Security & Trust

Your calls, messages, and data — protected by design

eFone is a Canadian communications platform built with security and privacy as defaults, not add-ons. Here’s a plain-English look at how we protect your account and your data.

Canada
Where your data is hosted
TLS
Encrypted in transit
No password
Passwordless sign-in
Daily
Automatic backups

How we protect you

The foundations of eFone security

The core safeguards that apply to every eFone account.

Hosted in Canada, PIPEDA-aligned

eFone is a Canadian service and we handle personal information in line with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).

Encrypted in transit

Traffic between your devices and eFone is protected with TLS encryption, so your account data and communications stay private on the wire.

Passwordless sign-in

You sign in with a one-time code or magic link sent to your email — there’s no password to guess, reuse, phish, or leak.

Role-based access & audit logging

Administrative access is scoped by role, and sensitive admin actions are recorded in an audit log so account activity is accountable and traceable.

Cloudflare CDN & DDoS protection

Our public surfaces sit behind Cloudflare’s global network, which absorbs distributed denial-of-service attacks and filters malicious traffic before it reaches us.

Private managed databases

Customer data lives in managed databases that are not exposed to the public internet — access is restricted to the services that need it.

Privacy & data handling

Made in Canada, handled responsibly

eFone is operated from Canada and aligns with PIPEDA. We collect only what we need to run your phone and messaging service, and we don’t sell your personal information.

  • PIPEDA-aligned handling of personal information
  • We do not sell your personal information
  • Full card numbers are never stored on our systems
  • You can request access to, or deletion of, your data

For the complete detail on what we collect, why, and your rights, see our Privacy Policy.

Under the hood

Operational safeguards

The day-to-day engineering practices that keep your account and data safe.

  • Secrets and API keys are stored as encrypted platform secrets, never committed to our code.
  • Automatic daily backups so your data can be restored if something goes wrong.
  • Suspended accounts cannot re-register, closing a common abuse and takeover path.
  • Least-privilege admin access — people and services only get the access they need.
  • Payment card details are handled by our payment processor; we never store full card numbers.

Built on trusted infrastructure

Cloudflare

Global CDN & DDoS protection

Private databases

No public internet access

Daily backups

Automatic, restorable

Abuse controls

Suspended accounts can’t re-register

Honest about what’s next

We believe security pages should be truthful. The safeguards above are in place today. We’re also actively working to strengthen our posture — including additional account-security options and formal, independently assessed compliance. We’ll describe those here only once they’re real.

Found a security issue?

We welcome responsible disclosure. If you believe you’ve found a security vulnerability in eFone, please email us and we’ll investigate. Please give us a reasonable opportunity to respond before any public disclosure.

[email protected]

Communication you can trust

Modern business phone and help desk — built in Canada, secured by design.