Privacy Policy

Last updated: April 2025

The Short Version

We don't collect your data. We can't read your messages. We don't track you. OpenDescent is designed so that your privacy isn't a setting you enable — it's how the system works.

What We Don't Collect

No analytics or tracking. No cookies, no fingerprinting, no usage data, no telemetry. We have no idea how you use the app.
No personal information. No email address, phone number, real name, or any identifying information is required to use OpenDescent.
No message content. All messages are end-to-end encrypted on your device before transmission. We cannot read, access, or store your messages.
No contact lists. Your friends, contacts, and social graph are stored on your device, not on any server.
No location data. We don't request or store your location.

Your Identity

Your identity on OpenDescent is an Ed25519 cryptographic keypair generated on your device. It is not linked to any real-world identity. You can back it up with a 12-word mnemonic phrase. If you lose your keys and mnemonic, your identity cannot be recovered — because we never had it.

What the Relay Sees

OpenDescent uses relay nodes to help peers connect through firewalls and NAT. When your data passes through a relay:

The relay can see that two peers are communicating (network metadata — IP addresses and connection timing)
The relay cannot see what is being communicated — all content is end-to-end encrypted
The relay does not log or store connection metadata beyond what's needed for active connections
Voice and video calls use DTLS-SRTP encryption — the relay cannot listen to or record calls

Broadcast Posts

Public broadcast posts are shared openly across the peer network. They are signed with your cryptographic identity but are readable by anyone on the network. Friends-only posts are encrypted and only shared with your direct contacts. Anonymous Dead Drop posts are onion-routed and carry no identity information.

Payments

If you purchase OpenDescent Pro, payment is processed by Stripe. We do not store your credit card details, billing address, or any payment information. Stripe's privacy policy applies to payment transactions: stripe.com/privacy

Your Pro license key is tied to your OpenDescent peer ID (a cryptographic hash) — not to your name, email, or payment details.

Data Storage

All your data — messages, contacts, posts, settings, encryption keys — is stored locally on your device in an encrypted database. We do not have access to this data. If you uninstall the app or delete your account, the data is permanently erased from your device.

Third-Party Services

Stripe — payment processing for Pro subscriptions
Klipy — GIF search (if you use the GIF picker, your search queries go to Klipy's API)
Google STUN servers — used for NAT traversal during calls (Google sees a connection request from your IP, nothing else)

No other third-party services receive any data from OpenDescent.

Open Source

OpenDescent is open source. You can verify every claim in this policy by reading the code: github.com/Jaguwa/OpenDescent

Changes

If this policy changes, the update will be published here with a new date. Since we don't have your email, we can't notify you directly — check back occasionally or follow the project on GitHub.

Contact

Questions about privacy? Open an issue on GitHub.