Privacy Policy

Information We Collect

Account Information

Account creation requires only a username and passkey registration. No phone number, email address, or personal information is required.

Operational Data

Minimal technical data necessary for service operation: device tokens for message delivery, connection timestamps, and basic server logs. This data is retained only as long as operationally necessary and is never used for profiling or analytics.

Information We Cannot Access

Encryption Architecture

All messages, voice communications, and shared files are encrypted using X3DH key agreement and the Double Ratchet protocol with AES-256-GCM. Encryption keys are generated on-device and never leave it. Server compromise does not expose communication content. Privacy is protected by mathematics, not by policy.

Third Parties

We do not sell, share, or provide access to user data for any purpose. Infrastructure providers are bound by strict data processing agreements. Enterprise deployments operate on dedicated infrastructure under organizational control.

Your Rights

You have the right to access data we hold about you, request account deletion, export your data, and object to any processing. Contact privacy@tunnelmessenger.com for any privacy-related requests.

Policy Changes

Material changes to this policy will be communicated through the platform. Continued use after notification constitutes acceptance. Architectural privacy guarantees — specifically end-to-end encryption and zero-knowledge server design — are not subject to policy modification.