Privacy Policy

1. Introduction

This Privacy Policy sets out how we, TraiTel Telecommunications Inc. ("TraiTel"), use and protect your personal data that you provide to us, or that is otherwise obtained or generated by us, in connection with your use of our cloud-based messaging services (the "Services"). For the purposes of this Privacy Policy, "we", "us" and "our" refers to TraiTel and the use of the ITZA messaging app, and "you" refers to you, the user of the Services.

1.1 Privacy Principles

ITZA has two fundamental principles when it comes to collecting and processing private data:

We don't use your data to show you ads or ANY advertisement for that matter.

We only store the data that ITZA needs to function as an ultra secure and feature-rich messaging service.

1.2. Terms of Service

This Privacy Policy forms part of our Terms of Service, which describes the terms under which you use our Services. This Privacy Policy should therefore be read in conjunction with those terms.

1.3. Table of Contents

This Privacy Policy explains the following:

the legal basis for processing your personal data;

what personal data we may collect from you;

how we keep your personal data safe;

what we may use your personal data for;

who your personal data may be shared with; and

your rights regarding your personal data.

1.4. EEA Representative

If you live in a country in the European Economic Area (EEA), the Services are provided by TraiTel, which for the purposes of applicable data protection legislation is the data controller responsible for your personal data when you use our Services.

2. Legal Ground for Processing Your Personal Data

We process your personal data on the ground that such processing is necessary to further our legitimate interests (including: (1) providing effective and innovative Services to our users; and (2) to detect, prevent or otherwise address fraud or security issues in respect of our provision of Services), unless those interests are overridden by your interest or fundamental rights and freedoms that require protections of personal data.

3. What Personal Data We Use

3.1. Basic Account Data

ITZA is a communication service. You provide your mobile number and basic account data (which may include profile name, profile picture and about information) to create a ITZA account.

To make it easier for your contacts and other people to reach you and recognize who you are, the screen name you choose and your profile pictures on ITZA are always public. We don't want to know your real name, gender, age or what you like.

We do not require your screen name to be your real name. Note that users who have you in their contacts will see you by the name they saved and not by your screen name. This way your mother can have the public name 'Bruce Willis' while appearing as 'Mom' to you and as 'Boss' to her underlings at work (or the other way around, depending on how these relationships are structured).

3.2. Your Email Address

At this moment, we do not ask you for an email address and therefore will never send you an email.

3.3. Your Messages

3.3.1. Cloud Chats

ITZA is a cloud service. We store messages, photos, videos and documents from your cloud chats on our servers so that you can access your data from any of your devices anytime without having to rely on third-party backups. All data is stored heavily encrypted and the encryption keys in each case are stored in several other data centers in different jurisdictions. This way local engineers or physical intruders cannot get access to user data.

3.3.2. Secret Chats

Secret chats use end-to-end encryption. This means that all data is encrypted with a key that only you and the recipient know. There is no way for us or anybody else without direct access to your device to learn what content is being sent in those messages. We do not store your secret chats on our servers. We also do not keep any logs for messages in secret chats, so after a short period of time we no longer know who or when you messaged via secret chats. For the same reasons secret chats are not available in the cloud - you can only access those messages from the device they were sent to or from.

3.3.3. Media in Secret Chats

When you send photos, videos or files via secret chats, before being uploaded, each item is encrypted with a separate key, not known to the server. This key and the file's location are then encrypted again, this time with the secret chat's key - and sent to your recipient. They can then download and decipher the file. This means that the file is technically on one of ITZA's servers, but it looks like a piece of random indecipherable garbage to everyone except for you and the recipient. We don't know what this random data stands for and we have no idea which particular chat it belongs to. We periodically purge this random data from our servers to save disk space.

3.3.4. Public Chats

Public channels are not yet supported in ITZA and this will be updated IF and when that happens.

3.4. Phone Number and Contacts

ITZA uses phone numbers as unique identifiers so that it is easy for you to switch from SMS and other messaging apps and retain your social graph. We ask your permission before syncing your contacts.

We store your up-to-date contacts in order to notify you as soon as one of your contacts signs up for ITZA and to properly display names in notifications. We only need the number and name (first and last) for this to work and store no other data about your contacts.

Our automatic algorithms can also use anonymized sets of phone numbers to calculate the approximate number of potential contacts an unregistered phone number may have on ITZA.

You can always stop syncing contacts or delete them from our servers by simply deleting them in ITZA.

3.5. Location Data

If you share a location in a chat, this location data is treated like other messages in cloud or secret chats respectively.

3.6. Cookies

The only cookies we use are those to operate and provide our Services on the web. We do not use cookies for profiling or advertising. The cookies we use are small text files that allow us to provide and customize our Services, and in doing so provide you with an enhanced user experience. Your browser should allow you to control these cookies, including whether or not to accept them and how to remove them. You may choose to block cookies with your web browser, however, if you do disable these cookies you will not be able to log in to ITZA Web.

4. Keeping Your Personal Data Safe

4.1. Storing Data

If you signed up for ITZA from the UK or the EEA, your data is stored in data centers in Iceland. These are third-party provided data centers in which ITZA rents a designated space. However, the servers and networks that sit inside these data centers and on which your personal data is stored are owned by ITZA. As such, we do not share your personal data with such data centers. All data is stored heavily encrypted so that local ITZA engineers or physical intruders cannot get access.

