Privacy Policy

This Privacy Policy describes how Truecaller ("we," "us," "our," or "the Company"), operating through the website trueecaler.com, collects, uses, processes, stores, shares, and protects the personal information of users ("you," "your," or "User") who access or use our technology platform and associated services. We are committed to maintaining the highest standards of data privacy and transparency in compliance with applicable Indian laws and internationally recognized best practices.

We encourage you to read this Privacy Policy carefully before using our services. By accessing or using trueecaler.com, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with this policy, please refrain from using our services.

1. About Us

Truecaller is a technology company operating in India, providing digital services through its platform at trueecaler.com. Our services include but are not limited to caller identification, spam detection, communication tools, and related technology features designed to enhance user communication experiences.

Company Name Truecaller
Website trueecaler.com
Email Address [email protected]
Country of Operation India

2. Legal Framework and Applicable Laws

This Privacy Policy is governed by and compliant with the following applicable laws and regulations:

  • The Digital Personal Data Protection Act, 2023 (DPDPA) – India's primary legislation governing the collection, processing, and storage of digital personal data.
  • The Information Technology Act, 2000 (IT Act) – including the Information Technology (Amendment) Act, 2008.
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (IT Rules, 2011) – governing the handling of sensitive personal data.
  • The Telecom Commercial Communications Customer Preference Regulations, 2018 – relating to telecommunications and spam communications.
  • General Data Protection Regulation (GDPR) – adopted as a global benchmark for best practices in data protection, applied voluntarily to enhance user trust and data governance standards.
  • Any other applicable central and state regulations as amended from time to time.

As a technology company operating in India, we act as a Data Fiduciary (as defined under the DPDPA, 2023) with respect to the personal data we collect and process. Where we process data on behalf of another Data Fiduciary, we act as a Data Processor.

3. Information We Collect

We collect various types of information to provide, improve, and personalize our services. The categories of information we collect include:

3.1 Personal Identification Information

When you register, create an account, or interact with our platform, we may collect:

  • Full name and username
  • Email address
  • Mobile phone number
  • Date of birth (for age verification purposes)
  • Gender (optional)
  • Profile photo or avatar (if uploaded)
  • Mailing or billing address
  • Government-issued identification numbers (where required by law for verification)

3.2 Contact Book and Directory Data

As a caller identification and communication platform, with your explicit consent, we may access and process:

  • Your device's contact list or phonebook entries
  • Contact names, phone numbers, and associated metadata stored on your device
  • Communication history relevant to our services

This data is used to provide caller identification services, spam detection, and personalized communication features. You have the right to withdraw this consent at any time by adjusting your in-app settings or contacting us.

3.3 Usage Data and Behavioral Information

We automatically collect certain data when you use our platform, including:

  • Pages visited, features used, and actions taken on our website or application
  • Search queries made within our platform
  • Time spent on pages and features
  • Click-through patterns and interaction logs
  • Frequency and duration of service use
  • Referral URLs and exit pages

3.4 Device and Technical Information

We collect technical information about the devices used to access our services, including:

  • Device type, model, and manufacturer
  • Operating system version and type
  • Browser type and version
  • Unique device identifiers (UDID, IMEI, IMSI, Android ID, or Apple IDFA)
  • IP address and approximate geolocation derived from IP
  • Mobile network information and carrier data
  • Time zone settings and language preferences
  • App version and SDK information

3.5 Location Data

With your explicit consent, we may collect precise or approximate geolocation data to provide location-based features. You may disable location access at any time through your device settings. We collect:

  • GPS-based location coordinates (if permission granted)
  • Network-based location data (Wi-Fi, cell tower triangulation)
  • Country and region-level location derived from IP address

3.6 Communications and Support Data

If you contact us for support or communicate with us, we collect:

  • The content of your messages, emails, or chat interactions
  • Feedback, reviews, and ratings you submit
  • Records of your inquiries and our responses
  • Survey responses and user research participation data

3.7 Financial and Transaction Data

For paid services or premium features, we may collect:

  • Payment method type (credit card, UPI, net banking, etc.)
  • Billing address and transaction identifiers
  • Subscription details and purchase history

Note: We do not store complete credit card or banking credentials. All payment processing is handled by certified third-party payment gateways compliant with PCI-DSS standards.

