Privacy Policy

• SIP Flow renders and analyzes your SIP traces directly in your browser. Your traces are not uploaded by default.
• When the optional AI debugging feature lands, it will be opt-in and pseudonymize your data in your browser before anything is sent.
• We do not sell your personal information and we don’t use third-party advertising or analytics trackers.
• Questions? Email privacy@sipflow.dev.

SIP Flow is operated by Slashbox (“we”, “us”). You can reach us about privacy questions at privacy@sipflow.dev.

The following stay in your browser and are not transmitted to us:

• The SIP traces you load (PCAP, PCAPNG, sngrep logs, raw SIP captures).
• The parsed call data, ladder diagrams, and any audio rendered from RTP.
• Your in-app preferences (theme, view settings, and any Live Homer connection settings such as endpoint, credentials, and IP aliases).

• A small anonymous identifier and a derived (hashed) indicator of your network address, used solely to enforce free-tier rate limits and prevent abuse. We do not store your raw IP address for this purpose.
• Standard server request logs, kept for a short period for security and reliability.
• No third-party analytics, no advertising trackers, no behavioural profiling.

When you use the Live page, your browser (with the optional bridge extension described below) talks directly to the Homer/qryn endpoint you configure. SIP Flow’s servers are not in the path and do not see that traffic.

The SIP Flow Homer Bridge is a small companion browser extension that lets the Live page reach a Homer/qryn instance on your own network. It is a transport relay only. Available on the Chrome Web Store.

• The extension does not collect, transmit, or sell any personal data.
• It only relays requests between sipflow.dev and the Homer/qryn endpoint you configure on your own network.
• It requests permission for that endpoint only when you connect to it; it has no broad host access by default.
• Your settings are stored locally in your browser.
• No analytics, no remote code, no background networking.

We use a small set of strictly necessary cookies and identifiers to operate the site (session continuity and abuse prevention). We do not use cookies for advertising or cross-site tracking, so no consent banner is required.

We do not sell or rent personal information. We share data only with service providers strictly necessary to operate the site (hosting and, where applicable, the AI provider above), and where required by law.

Our service providers may process data in the United States and other regions. Transfers from the EU/UK rely on Standard Contractual Clauses or equivalent safeguards.

If you are in the EU or UK, you have the right to access, correct, delete, port, and object to the processing of your personal data, and to lodge a complaint with your local supervisory authority. To exercise these rights, email privacy@sipflow.dev.

If you are a California resident, the categories of personal information we may collect are: online identifiers, internet activity related to your requests on the site, and the trace content you choose to submit through the optional AI flow. We do not sell or share personal information. You have the right to know, delete, and correct your personal information — email privacy@sipflow.dev to make a request.

SIP Flow is not directed at children under 16, and we do not knowingly collect personal information from them.

We use industry-standard safeguards including encryption in transit and access controls. No system is perfectly secure, but we work to keep your data protected.

We may update this policy from time to time. When we make a material change, we will update the “Last updated” date at the top of this page.

For privacy questions or requests, email privacy@sipflow.dev.