Embroiled in the Cambridge Analytica scandal, Facebook is facing several lawsuits but users are reporting that the company may be logging more data than meets the eye when you use its services.

Some users who went through their Facebook data after the Cambridge Analytica news broke are reporting that the social network had been logging their call history data for years, in addition to contact details. The data included names, phone numbers, and even the length of each call.

ArsTechnica also reports that data has been stored even though no explicit permission was requested. According to the report, Facebook responded to their query by claiming it was a widely-used practice.

“The most important part of apps and services that help you make connections is to make it easy to find the people you want to connect with. So, the first time you sign in on your phone to a messaging or social app, it’s a widely used practice to begin by uploading your phone contacts”

Facebook has also since posted a ‘Fact Check’ disclaimer pushing back on these reports. According to the company, “Call and text history logging is part of an opt-in feature for people using Messenger or Facebook Lite on Android … People have to expressly agree to use this feature. If, at any time, they no longer wish to use this feature they can turn it off”.

However, Ars Technica claims that the company’s statement contradicts its own interviews and investigation. It’s not quite clear which party is right here. “Dylan McKay told Ars that he installed Messenger in 2015, but only allowed the app the permissions in the Android manifest that were required for installation. He says he removed and reinistalled (sic) the app several times over the course of the next few years, but never explicitly gave the app permission to read his SMS records and call history. McKay’s call and SMS data runs through July of 2017,” Ars Technica says.

In our internal investigations, we were not shown any extensive call or SMS records. Facebook did store Contacts data from years ago. However this was due to app being given permission to store them. It’s also unclear whether the extensive data gathering only affects Android app users, or whether it was the same for iOS. If the permissions model had been exploited by Facebook, it’s likely that iOS users were not affected.

We are likely to find out more about this in the coming days, so watch out for our coverage on the fallout from Facebook’s latest scandal.