4.2. End-to-End Encrypted Data

Your messages, media and files from secret chats (see section 3.3.2 above), as well as the contents of your calls and the data you store in your ITZA app are processed only on your device and on the device of your recipient or in association with a SiB device. Before this data reaches our servers, it is encrypted with a key known only to you and the recipient. While ITZA servers will handle this end-to-end encrypted data to deliver it to the recipient - or store in ITZA for say configuring a SiB, we have no ways of deciphering the actual information. In this case, we neither store nor process your personal data, rather we store and process random sequences of symbols that have no meaning without the keys which we don't have.

4.3. Retention

Unless stated otherwise in this Privacy Policy, the personal data that you provide us will only be stored for as long as it is necessary for us to fulfill our obligations in respect of the provision of the Services.

5. Processing Your Personal Data

5.1. Our Services

ITZA is a cloud service. We will process your data to deliver your cloud chat history, including messages, media and files, to any devices of your choosing without a need for you to use third-party backups or cloud storage.

5.2. Safety and Security

To improve the security of your account, as well as to prevent spam, abuse, and other violations of our Terms of Service, we may collect metadata such as your IP address, devices and ITZA apps you've used, history of other changes, etc. If collected, this metadata can be kept for 12 months maximum.

5.3. Spam and Abuse

Currently there's no way to spam or abuse another ITZA user without the ITZA user's original permission, therefore this problem does not exist.

5.4. Cross-Device Functionality

We may also store some aggregated metadata to create ITZA features (see section 5.5 below) that work across all your devices.

5.5. Advanced features

We may use some aggregated data about how you use ITZA to build useful features.

5.6. No Ads Based on User Data

Unlike other services, we don't use your data for ad targeting or other commercial purposes. ITZA only stores the information it needs to function as a secure and feature-rich cloud service.

6. Who Your Personal Data May Be Shared With

6.1. Other ITZA Users

Other users of our Services with whom you choose to communicate with and share certain information, who may be located outside the EEA. Note that by entering into the Terms of Service and choosing to communicate with such other users of ITZA, you are instructing us to transfer your personal data, on your behalf, to those users in accordance with this Privacy Policy. We employ all appropriate technical and organizational measures (including encryption of your personal data) to ensure a level of security for your personal data that is appropriate to the risk.

6.2. Law Enforcement Authorities

If ITZA receives a court order that confirms you're a terror suspect, we may disclose your IP address and phone number to the relevant authorities. So far, this has never happened. When it does, we will include it in a semiannual transparency report.

6.4. Translation of Messages at the Request of the User

Users can choose to translate a specific text message into a different language when getting support from TraiTel. Since ITZA may rely on a third-party, Google LLC, subsidiary of Alphabet Inc, for automatic translation of messages, the text of specific messages that users choose to translate may be shared with Google in order to obtain their translated versions. The third-party service owner (Google) may also receive the IP of the user requesting the translation - this is true for any equivalent translation service and the IP cannot be traced back to any ITZA user account or ID. Google will only access the data to provide a translation and will not use it for any other Google products, services, or advertising.

7. Your Rights Regarding the Personal Data You Provide to Us

7.1. Your Rights

Under applicable data protection legislation, in certain circumstances, you have rights concerning your personal data. You have a right to: (1) request a copy of all your personal data that we store and to transmit that copy to another data controller; (2) delete (see section 8 below) or amend your personal data; (3) restrict, or object to, the processing of your personal data; (4) correct any inaccurate or incomplete personal data we hold on you; and (5) lodge a complaint with national data protection authorities regarding our processing of your personal data.

7.2. Exercising Your Rights

If you wish to exercise any of these rights, kindly contact us using the details in section 10 below.

7.3. Data Settings

You can control how your data is used (e.g., delete synced contacts).

Sadly, if you're not OK with ITZA's modest minimum requirements, it won't be possible for us to provide you with our Services.

8. Deleting data

8.1. Accounts

If you would like to delete your account, you can do this by contacting us using the support chat available in ITZA. There, you can send a request such as "please delete my account" and we will do that. Deleting your account removes all messages, media, contacts and every other piece of data you store in the ITZA cloud as well as all your associations with SiBs will be lost and rendering them permanently useless unless factory reset (when possible). This action cannot be undone.

8.2. Messages

In secret chats (available on Android only), deleting a message always instructs the app on the other end to delete it too.

8.3. Self-Destructing Messages

Messages in Secret Chats (available on Android only) can be ordered to self-destruct. As soon as such a message is read (open envelope), the countdown starts. When the timer expires, both devices participating in a secret chat are instructed to delete the message (photo, video, etc.). Media with short timers (less than a minute) are shown with blurred previews. The timer is triggered when they are viewed.

9. Changes to this Privacy Policy

We will review and may update this Privacy Policy from time to time. Any changes to this Privacy Policy will become effective when we post the revised Privacy Policy. Please check our website frequently to see any updates or changes to our Privacy Policy.

10. Questions and concerns

If you have any questions about privacy and our data policies, please contact us.