Privacy Policy

Our Philosophy

At Xentrop, privacy isn't a feature. It's the foundation. We've built our entire architecture around the principle that we should never be able to access your data, even if we wanted to.

This isn't a policy decision. It's a mathematical guarantee.

What We Cannot See

• The content of your messages
• Your contact list or social graph
• Your profile photo (encrypted before upload)
• Who you communicate with
• The timing patterns of your conversations
• Any identifying metadata

What We Process

To provide the service, our servers temporarily handle:

• Encrypted message blobs: Indecipherable data that we route but cannot read
• Rotating mailbox addresses: Random identifiers that change regularly and cannot be linked to users
• Cryptographic hashes: For contact discovery, never actual phone numbers

Data Retention

Encrypted message blobs are stored temporarily until delivery, then permanently deleted. We maintain no archives, no backups of message content, and no historical records of your communications.

Law Enforcement Requests

We comply with valid legal requests. However, due to our server-blind architecture, we have nothing meaningful to provide. We cannot decrypt messages, identify users, or reconstruct communication patterns.

We can only provide what exists on our servers: encrypted blobs at random addresses that reveal nothing useful.

Third-Party Services

We use minimal third-party services:

• Push notifications: Content-free alerts only (no message content)
• Cloud storage: For encrypted blobs only (providers see only encrypted data)

Contact

For privacy-related inquiries, contact us at privacy@xentrop.org