CipherDuck

Privacy Policy

Last Updated:

1. Who we are

CipherDuck (“we”, “us”, “our”) provides secure messaging tools. We are the data controller for personal data processed through our websites and applications, except where noted (e.g., third‑party processors).

2. Scope

This Policy explains what personal data we collect, why we collect it, how we use and share it, and your rights under EU/Finland law (GDPR and the Finnish Data Protection Act). It applies to business/government users aged 18+.

3. What we collect

We aim to minimise personal data. We collect:

  • Account data: email address, password hash (never plaintext), organisation ID, Stripe customer ID.
  • Operational timestamps: account creation (createdAt), last mailbox check (mailboxLastCheckedAt), and similar event times.
  • Support/contact data: the information you provide when you contact us (message content, email).

We do not collect behavioural analytics or telemetry (no click tracking, session recordings, or advertising cookies).

Collected by our processors (not directly stored by us):

  • Technical logs such as IP addresses, device identifiers, and security events may be processed by Firebase (Authentication/Firestore) and Stripe (payments) for fraud prevention, security, and auditing.

Content data:

  • End‑to‑end encrypted content (messages/files) is encrypted on your device. We cannot decrypt or read your content. We store only ciphertext and minimal routing/TTL metadata required to deliver features (e.g., expiry time).

4. Legal bases for processing (GDPR)

We process personal data on the following bases:

  • Contract (Art. 6(1)(b)): to create accounts, authenticate users, deliver paid features, and operate the Service.
  • Legitimate interests (Art. 6(1)(f)): to maintain security, prevent abuse/fraud, ensure availability, and communicate necessary service notices. We balance these interests against your rights.
  • Legal obligations (Art. 6(1)(c)): to comply with tax, accounting, and regulatory requirements (e.g., invoicing records).

5. How we use personal data

We use personal data to:

  • Provide and operate the Service (authentication, authorisation, rooms, message delivery, expiry).
  • Manage subscriptions and billing via Stripe; reconcile payments and handle refunds where applicable.
  • Maintain security and integrity (account protection, incident response, limited logging by processors).
  • Communicate with you about account, security, and service changes; respond to support requests.

We do not use personal data for advertising, profiling, or automated decision‑making with legal effects.

6. Sharing and recipients

We do not sell personal data. We share only as necessary to provide the Service:

  • Processors: Firebase (Google) for authentication and data hosting; Stripe for payment processing.
  • Professional advisors and authorities: where required by law (e.g., audits, court orders). If we receive a lawful request, we disclose only what we have (we cannot decrypt user content).

Data is otherwise not shared with third parties.

7. International transfers

Firebase and Stripe may process data in or outside the EEA. Where transfers occur, we rely on appropriate safeguards (e.g., EU Standard Contractual Clauses and vendor certifications). Details are in our Data Processing Agreement (DPA) and vendor policies.

8. Data retention

  • Account data: retained for the duration of your account and for a limited period thereafter to meet legal obligations (typically up to 6 years for invoicing in Finland).
  • Operational timestamps: retained while relevant to service operation; purged when no longer needed.
  • Encrypted content: retained only until expiry or deletion per feature design; then securely removed.
  • Support communications: retained as long as needed to address issues and for audit history, then deleted.

9. Security

We use modern security measures: client‑side end‑to‑end encryption for content, TLS for transport, hashed/salted passwords, role‑based access, and restricted administrator access. Processors implement their own safeguards.

No system is perfectly secure. We encourage strong authentication (e.g., passkeys or hardware keys) and secure device practices.

10. Your rights (EU/EEA)

Subject to law and certain limitations, you have rights to:

  • Access: request a copy of your personal data.
  • Rectification: correct incomplete or inaccurate data.
  • Erasure: request deletion of personal data (“right to be forgotten”).
  • Restriction: ask us to limit processing in certain cases.
  • Portability: receive your data in a machine‑readable format.
  • Objection: object to processing based on legitimate interests.

To exercise rights, please use our contact page. We may need to verify your identity. Note: we cannot access or provide plaintext of end‑to‑end encrypted content.

11. Children

The Service is intended for users aged 18 and above. We do not knowingly collect data from minors.

12. Cookies and tracking

We do not use analytics or advertising cookies. Essential cookies and local storage may be used for authentication and session management. Your browser can control cookies; blocking essential cookies may affect functionality.

13. Organisation customers and DPA

For B2B/government customers, we offer a DPA that governs our role as processor for certain data and sets out EU SCCs where needed. Contact us to request the DPA.

14. Changes to this Policy

We may update this Policy from time to time. Material changes will be notified (e.g., email or in‑app). The latest version will always be available on this page. Continued use after changes signifies acceptance.

15. Contact

Questions or rights requests shall be sent though our contact page.

    About Our Cookies

    We use essential cookies to make our site work. These are used for security and to keep you logged in. We do not use analytics or advertising cookies. For more information, please see our Privacy Policy.