notification service (APNs)	Delivering push notifications on iOS
Expo	Delivering push notifications on Android

We do not sell your personal information for monetary payment. See Section 9 regarding "sharing"/"sale" as defined by state privacy laws.

6. Where Information Is Stored and International Transfers

Personal information is stored on cloud infrastructure located in Europe. Some of our service providers (including those listed in Section 5) are based in the United States or other countries and may process your information there. By using the Service, you understand and agree that your information will be transferred to, stored, and processed in Europe and in other countries where we and our providers operate, which may have data-protection laws different from those of your state or country. We take steps to protect your information consistent with this Policy wherever it is processed. We retain it for as long as needed to provide the Service and for the purposes described in this Policy (see Section 12).

7. Cookies and Tracking Technologies

Our websites use cookies, pixels, tags, and similar technologies for functionality, analytics, and advertising. This includes analytics technologies such as Google Analytics, PostHog, and Cloudflare analytics, and advertising technologies such as the Meta and TikTok pixels, which may set identifiers used to measure and target advertising across sites. You can control cookies through your browser settings, through any cookie banner or preference tool we provide, and through the opt-out described in Section 9. Some browsers send a Global Privacy Control (GPC) signal; where required, we treat a valid GPC signal as a request to opt out of "sharing"/"sale" for that browser.

8. Crowdsourced Contacts and the Caller Database

A core part of the Service is a shared caller-identification database. With your permission, we upload names and phone numbers from your device's contacts and incorporate them, along with numbers captured from forwarded calls and third-party sources, into this database to identify callers for you and other users.

Because names and labels come in part from how users save numbers in their own contacts, a displayed name may be a nickname or label rather than a legal name, and may be inaccurate. We provide this information "as is." If you grant contact access, you confirm you are allowed to share that contact information. You can disable contact access at any time in your device settings, and you can ask us to delete contact information you provided.

9. Your Right to Opt Out of "Sale" or "Sharing" (Do Not Sell or Share)

Our use of advertising pixels may be considered a "sale" or "sharing" of personal information for cross-context behavioral advertising under California and other state laws, even though we do not exchange your data for money.

You can opt out by:

• Using the "Do Not Sell or Share My Personal Information" link provided on our website;
• Enabling a Global Privacy Control (GPC) signal in your browser; and/or
• Contacting us at the email in Section 16.

We do not knowingly "sell" or "share" the personal information of anyone under 18.

10. Your Privacy Rights

Depending on where you live, you may have some or all of the following rights regarding your personal information:

• Access / know the personal information we have collected about you and how we use and share it;
• Delete personal information we hold about you;
• Correct inaccurate personal information;
• Opt out of "sale," "sharing," and targeted advertising (Section 9);
• Limit the use of sensitive personal information to what is necessary to provide the Service;
• Non-discrimination for exercising your rights.

Removal from the caller database (unlisting), available to everyone, including non-users. Anyone whose name or number appears in our database can request removal. We will remove identifying details within a reasonable time, except where we have a legal basis or public-interest reason to retain them (for example, numbers identified as spam or fraud).

How to exercise your rights. Submit a request to the email in Section 16, or through any in-app or website form we provide. We will verify your identity before fulfilling certain requests, typically by confirming details associated with your account. You may use an authorized agent to submit a request on your behalf, subject to verification. We will respond within the timeframes required by applicable law. If we deny a request, you may appeal by replying to our response.

State-specific notes. Residents of California (CCPA/CPRA), Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws have the rights described above to the extent provided by their state's law. California "Shine the Light": California residents may request information about disclosures of personal information to third parties for those parties' direct marketing; we do not currently make such disclosures.

11. Marketing Communications

With your consent where required, we may send you operational messages (such as verification codes, security alerts, and policy updates, which are necessary to use the Service) and marketing messages (such as offers and product updates) by email, SMS, WhatsApp, push notification, or similar channels. We use third-party providers to deliver these messages, including Resend (email), Prelude (SMS text messages), Meta WhatsApp (WhatsApp messages), and Apple Push Notification service (APNs) and Expo (push notifications).

You can opt out of marketing messages at any time by using the unsubscribe link in an email, replying STOP to a text message, adjusting your app or device notification settings, or contacting us. Opting out of marketing does not stop operational or security messages. Message and data rates may apply to text messages. By providing your phone number, you consent to receive the messages you have signed up for; consent to marketing texts is not a condition of purchase.

12. Data Retention

We keep personal information for as long as your account is active and as needed to provide the Service, and afterward as needed to comply with legal obligations, resolve disputes, enforce our agreements, and maintain security. We retain records of consent to auto-renewing subscriptions as required by law (generally at least three years). Caller-identification data may be retained as part of the database unless removal is requested and applies. When information is no longer needed, we delete or de-identify it.

13. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential.

14. Children's Privacy

The Service is for users 18 and older. We do not knowingly collect personal information from anyone under 18. If we learn we have collected such information, we will delete it. If you believe a minor has provided us information, contact us at the email in Section 16.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version with a new Effective Date and, where required, provide additional notice. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

16. Contact Us

For privacy questions or to exercise your rights, contact our privacy contact:

Mord & Co. LLC Attn: Privacy Email: legal@trytraceback.com