Privacy Policy

Last updated: 2026-06-11 / Established by XTV LLC

XTV LLC ("we" or "the Company") provides the outgoing-call blocking application "NoDial" ("the Service") with a design philosophy of minimal data collection and the highest priority on user privacy. This Privacy Policy ("this Policy") describes how user information is handled in connection with the Service.

Article 1 — Information We Do Not Collect

The Service does not collect any of the following:

• Email addresses
• Passwords
• Name, age, gender, or date of birth
• Home address
• The user's own phone number
• Contact lists (device address book)
• GPS location data
• Camera, microphone, or other audio/visual data
• SMS or message content
• Call history or call content (no recording or transcription of any kind)

As a result, it is technically impossible for us to identify any individual user.

Article 2 — Information We Collect

We collect only the following information, solely for the purpose of providing the Service:

2.1 Device Identifiers

• A device-generated unique identifier (UUID): used as the account identifier
• A Firebase Cloud Messaging device token: used for push notification delivery

2.2 User-Provided Information

• Nickname (optional; used for display purposes only)
• Phone numbers to block: transmitted to our server in SHA-256 hashed form only. The original numbers are never sent to or stored on our servers.
• The self-commitment amount set for each registered number

2.3 Usage Data

• onPlaceCall trigger events (hashed number + timestamp): used to determine whether a charge should be applied in a given month under the "charged only in a month you attempt a call" billing model
• Periodic heartbeat signals (daily): used to detect uninstallation

2.4 Payment-Related Information

• Stripe Customer ID: only this ID is stored on our servers
• Monthly failure flags and billing history

Article 3 — Purpose of Collection

We use the information we collect solely for the following purposes:

1. Providing the Service (number registration management, outgoing call blocking)
2. Processing charges under the billing model where you are charged only in a month you attempt a call
3. Detecting uninstallation (5-day absence of heartbeat signal)
4. Preventing unauthorized use
5. Improving the Service (on an aggregated, anonymized basis only)

Information collected will not be used beyond the scope of the purposes listed above.

Article 4 — Third-Party Disclosure and Sub-Processors

We do not provide collected information to third parties except in the following circumstances:

1. When the user has given consent
2. When disclosure is required by law
3. When necessary to protect the life, body, or property of a person

However, we entrust data processing to the following service providers solely for the purpose of delivering the Service:

These sub-processors are contractually obligated to handle data appropriately in accordance with our agreements with them.

Article 5 — International Data Transfers

1. Data from the Service is stored on servers operated by Stripe (US and Japan regions), Supabase (US or EU regions), and Firebase (US region).
2. These sub-processors implement appropriate data protection measures, including compliance with applicable laws such as the GDPR and CCPA, as well as technical and organizational safeguards such as encryption.
3. Pursuant to Article 28 of the Act on the Protection of Personal Information (Japan), please contact us separately for information regarding the handling of personal information by the above transfer recipients.

Article 6 — Data Retention and Deletion

1. All user-related data stored on our servers will be deleted at the following points:
   • When the cancellation flow takes effect
   • When uninstallation is confirmed (5-day absence of heartbeat signal)
   • When we discontinue the Service
2. Data subject to deletion includes: device UUID, nickname, hashed phone numbers, self-commitment amount information, call attempt history, monthly failure flags, heartbeat history, and related data.
3. Payment records retained by Stripe (Customer ID, billing history, etc.) will be retained for the period required under Stripe's terms and applicable Japanese law, including the Electronic Books Preservation Act (Japan).

Article 7 — User Rights

Users have the following rights regarding their own data:

1. Right of access: You may view your registered numbers, self-commitment amounts, call attempt history, and billing history through the in-app dashboard.
2. Right to deletion: You may delete your data from our servers by using the cancellation flow or uninstalling the app. Both options can be initiated immediately (deletion itself is executed when the cancellation takes effect or when uninstallation is confirmed).
3. Deletion requests from sub-processors: For requests to delete data held by sub-processors such as Stripe, please contact us separately.
4. To exercise any of these rights, please reach out via the contact details in Article 10.

Article 8 — Cookies and Ad Tracking

1. Because the Service is provided solely as a mobile application, browser cookies are not used.
2. Advertising identifiers such as the Google Play Advertising ID (AAID) are not used.
3. Third-party advertising networks and analytics tools (such as Google Analytics) are not used.
4. No third-party advertisements are displayed within the Service.

Article 9 — Changes to This Policy

1. We may update this Privacy Policy from time to time.
2. When changes are made, we will notify users of the content and effective date through in-app notifications.
3. For material changes (such as the addition of new categories of information collected or new third-party recipients), we will obtain renewed consent from users.

Article 10 — Contact