Introduction
NoChat ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our secure messaging and video conferencing application.
Our Privacy Promise
NoChat is built on a zero-knowledge architecture. This means:
- •Your messages are end-to-end encrypted
- •We cannot read your messages or calls - not now, not ever
- •We cannot share message content because we simply do not have access to it
- •Even with a court order, we cannot provide message content - it is encrypted with keys only you and your recipients hold
End-to-End Encryption Explained
NoChat uses end-to-end encryption (E2EE) for all messages and calls. Here's what that means for you:
- •Messages are encrypted on your device before being sent
- •Only the intended recipients can decrypt and read your messages
- •Your private encryption keys never leave your device
- •Video calls are encrypted peer-to-peer using WebRTC
- •Our servers only see encrypted data that looks like random noise
Information We Collect
Information You Provide
- •Account Information: If you create an account, we store your email address (optional) or a randomly generated anonymous identifier
- •Username: A display name you choose (optional)
- •Public Cryptographic Keys: Used for E2EE - these do not reveal your content
Anonymous Usage
You can use NoChat anonymously without creating an account. In this case, we only store a temporary session identifier that is deleted when you leave. No phone number is ever required.
Automatically Collected Information
- •Device Information: Device type and operating system for app functionality only
- •Crash Reports: Anonymous crash data to improve stability (no personal information or message content included)
Product Analytics
We use PostHog for privacy-respecting, aggregate product analytics - pageviews and feature/funnel events that help us understand how the app is used and where to improve it. This data is tied only to a first-party anonymous identifier and is never connected to your message or call content.
- •We do not capture message content or call content - it is end-to-end encrypted and we never see it
- •We do not capture your IP address (
ip: false), email, phone number, or your contacts - •Session recording and click autocapture of text are disabled
- •We honor "Do Not Track" - enable it in your browser to opt out of analytics
- •This data is never sold or shared with advertisers or data brokers
Information We Do NOT Collect
- ✕Phone numbers - never required
- ✕Message content - E2EE means we cannot read it
- ✕Call audio or video content - encrypted and peer-to-peer
- ✕Location data
- ✕Contact lists from your device
- ✕Advertising identifiers or cross-site/third-party trackers
- ✕Your browsing history on other websites
- ✕Your IP address - we set
ip: false, so it is never stored
We douse a first-party, anonymous product-analytics identifier (via PostHog) to measure aggregate usage and improve the app. It is never linked to your messages, email, or phone number, and you can opt out at any time by enabling "Do Not Track" in your browser. See Product Analyticsunder "Information We Collect" above for details.
How We Use Information
We use the limited information we collect to:
- •Provide and maintain the service
- •Deliver encrypted messages to intended recipients
- •Improve app stability through anonymous crash reports
- •Respond to support requests (only if you contact us)
Data Sharing
We do not sell your data. We do not use your data for advertising. We do not share your data with data brokers or marketing companies.
We may share limited data with:
- •Infrastructure Providers: Cloud services that host our servers (they cannot access encrypted content)
- •Product Analytics (PostHog): Processes the privacy-respecting, anonymous usage data described above. It never receives message content, and this data is never sold or used for advertising.
- •Legal Requests: We will comply with valid legal requests, but we can only provide encrypted data that we cannot decrypt. We cannot provide message content.
Data Retention
- •Encrypted Messages: Stored until you delete them
- •Account Information: Retained until account deletion
- •Crash Reports: Retained for 90 days, then automatically deleted
- •Anonymous Sessions: Deleted when you leave
Your Rights
You have the right to:
- •Access your account data
- •Delete your account and all associated data
- •Export your data
- •Opt out of crash reporting
- •Opt out of product analytics by enabling "Do Not Track" in your browser
Account Deletion
You can delete your account at any time through the app settings or by visiting our account deletion page. When you delete your account, all your data is permanently removed from our servers. This action cannot be undone.
Children's Privacy
NoChat is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or email (if you provided one). The "Last updated" date at the top of this page indicates when the policy was last revised.