What we sell, and what we don't
CloakID sells subscriptions for US phone numbers with call screening and SMS. We don't sell data. There is no ad SDK in the app, and no data-broker pipeline reading from our systems.
Carrier relationships
CloakID provisions US phone numbers through Telnyx, a licensed US carrier. Inbound calls and SMS enter through Telnyx and reach your device; outbound calls and SMS leave through the same path. Telnyx sees the numbers they provision and the call detail records required for billing and regulatory compliance. They do not receive your CloakID account identity.
Deleting a persona releases its phone number back to the carrier pool. Releases are permanent — the same number cannot be reclaimed.
On the device
The iOS app stores local state in the iOS keychain and the app sandbox. Biometric unlock is optional and configured per-device.
Disclosure
If you believe you have found a security issue, please reach us through the contact page. Coordinated disclosure is welcome.
Full writeup — in progress
We're deliberately not publishing specifics about server-side encryption, key management, retention windows, or the complete list of third-party processors until we can describe each one as it actually exists in the system today. Those sections will live here when the writeup is ready.
If there's a specific question you need answered before that, the contact page is the fastest path.