CDEF – Privacy Policy

Effective Date: 04 December 2025
Last Updated: 05 December 2025

CDEF (“Application”, “App”) is developed and operated by Holaray Innovations Private Limited (“Company”, “we”, “our”, “us”).

We are committed to protecting your privacy and ensuring compliance with Google Play, Apple App Store, GDPR, CCPA, and applicable data protection laws. By using CDEF, you agree to the practices described in this Privacy Policy.

eDACS Research's primary focus is on customer centric protection from global threat vectors cutting across pervasive communication channels. Our defensive security practices involve implementing measures to protect assets and information from threats that pervade through non-cognizable and concealed objectives that might eventually threaten the safety and security of individuals.

1. Information We Collect

We collect only the information needed to provide CDEF’s security, caller identification, and fraud-prevention features.

1.1 Automatically Collected Information

When you use the App, we may automatically collect:

  • IP address
  • Device type, OS version, language
  • App usage logs
  • Crash reports
  • Time and date of access

We use this for analytics, security, performance, and prevention of abuse.

1.2 User-Provided Information

When you create or use your CDEF account, you may provide:

  • Mobile number (for OTP verification)
  • OTP authentication logs
  • Name & Country (optional)
  • Email address (optional)
  • Alternate phone numbers (optional)

CDEF does not collect passwords.

CDEF requests access to your phone contacts only after you grant permission.

When permission is granted, CDEF uploads the phone numbers from your contact list to CDEF’s secure servers. This is required to:

  • Identify phone numbers already registered on CDEF
  • Display identity verification, reputation score, or fraud alerts
  • Enhance caller identification accuracy
  • Detect spam, scam, and fraud-related numbers
  • Improve security and safety features

1.3 Improve security and safety features

  • We only upload the phone numbers from your contacts.
  • We do not upload names, emails, photos, or other metadata, unless explicitly required for a feature you choose.
  • All numbers are encrypted during transmission and stored securely.
  • Your contacts are never sold, rented, traded, or shared with advertisers or unrelated third parties.

You may revoke contact access anytime through device settings.

1.4 Location Data

With your permission, CDEF may access your device's location to:

  • Provide contextual fraud warnings
  • Detect abnormal call behavior
  • Offer regional threat intelligence
  • Strengthen risk scoring

Location is not collected continuously and is only used when needed.

1.5 Camera & Photo Library

CDEF may request camera or gallery access for:

  • Uploading a profile photo
  • Submitting fraud evidence
  • Reporting suspicious numbers

Images are uploaded only when you take a voluntary action.

2. How We Use Your Information

We use your information to:

  • Create and manage your account
  • Provide caller identification services
  • Show spam/fraud alerts and reputation scores
  • Improve accuracy and safety of the App
  • Send service updates, notifications, and fraud warnings
  • Protect users from scams, cyber threats, and malicious numbers
  • Analyze app performance and security

We do not use your information for external advertising.

3. How We Share Information

  • We do not sell your data.
  • We only share information with:

3.1 Service Providers

For example SMS gateways, cloud hosting, analytics providers. These partners follow strict privacy agreements and process data only on our instructions.

3.2 Law Enforcement and Legal Requests

We may disclose information where required by applicable law, regulation, legal process, or enforceable governmental request.

3.3 Internal Security and Fraud Prevention

We may use and share data internally to detect, prevent, and respond to abuse, fraud, security risks, or technical issues.

4. Data Security

We use industry-standard security measures including:

  • Encryption for data transmission
  • Encrypted databases
  • Firewalls and access controls
  • Secure servers
  • Periodic security and compliance reviews

Despite safeguards, no system is fully secure. You are responsible for maintaining the security of your device and login methods.

5. Data Retention

We retain your data:

  • As long as your account remains active
  • As required to comply with applicable laws
  • For fraud prevention, audit logs, and dispute resolution

If you delete your account:

  • Personal data is removed from active systems within a reasonable period.
  • Some logs may be retained where necessary for legal, regulatory, or security purposes.
  • Aggregated or anonymized data may be retained indefinitely.

6. Your Rights

Depending on your jurisdiction (including the EU/EEA, UK, California, and India), you may have rights to:

  • Access the personal data we hold about you
  • Request corrections of inaccurate or incomplete data
  • Request deletion of your data (subject to legal limitations)
  • Object to or restrict certain processing
  • Withdraw consent where processing is based on consent
  • Request portability of certain data
  • Disable permissions (contacts, location, camera, notifications) at the device level

To exercise these rights, contact us at: info@cdef.app. We may need to verify your identity before responding.

7. Children’s Privacy

CDEF is not intended for children under 13 years of age. We do not knowingly collect data from children under 13. If we become aware that such data has been collected, we will delete it as soon as reasonably possible.

8. Push Notifications

If you enable push notifications, we may send:

  • Security alerts
  • Fraud warnings
  • Account and service-related updates

You can disable notifications at any time via your device’s notification settings.

9. External Links

  • The App may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third-party services. We encourage you to review their privacy policies.

10. Cross-Border Data Transfers

  • Your data may be processed or stored on servers located in countries other than your own. Where we transfer data internationally, we use appropriate safeguards required by applicable data protection laws.

11. Changes to This Policy

  • We may update this Privacy Policy from time to time. When we do, we will update the “Last Updated” date at the top of this document and may provide additional notice in the App. Your continued use of the App after changes become effective means you accept the revised Policy.

12. Contact Information

If you have questions, concerns, or complaints regarding this Privacy Policy or our data practices, you may contact us at:

This Privacy Policy does not constitute legal advice. For specific legal questions, you should consult with your legal advisor.