Privacy Policy

Cipher ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how our blockchain-secured messaging application handles information. Our core principle is simple: we believe privacy is a fundamental right, and our architecture is designed to ensure your data remains yours. This policy applies to all users of the Cipher application and website. By using Cipher, you agree to the practices described in this policy.

Cipher is built on a zero-knowledge architecture. This means: - We do NOT collect or store your messages. All messages are end-to-end encrypted and can only be read by the intended recipients. - We do NOT collect your phone number, email address, or any personally identifiable information during registration. - We do NOT store your encryption keys. Your private keys are generated and stored exclusively on your device. - We do NOT collect metadata about your conversations, including who you communicate with, when, or how often. - We do NOT track your location, contacts, or browsing activity. - We do NOT sell, rent, or share any user data with third parties, because we simply do not have any user data to share.

Cipher uses end-to-end encryption (AES-256 with Curve25519 key exchange) to protect all communications. Messages are encrypted on your device before transmission and can only be decrypted by the intended recipient's device. Your identity in Cipher is based on a cryptographic key pair. Your public key serves as your address, while your private key remains exclusively on your device. This design ensures that even if our infrastructure were compromised, your messages and identity would remain secure. Messages are relayed through a decentralized blockchain network. No single server stores or processes your communications in plaintext form.

While we do not collect personal data, certain minimal technical information may be processed to ensure service functionality: - Crash reports: Anonymous, aggregated crash data may be collected to improve app stability. These reports contain no personal information or message content. - App version information: To ensure compatibility and deliver updates. - Network routing data: Temporary, encrypted routing information necessary for message delivery, which is not stored after transmission. All such data is processed in accordance with data minimization principles and is never used to identify individual users.

Since Cipher does not collect personal data or message content, there is no user data to retain. Messages in transit are not stored on any server. When you enable disappearing messages, content is permanently deleted from all devices after the specified time period. Your cryptographic keys exist only on your device. If you uninstall Cipher or lose your device, your keys are gone -- we have no backup copies and no way to recover them.

Under applicable data protection laws including the GDPR and CCPA, you have certain rights regarding your personal data. Because Cipher's zero-knowledge architecture means we do not collect or store personal data, many of these rights are automatically satisfied: - Right to Access: There is no personal data for us to provide. - Right to Deletion: There is no personal data for us to delete. - Right to Portability: Your data exists only on your device; you have full control. - Right to Object: We do not process personal data for any purpose. If you have questions about your rights, please contact us using the information below.

Cipher is not directed at children under the age of 13. We do not knowingly collect any information from children. Because our service does not require personal information for registration, we have no means to verify age. Parents and guardians should monitor their children's use of mobile applications.

Cipher does not integrate with third-party advertising networks or analytics services that track individual users. The app may link to external websites (such as app stores for downloads), which are governed by their own privacy policies.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. Continued use of Cipher after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy, please contact us at: Email: privacy@cipher.app Website: https://cipher.app/privacy