Privacy Policy

• SIP Flow is a free utility. There are no accounts and no payments.
• Your SIP traces are rendered and analyzed in your browser. They are not uploaded by default.
• The optional “Debug with AI” flow is opt-in and pseudonymizes phone numbers, IPs, and Call-IDs in your browser before anything is sent.
• We do not sell your data. We use privacy-focused analytics (Google Analytics) to understand usage patterns; no advertising trackers.
• Questions? Email [email protected].

The following stay in your browser and are not transmitted to us:

• The SIP traces you load (PCAP, PCAPNG, sngrep logs, raw SIP captures).
• The parsed call data, ladder diagrams, and any audio rendered from RTP.
• The pseudonym mapping table used to redact and later un-redact AI debugging results.
• Your in-app preferences and any Live Homer connection settings (endpoint, credentials, IP aliases).

To keep the free service running we record an anonymous identifier and a hashed indicator of your network address to enforce rate limits and prevent abuse. We also keep standard server request logs for a short period for security and reliability.

We use Google Analytics to collect anonymous page-view and usage data (pages visited, referrer, general geography). No SIP trace content, phone numbers, or personal identifiers are included in analytics events. See Google’s privacy policy.

“Debug with AI” is opt-in. By default we send only the pseudonymized text of your trace. Phone numbers, IPs, and Call-IDs are replaced in your browser before anything leaves it. Uploading the original (un-redacted) trace is a separate, clearly-labelled opt-in. Submitted text is processed by Google’s Gemini API under their terms and is not used to train models. Pseudonymized traces and any optional raw uploads are automatically deleted after 7 days, and you can manually delete your data at any time from the History page.

The Send-Feedback button (in the workspace toolbar, footer, and contact page) and the submit_sipflow_feedback MCP tool both write a single anonymous row to our database. Both paths follow the same rules:

• Nothing is sent until you click Send on the web form, or until you explicitly tell your coding agent to call the MCP tool. The dialog and the tool both show you the exact payload before submission.
• No SIP traces, message bodies, phone numbers, IPs, or Call-IDs are attached. A server-side sanitizer redacts these patterns as a backstop even if they slip into the text fields.
• We store your category, summary, optional details, optional vendor/topic, the related tool or page, and (only if you typed one) the email you provided. The current page URL is attached only if you tick that opt-in box.
• Rows are keyed by your daily-rotating IP hash for rate-limiting (3/min, 20/day). The raw IP is never stored.
• Feedback rows are retained until we resolve them so we can actually act on the signal. Email us if you want yours removed.

Diagnostic attachments. When the bug is the trace itself, the workspace feedback dialog has an opt-in “Attach this trace” toggle (and the MCP tool accepts a traceExcerpt string). Both default off. Web attachments are pseudonymized in your browser by default with the same redactor used for sharing and AI debug; an explicit toggle lets you send raw bytes instead with a clear warning. Uploaded trace bytes are stored privately for the Sipflow team for the standard 7-day TTL, are never made public, never appear in your history, and cannot be turned into a share link.

The SIPFlow Bridge is an optional companion extension that lets the Live page reach a Homer/qryn instance on your own network. It is a transport relay only, and SIP Flow’s servers are not in the path. Available on the Chrome Web Store.

• The extension does not collect, transmit, or sell any personal data.
• It only relays requests between sipflow.dev and the Homer/qryn endpoint you configure on your own network.
• It requests permission for that endpoint only when you connect to it; it has no broad host access by default.
• Your settings are stored locally in your browser.
• No analytics, no remote code, no background networking.

For privacy questions or requests, email [email protected].