The SBK Voice platform acts as a data processor with regard to indirect end user personal identifiable information.
Specifically, only when enabled via system permission on SBK Mobile Android and SBK Mobile iOS, SBK Telecom shows personal contacts within the respective application. When the user sends an SMS message to one of his/her phone contacts, or when the user initiates a call to one of his/her phone contacts, the phone number is sent securely through SBK Telecom’ API. SBK Telecom does not store this number with any other PII, and it cannot be directly or indirectly attributed to any person or persons; SBK Telecom stores only the phone number and pertinent metadata so as to be compliant with all applicable provincial, state and federal laws, and SBK Telecom does not share this data with any advertisers or third parties under any circumstances. A user can revoke phone contact access on his/her mobile device at any time, and his/her app experience is not hindered or interrupted.
Gravatar: SBK Mobile Android and iOS also uses Gravatar, which is a service that provides avatar images linked to the MD5 hash of the user’s email address. This means that, only when Gravatar use is enabled, we hash each contact’s email address and send it to Gravatar to try and retrieve an avatar image. MD5 hashes cannot be directly or indirectly attributed to any person or persons, and we only send the MD5 hash to Gravatar, never the email address in plain text. Gravatar are unable to determine the original email address from the hash. They can only return an “avatar” icon to us if a Gravatar account matching that hash already exists on their server. The unhashed email addresses never leaves a user’s device and neither the email address nor its hash is ever stored on or transported through SBK’s servers. As with phone contacts, a user can revoke Gravatar access at any time in Settings and his/her app experience is not hindered or interrupted.