3.8 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies. For detailed information, please refer to Section 10 (Cookie Policy) of this document.

4. How We Use Your Information

We process your personal data for specific, lawful purposes. The legal bases for processing under the DPDPA, 2023 include your consent, performance of a contract, legitimate interests of the Company, and compliance with legal obligations.

4.1 Service Provision and Core Features

  • Creating and managing your user account
  • Providing caller identification, spam detection, and blocking features
  • Enabling communication features on our platform
  • Processing transactions and managing subscriptions
  • Delivering customer support and resolving issues
  • Authenticating your identity and ensuring account security

4.2 Platform Improvement and Analytics

  • Analyzing usage patterns to improve service functionality
  • Conducting internal research and performance monitoring
  • Generating aggregated, anonymized statistical reports
  • Testing new features and running A/B experiments
  • Debugging, error tracking, and quality assurance

4.3 Personalization

  • Customizing your experience based on usage preferences and behavior
  • Delivering relevant content, suggestions, and feature recommendations
  • Remembering your settings and preferences across sessions

4.4 Marketing and Communications

  • Sending promotional emails, notifications, and newsletters (with your consent)
  • Delivering targeted advertisements based on your interests and usage
  • Informing you about new features, updates, and service changes
  • Running loyalty programs, contests, and promotional campaigns

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in our emails or by contacting us at [email protected].

4.5 Legal Compliance and Safety

  • Complying with applicable Indian laws and regulatory requirements
  • Responding to lawful requests from government authorities and law enforcement
  • Detecting, preventing, and investigating fraud, abuse, and unauthorized access
  • Enforcing our Terms of Service and other policies
  • Protecting the rights, property, and safety of the Company, its users, and the public

5. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

5.1 Service Providers and Data Processors

We engage trusted third-party vendors to assist in operating our platform. These parties process data only on our instructions and are bound by confidentiality agreements. Service providers include:

  • Cloud hosting and infrastructure providers
  • Payment gateway and fintech processors
  • Analytics and business intelligence platforms
  • Email delivery and communication service providers
  • Customer support software vendors
  • Cybersecurity and fraud detection services
  • Marketing automation and advertising networks

5.2 Legal and Regulatory Disclosure

We may disclose your personal data when required to do so by law, court order, or lawful request by governmental authorities in India or other jurisdictions with jurisdiction over our operations. This includes:

  • Compliance with orders from courts, tribunals, or government agencies
  • Responding to requests from law enforcement agencies under applicable Indian law
  • Reporting obligations under the IT Act, 2000, DPDPA, 2023, or other statutes

5.3 Business Transfers

In the event of a merger, acquisition, restructuring, sale of assets, or similar corporate transaction involving Truecaller, your personal data may be transferred to the acquiring entity. We will notify you of any such transfer and ensure the receiving party agrees to uphold the terms of this Privacy Policy.

5.4 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized data with partners, advertisers, and researchers where such data cannot reasonably be used to identify you.

5.5 With Your Consent

We may share your data with other third parties upon obtaining your explicit, informed consent at the time of collection or use.

6. Data Security

We implement industry-standard technical, organizational, and physical security measures to protect your personal data from unauthorized access, disclosure, alteration, loss, or destruction. These measures include:

6.1 Technical Safeguards

  • Encryption: Data in transit is protected using TLS/SSL (Transport Layer Security) protocols. Data at rest is encrypted using AES-256 or equivalent standards.
  • Access Controls: Role-based access control (RBAC) ensures only authorized personnel access personal data on a need-to-know basis.
  • Firewalls and Intrusion Detection: Multi-layered firewall systems and real-time intrusion detection/prevention systems (IDS/IPS).
  • Vulnerability Management: Regular security audits, penetration testing, and vulnerability scans.
  • Two-Factor Authentication (2FA): Enforced for internal system access and available for user accounts.
  • Secure Development Practices: Our development team follows OWASP guidelines and security-by-design principles.

