Privacy Policy

Your calls are yours.

Last updated: 2026

Plain-English summary, not legal advice. This page explains how Petal handles your information in ordinary words so you can actually read it. It is a summary and is not legal advice; a final legal review is still pending, and the definitive terms may be updated when that review completes.

What we collect

Very little — that's the whole idea. To run a call, Petal handles:

  • Room names — the short, ephemeral slug in your call link (like quiet-otter-204). It disappears when the call ends.
  • Connection metadata — the technical signaling needed to connect participants (network candidates, timing, and similar) so two browsers can find each other.
  • Optional account email — only if and when you create an account in a future version of Petal. Guests never need one.

We do not collect or store the content of your calls — no audio, no video, no transcripts. See "How calls work" below for why.

How calls work

For small calls, your audio and video flow peer-to-peer — directly between participants — and never pass through a Petal server. When a direct connection is blocked by a network or firewall, we relay the encrypted stream through a TURN server only to keep the call connected; it isn't decrypted or stored.

Media is encrypted in transit using the WebRTC standard DTLS-SRTP, and the signaling that sets up a call runs over TLS/WSS. There's more detail on our Security & Trust page.

Recordings

Petal records only when you choose to record. Nothing is captured in the background. When someone starts a recording, everyone in the call is notified.

If you do record, the video is stored on Cloudflare Stream — our recording subprocessor — and nowhere else. You control deletion: you can remove a recording, and on paid plans retention windows apply. By default, without recording, there is nothing to store.

Cookies

The call app uses minimal to no cookies. We don't run third-party advertising or cross-site tracking cookies on it. Any storage we use is limited to what's needed to make a call work (like remembering your device or mute preference on your own machine).

Your rights

Under laws like the GDPR and Canada's PIPEDA, you have rights over your personal data. With Petal you can request:

  • Access — a copy of what we hold about you.
  • Deletion — removal of your data, including any recordings you've made.
  • Export — your data in a portable form.

Because we hold so little by default, these requests are usually simple. Email privacy@petal.link and we'll take care of it.

Data location

Petal runs on Cloudflare's global network, so infrastructure spans multiple regions to keep calls fast and resilient. If you need your data to stay in Europe, EU data residency is available — contact us to set it up for your account.

Children

Petal isn't intended for children. It is not for use by anyone under 13 (or under 16 where local law sets that bar). We don't knowingly collect information from children, and if we learn we have, we'll delete it.

Changes to this policy

As Petal grows — and once our legal review completes — we may update this policy. When we make a meaningful change, we'll revise the "Last updated" date at the top and, where appropriate, let you know. Continuing to use Petal after an update means the current version applies.

Contact

Questions, requests, or concerns about privacy? Email privacy@petal.link and a real person will get back to you.

Nothing to hide

Private by default. Try it.

No sign-up, no account, no call content stored. Start a room, send the link, and see someone in seconds.

Start a call