Trust & Privacy

Our commitment to your privacy

Plain language explanations of what we do and don't do with your data. No legal jargon, no hidden clauses.

Privacy policy in plain language

The TL;DR version. Full legal policy available below.

What we collect

  • Email address (for account recovery only)
  • Encrypted data blobs (we cannot read them)
  • Basic server logs (IP, timestamp) - auto-deleted after 7 days
  • Payment info if you donate (processed by Stripe, not stored by us)

What we DO NOT collect

  • No analytics or tracking
  • No advertising identifiers
  • No device fingerprinting
  • No usage patterns or behavior data
  • No third-party cookies
  • No data sharing with partners, ever

How your data flows

A visual explanation of what happens to your data at each step.

1. On Your Device

You create or edit data. Before anything leaves your device, it gets encrypted using your private key. Only you have this key.

2. In Transit

Already-encrypted data travels over TLS 1.3. Even if intercepted, attackers see encrypted data inside encrypted transport.

3. On Our Servers

We store encrypted blobs. We cannot decrypt them. We cannot read your content. A subpoena would only yield encrypted data we cannot access.

4. To Your Other Devices

When you sync, encrypted data travels to your other devices where it's decrypted locally using your key.

Storage & retention

Where your data lives and for how long.

Primary Storage

Hetzner data centers in Germany and Finland. EU jurisdiction, GDPR compliant. No US Cloud Act exposure.

Backups

Encrypted backups stored separately. 30-day retention. Backups are encrypted at rest with keys we don't have.

Account Deletion

Request deletion anytime. Data is purged within 72 hours. Backups are purged within 30 days. No "soft delete" games.

Open source & audits

Verify our claims yourself. Everything is public.

Source Code

All components are open source under MIT license. Server code, client apps, cryptographic libraries - everything.

GitHub: github.com/privacyguard

Security Audits

We commission regular third-party security audits. All reports are published in full, including findings and our responses.

  • Cure53 (2024) - Full security audit
  • Trail of Bits (2024) - Cryptographic review
  • NCC Group (2023) - Initial assessment

Jurisdiction & governance

Who we are and what laws apply to us.

Legal Entity

Privacy Guard Foundation, registered in the Netherlands. Non-profit organization. No shareholders or investors with conflicting interests.

Applicable Law

Dutch and EU law. GDPR applies. We are not subject to US surveillance laws (no FISA, no Cloud Act, no National Security Letters).

Warrant Canary

We maintain a warrant canary updated monthly. If we ever receive a secret court order, the canary will stop being updated.

Report security issues

Found a vulnerability? We have a bug bounty program. Responsible disclosure is rewarded.

Email: security@privacyguard.org

PGP Key: Available on our website and keyservers

Response time: Within 24 hours for critical issues