6.2 Organizational Safeguards

  • Regular employee training on data protection and security protocols
  • Confidentiality agreements with all staff and contractors handling personal data
  • Documented data handling procedures and incident response plans
  • Designation of a Data Protection Officer (DPO) or equivalent privacy responsible person

6.3 Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify affected users and the relevant Data Protection Board of India (as established under the DPDPA, 2023) in accordance with applicable timelines and requirements under Indian law. We will also provide guidance on protective steps you can take.

7. Your Data Protection Rights

Under the Digital Personal Data Protection Act, 2023 and applicable Indian law, you have the following rights as a Data Principal:

7.1 Right to Access

You have the right to request a summary of the personal data we hold about you, the purposes for which it is being processed, and information about the entities with whom it has been shared. Requests can be submitted to [email protected].

7.2 Right to Correction and Completion

You have the right to request correction of inaccurate or incomplete personal data. You may update most of your information directly through your account settings or by contacting us.

7.3 Right to Erasure

You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, subject to legal retention obligations. Upon receiving a valid erasure request, we will delete or anonymize your data within 30 days, unless we are required to retain it by law.

7.4 Right to Data Portability

You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another Data Fiduciary, where technically feasible.

7.5 Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. Withdrawal of consent may affect your ability to use certain features of our services.

7.6 Right to Grievance Redressal

You have the right to a readily available means of grievance redressal. Please contact our grievance officer using the details in Section 12. We will acknowledge your complaint within 48 hours and endeavor to resolve it within 30 days.

7.7 Right of Nomination

Under the DPDPA, 2023, you have the right to nominate another individual to exercise your data protection rights in the event of your death or incapacity.

To exercise any of the rights listed above, please submit a written request to [email protected] with the subject line "Data Rights Request." We may need to verify your identity before processing your request. We will respond within the timeframes mandated by applicable law.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention guidelines are as follows:

Data Category Retention Period Basis
Account and profile information Duration of account + 2 years after deletion Contractual obligation, legal compliance
Transaction and financial records 7 years from transaction date Income Tax Act, GST compliance
Usage logs and behavioral data Up to 24 months Legitimate interest (analytics, improvement)
Customer support records 3 years from resolution Legitimate interest, legal claims
Marketing preferences and consent records Until withdrawal + 1 year Legal obligation (consent records)
Security and audit logs 12–18 months IT Act, 2000 and security obligations
Cookies and tracking data As specified in cookie settings (30 days to 2 years) Consent or legitimate interest

After the applicable retention period, personal data is securely deleted or anonymized in accordance with our data destruction procedures.

9. Children's Privacy

Under the Digital Personal Data Protection Act, 2023, processing personal data of children (defined as individuals below 18 years of age) requires verifiable parental or guardian consent. We do not provide services to children and do not knowingly allow minors to register on our platform.

If you believe that a child under 18 has provided us with personal data without appropriate consent, please contact us immediately at [email protected]. We will take prompt steps to delete such information from our systems.

We implement age verification measures during registration to prevent underage use of our platform. By using our services, you represent and warrant that you are at least 18 years of age.

10. Cookie Policy

We use cookies and similar tracking technologies to enhance your experience on trueecaler.com. This section provides a summary of our cookie practices.

10.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They are widely used to make websites work efficiently, to remember your preferences, and to provide information to site owners.

10.2 Types of Cookies We Use

Cookie Type Purpose Duration
Strictly Necessary Essential for the website to function; cannot be disabled Session / Persistent
Performance/Analytics Helps us understand how visitors use our site (e.g., Google Analytics) Up to 2 years
Functional Remembers your preferences and settings Up to 1 year
Targeting/Advertising Delivers relevant advertisements based on your browsing behavior Up to 90 days

10.3 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, accept specific cookies, or delete cookies already set. Please note that disabling certain cookies may affect the functionality of our website.

For more detailed information about our use of cookies, please refer to our Cookie Policy page.

11. International Data Transfers

As a technology company, we may transfer, store, or process your personal data outside of India, particularly when using cloud services or third-party vendors with operations in other countries. Such transfers may include countries in the European Union, the United States, Singapore, and other jurisdictions.

