Trust · Plain English
How CallerFilterPro handles trust
The formal legal version lives in our privacy policy and terms of service. This page is the plain-English version — the principles the product is built on and what we do and don't do with your information.
1. Privacy architecture
The load-bearing decisions:
- We do not read your contacts. CFP does not request or upload your phone's address book. Some competitors (Truecaller historically) built their business on crowdsourced contact-list uploads. We didn't.
- Your VIP list is your data, not our dataset. The rules you configure (who rings through, who gets screened) are stored per-account and are not aggregated or resold.
- Screening intake is captured under your account only. The name / callback number / reason a caller provides during screening lands in your dashboard. It is not part of a shared cross-user database.
- Call metadata is minimum-necessary. We store what's needed to power the dashboard and the screening flow. We don't retain what we don't need.
2. Security approach
- HTTPS everywhere. Every page on callerfilterpro.com is served over HTTPS with strict transport security. The dashboard, checkout, and API are HTTPS-only.
- Voice infrastructure runs on Telnyx. Carrier-grade PSTN with STIR/SHAKEN attestation. We do not maintain our own voice trunks.
- Payments run on Stripe. We never see your card number. Stripe holds PCI compliance; we hold none of the card data.
- Password hashing. Passwords are hashed with Argon2id (the current OWASP recommendation). Plaintext passwords never touch our storage.
- Signed webhooks. Every external webhook (Telnyx, Stripe) is verified with the provider's signature. Unverified requests are rejected.
- Rate limits and abuse guards. Auth endpoints and other sensitive routes have rate limiting in place to slow credential-stuffing and enumeration attacks.
3. Data-handling principles
- Minimum-necessary collection. We ask for the data that's needed to run the service.
- Per-account isolation. Your data is scoped to your account. We do not merge your data with other users' data to build a cross-user product.
- Deletion on request. You can request account deletion via the support email. We honor the request and confirm.
- No sale of personal data. We don't sell user data to advertisers, brokers, or third parties.
- Analytics posture. Our marketing site uses privacy-conscious analytics only. We do not fingerprint users across the web.
4. Transparency
- Legal entity is public. CallerFilterPro is made by LTI Group LLC, a Wyoming LLC. Address: 30 N Gould Street, Suite R, Sheridan, WY 82801. Support phone: +1-888-653-0188.
- Support email: support@callerfilterpro.com
- Security disclosure: Report a suspected vulnerability at security@callerfilterpro.com. We acknowledge good-faith reports within one business day and do not pursue legal action against researchers who report responsibly.
- Honest scope statements. We are not a HIPAA-covered service. We are not an emergency service. We do not place 911 calls. We say so plainly in the product and on the marketing site.
What CFP is NOT
- Not a caller-ID service (we don't sell reverse lookup)
- Not a spam database (we don't sell block-list data)
- Not a HIPAA-covered service (we don't handle clinical PHI as part of the screening layer; see our doctors page for details)
- Not an emergency service (we don't dial 911)
- Not a recording tool (screening intake is stored, not full-audio call recording)
Last updated 2026-07-12. If any claim on this page becomes inaccurate, we correct it immediately and note the change here.