Privacy Policy

PrivHote operates on a zero-knowledge architecture, meaning we collect minimal data to provide our service. We do not collect or store the content of your messages, recipient information, or any personal identifiers. The only technical data we may temporarily process includes IP addresses for rate limiting and basic analytics like message creation timestamps. All message content is encrypted on your device before transmission and never stored on our servers.

Any minimal technical data we process is used solely to maintain service functionality, prevent abuse, and ensure system security. We use IP addresses temporarily for rate limiting to prevent spam and maintain service quality. We do not use your data for advertising, marketing, or any commercial purposes beyond providing the secure messaging service. We never analyze, scan, or process the content of your encrypted messages.

PrivHote does not store your messages or personal information on our servers. Messages are encrypted on your device and transmitted directly to recipients through our secure relay system. Once a message is read or expires, it is permanently deleted with no possibility of recovery. We do not maintain backups of message content, and our zero-knowledge architecture ensures we cannot access your private communications.

Since we don't store your personal data or message content, traditional data subject rights like access, rectification, or deletion don't apply in the conventional sense. However, you maintain complete control over your messages through our self-destruct features and expiration settings. You can set custom expiration times, require passwords for access, and messages automatically delete after reading, giving you full control over your information.

PrivHote minimizes the use of third-party services to protect your privacy. We may use essential services for infrastructure hosting and DDoS protection, but these providers never have access to your encrypted message content. Any third-party services we use are carefully vetted for their privacy practices and are bound by strict data processing agreements that align with our zero-knowledge principles.

We implement multiple layers of security to protect your information, including AES-256 encryption, secure transmission protocols, and regular security audits. Our zero-knowledge architecture provides the ultimate security by ensuring that even in the unlikely event of a system breach, your message content remains protected because it's never stored in an accessible format on our servers. We maintain SOC 2 compliance and follow industry best practices for secure software development.

PrivHote does not knowingly collect personal information from children under 13 years of age. Our zero-knowledge architecture means we don't collect personal information from users of any age. If we become aware that a child under 13 has used our service, we will take appropriate steps to ensure compliance with applicable privacy laws. Parents and guardians are encouraged to monitor their children's internet usage and educate them about online privacy.

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. Any material changes will be communicated through our website with at least 30 days notice before taking effect. We encourage users to review this policy regularly. Continued use of PrivHote after policy changes constitutes acceptance of the updated terms. For significant changes affecting your privacy rights, we may require explicit consent.