When transferring personal data internationally, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs): Contractual safeguards requiring receiving parties to uphold equivalent data protection standards.
  • Adequacy Decisions: Where applicable, transfers to countries recognized as providing adequate data protection under Indian law or GDPR standards.
  • Binding Corporate Rules: Where applicable for intra-group transfers.
  • Consent: In certain cases, with your explicit consent after being informed of the risks of transfer to countries without adequate protection.

We remain compliant with the cross-border transfer provisions of the DPDPA, 2023, and any regulations issued by the Government of India regarding permitted transfer destinations. We do not transfer personal data to countries that are blacklisted or restricted by the Government of India.

12. Grievance Officer and Contact Information

In accordance with the Information Technology Act, 2000, IT Rules 2011, and the Digital Personal Data Protection Act, 2023, we have appointed a Grievance Officer to address your privacy concerns, complaints, and data rights requests.

Privacy / Grievance Officer Contact
Organization Truecaller
Website trueecaler.com
Email [email protected]
Country India

We will acknowledge your grievance within 48 hours of receipt and endeavor to resolve it within 30 days. For time-sensitive matters, please mark the subject line of your email as "URGENT – Privacy Complaint."

13. How to File a Complaint with the Data Protection Authority

If you are not satisfied with our response to your privacy complaint or believe that we are processing your data unlawfully, you have the right to lodge a complaint with the relevant data protection authority in India.

13.1 Data Protection Board of India

The Data Protection Board of India (DPBI) is the statutory body established under the Digital Personal Data Protection Act, 2023, empowered to adjudicate complaints related to personal data processing.

Data Protection Board of India
Ministry of Electronics and Information Technology (MeitY)
Government of India
Electronics Niketan, 6 CGO Complex, Lodhi Road
New Delhi – 110003, India
Website: www.meity.gov.in

You may submit a complaint to the Board after first giving us the opportunity to address your concern. The Board has the authority to impose penalties and direct remedial actions where violations of the DPDPA, 2023 are established.

13.2 Other Relevant Authorities

Depending on the nature of your complaint, you may also approach:

  • Adjudicating Officers under the IT Act, 2000 – for cybersecurity-related grievances
  • Telecom Regulatory Authority of India (TRAI) – for complaints related to unsolicited commercial communications
  • Consumer Forums – under the Consumer Protection Act, 2019, for consumer-related disputes

14. Third-Party Links and Services

Our platform may contain links to third-party websites, applications, or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We strongly advise you to review the privacy policy of every website you visit.

The inclusion of any link on our platform does not constitute an endorsement by Truecaller of that third-party website or service.

15. Automated Decision-Making and Profiling

We may use automated decision-making processes, including profiling, to provide certain features such as spam detection, caller identification scoring, and personalized content delivery. These processes analyze patterns in data to make automated assessments.

Where automated decisions may significantly affect you, you have the right to:

  • Request human review of the automated decision
  • Express your point of view
  • Obtain an explanation of the decision and the logic involved
  • Contest the decision where you believe it is incorrect

To exercise these rights, please contact us at [email protected].

16. Changes to This Privacy Policy

We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. We will notify you of material changes by:

  • Posting the updated policy on trueecaler.com with a revised "Last Updated" date
  • Sending you an email notification to the address associated with your account
  • Displaying a prominent notice on our platform or application

Your continued use of our services after the effective date of the revised Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, you should discontinue use of our services and may request deletion of your account.

We recommend that you periodically review this page to stay informed about how we are protecting your personal information.

17. Consent

By accessing or using trueecaler.com and our services, you consent to the collection, use, processing, storage, and sharing of your personal data as described in this Privacy Policy. Where required by law, we obtain your explicit, informed, and freely given consent before processing sensitive personal data or undertaking processing activities beyond the scope of service provision.

You may withdraw your consent at any time by contacting us at [email protected] or by using the consent management tools available within your account settings. Please note that withdrawal of consent does not affect the lawfulness of processing conducted prior to the withdrawal.

This Privacy Policy was last updated on May 30, 2026. © 2026 Truecaller. All rights reserved. | trueecaler.com