This website and the Telebase API are operated by Telebase d.o.o., a limited liability company registered in Belgrade, Republic of Serbia. Telebase d.o.o. is the controller for the processing described in this policy. You can reach us at [email protected].
Telebase is used by businesses to check telecom signals on phone numbers, for example during customer onboarding or before a sensitive transaction. Two groups of people are therefore covered by this policy: our customers (account holders) and the individuals whose phone numbers our customers submit to the API.
When a customer submits a number, we pass it to our upstream telecom providers and return signals such as carrier, country, number type, line status and SIM swap indicators. Our legal basis for this processing is legitimate interest in preventing fraud under Article 6(1)(f) of the GDPR; Recital 47 expressly recognises fraud prevention as a legitimate interest. Our customers are independently responsible for their own lawful basis when they submit numbers, as set out in our Terms of Service.
To protect user privacy, Telebase does not store raw phone numbers in our permanent query logs.
SHA256 hash immediately after processing.We share the minimum necessary data (the phone number) with our upstream telecom providers to retrieve the intelligence you requested. These providers have their own privacy policies regarding data handling.
Our current upstream providers include Vonage and Twilio. Billing and payments are processed by Paddle, who acts as Merchant of Record. This website is hosted on Cloudflare Pages, and website usage analytics are provided by Google Analytics (see Section 7).
Telebase is established in the Republic of Serbia, which is not covered by an EU adequacy decision. Where we process personal data of individuals in the EU, UK or EEA, transfers to Telebase are protected by Standard Contractual Clauses or equivalent safeguards in our agreements with customers and providers. Our upstream providers and processors may process data in the EU and the United States under their own compliance frameworks, details of which are available in their respective privacy policies.
This website uses Google Analytics 4 to understand how visitors use the site. Google Analytics sets cookies and similar identifiers and collects usage events such as pages viewed, approximate location derived from a truncated IP address, and device and browser information. We use this data in aggregate to improve the site; we do not use it to identify individual visitors, we do not run advertising trackers, and we do not sell personal data.
You can prevent this collection by blocking cookies in your browser settings or by installing Google's Analytics opt-out browser add-on.
We retain billing records and account information for as long as your account is active. Hashed query logs are kept for 90 days for troubleshooting and then automatically deleted.
Under the GDPR and other applicable privacy frameworks, you have the right to access, rectify, delete or export your personal data, and to object to processing based on legitimate interest. These rights apply both to account holders and to individuals whose phone numbers have been submitted to the API by one of our customers. If your number was checked by a business using Telebase, that business is the controller of its own check and is often the right first point of contact, but you can also contact us directly.
To submit a request, contact us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the data protection supervisory authority in your country of residence.