Welcome to GenPBX ("we," "our," "us," or "the App"), a softphone application developed and operated by GenByte, based in Dhaka, Bangladesh. We are committed to protecting your privacy and ensuring transparency about how we handle your personal data.
This Privacy Policy explains what information we collect, how we use it, how we share it, and what rights you have regarding your data. By installing or using GenPBX, you agree to the practices described in this policy.
In Short
GenPBX is a business communication tool. We collect only what is necessary to register your SIP extension, place and receive calls, and provide the features you have explicitly enabled — nothing more.
02Information We Collect
a) Information You Provide
Account credentials: SIP username, password, server domain, and extension number that you enter to register your softphone.
Profile information: Optional display name, profile photo, and contact preferences.
Communication content: When you make or receive calls, audio is transmitted through your SIP server. The App itself does not record calls unless your administrator has enabled call recording on the PBX server.
b) Information Collected Automatically
Device information: Device model, operating system version, unique device identifiers, and app version.
Network information: IP address, network type (Wi-Fi/mobile), and connection quality metrics for VoIP performance.
Call metadata: Call timestamps, duration, dialed numbers, and call status (answered, missed, busy). This metadata is processed by the SIP server you connect to.
Crash and diagnostic logs: Anonymous error reports to help us fix bugs and improve stability.
c) Information We Do NOT Collect
We do not access your photos, SMS messages, or browsing history.
We do not sell your personal data to third parties.
We do not use your data for advertising or marketing profiling.
We do not access your contacts unless you explicitly grant permission, and even then, contacts remain on your device.
03App Permissions
GenPBX requests the following Android permissions, each used strictly for its stated purpose. You can revoke any permission at any time through your device's settings.
Microphone
Required to capture your voice during calls. Audio is transmitted only to the active call participant.
Phone State
Used to detect incoming cellular calls and pause VoIP audio to prevent overlap.
Internet
Required to connect to the SIP server and route VoIP calls over your data connection.
Notifications
Used to alert you of incoming calls, missed calls, and registration status changes.
Contacts Optional
If granted, lets you dial directly from your contact list. We never upload contacts to our servers.
Background Operation
Allows the App to maintain SIP registration and receive incoming calls when the screen is off.
Bluetooth Optional
Required only if you choose to use a Bluetooth headset for calls.
Foreground Service
Keeps the App active during calls and SIP registration to ensure call reliability.
04How We Use Your Information
We use the information we collect to:
Register your SIP extension with the configured PBX server.
Place, receive, and route VoIP calls reliably.
Display call history, missed call notifications, and registration status.
Diagnose technical issues and improve app stability.
Provide customer support when you contact us.
Comply with applicable legal obligations.
05Sharing & Disclosure
We do not sell, rent, or trade your personal information. We share data only in these limited situations:
With your SIP/PBX provider: Call signaling and audio are transmitted to the SIP server you (or your administrator) configured in the App.
With your organization's administrator: If you use a tenant-managed account, your administrator may have access to call logs, recordings (if enabled), and usage data through the GenPBX management dashboard.
Service providers: We may use trusted third parties for crash reporting and infrastructure (e.g., hosting), bound by confidentiality agreements.
Legal requirements: If required by law, court order, or to protect the rights, safety, or property of GenByte or others.
06Data Storage & Security
Your account credentials and call logs are stored locally on your device. Server-side data (such as call detail records and any enabled recordings) is stored on the GenPBX server you connect to, which may be hosted by GenByte or by your organization.
We employ industry-standard security measures including:
Encrypted SIP signaling (TLS) and encrypted media (SRTP) where supported by the server.
WebSocket Secure (WSS) connections for SIP-over-WebSocket transport.
Access controls on our infrastructure and per-tenant data isolation.
Regular security reviews, software updates, and infrastructure monitoring.
While we strive to protect your information, no method of transmission over the internet is 100% secure. You are responsible for keeping your SIP password and device secure.
07Data Retention
We retain different types of data for different periods:
Data Type
Retention Period
Local call logs & settings
Until you uninstall the App or clear app data
Server-side call records (CDRs)
90 days to 12 months (per organization policy)
Call recordings
Per admin policy · Default 50 GB tenant quota with auto-cleanup
Diagnostic logs
Up to 30 days
08Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Access: Request a copy of the personal data we hold about you.
Correction: Request that we correct inaccurate or incomplete information.
Deletion: Request that we delete your personal data, subject to legal and contractual obligations.
Withdraw consent: Revoke any permissions you previously granted via your device settings.
Data portability: Request your data in a machine-readable format.
Object to processing: Object to certain types of data processing where applicable.
To exercise any of these rights, contact us using the details in Section 12. We will respond within 30 days.
09Children's Privacy
GenPBX is intended for business use and is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately so we can delete it.
10Third-Party Services
The App may interact with the following third-party services depending on your configuration:
Google Play Services: For push notifications and app distribution.
Firebase Cloud Messaging (FCM): For incoming call notifications when the app is in the background.
WhatsApp Business API: If your administrator has enabled WhatsApp notifications for missed calls or low-balance alerts.
Each third-party service has its own privacy policy, which we recommend you review.
11Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify users through the App or by updating the "Last Updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.
12Contact Us
If you have questions, concerns, or requests related to this Privacy Policy or your data, please reach out to GenByte. We typically respond within 1–2 business days.