TimberSwitch handles your phone calls, voicemails, and customer numbers. We treat that data like it's our own — because if we don't, we don't have a business. This page is specific about what we do, what we don't, and what's on the roadmap.
Encryption everywhere
Calls travel encrypted between your phone and our infrastructure (TLS 1.2+). Voicemails, transcripts, and messages are encrypted at rest in our database and object storage with AES-256 via AWS KMS. Industry-standard, no asterisks.
No reselling. No advertising. No tracking pixels.
We don't share your data with advertisers. We don't sell contact lists. We don't run third-party trackers in our app. Your call recordings never train someone else's AI model. The full list of services that touch your data is on our subprocessors page — every one of them, no hidden integrations.
You control your data
- Delete a voicemail and it's gone — from our database, from storage, from backups within 30 days.
- Cancel your account and we delete everything within 30 days. No "we keep it forever in case you come back."
- Export your call log, voicemails, and contacts on demand from your account page.
- Retention you choose — default voicemail retention is 90 days. Want shorter? 30 days. Need longer? 365. Set it once per workspace and we enforce it automatically.
Authentication built for real teams
- Two-factor authentication (TOTP + backup codes) on every account.
- Sign in with Microsoft or Google if your team prefers SSO.
- Session devices are tracked; revoke any session from your account page.
- Trusted-device fingerprinting for repeat-login experience without weakening security.
Audit trail
Every security-relevant action — sign-ins, password changes, API key creation, voicemail playback, member added or removed — writes a tamper-evident audit row scoped to your workspace. SOC 2 standard 7-year retention. Customer-visible audit log lands in v1.1.
How we handle your phone calls specifically
- SIP transport encrypted. Browser softphone uses WSS + DTLS-SRTP. No clear-RTP carrier path.
- Voicemail audio encrypted at rest (AES-256). Your team plays it back through TimberSwitch with org-membership checks; no public URLs.
- Webhooks signed. Inbound webhook callbacks from our carrier are Ed25519-verified before any DB write — even a brief misconfiguration can't accept spoofed calls.
- Number ownership stays yours. Cancel anytime; we don't hold your number hostage. Free port-out.
How we handle subpoenas and legal requests
We require valid legal process. We push back on overbroad requests. We tell you we got one when we're legally allowed to. We publish a transparency report annually starting in 2027.
Roadmap (with committed dates)
Specific things we've decided to ship and when. We update this list as we go.
| What | Target |
|---|---|
| Customer-visible audit log page | v1.1 (May 2026) |
| Configurable per-workspace retention slider | v1.1 (May 2026) |
| Annual third-party penetration test | Q3 2026 |
| SOC 2 Type I attestation | Q4 2026 |
| SOC 2 Type II attestation | Q2 2027 |
| HIPAA BAA-eligible workspaces | Q4 2026 |
| Self-hosted transcription (no third-party audio) | v1.2 (Q3 2026) |
| Bring-your-own KMS key (enterprise) | Q1 2027 |
| First annual transparency report | Jan 2027 (covering 2026) |
Found a vulnerability?
We welcome security research. Email [email protected] or see our security.txt for our responsible-disclosure policy. We respond within 5 business days. Critical findings get same-day attention.
Other questions
Privacy Policy · Terms of Service · Subprocessors · 911 / E911 notice