Privacy Policy

Last updated: May 3, 2026

1. Introduction
2. Data We Collect
3. End-to-End Encryption & Data Security
4. How We Use Your Data
5. Third-Party Services
6. Data Retention
7. Your Rights
8. Contact Us

1. Introduction

Wiped is a privacy-first messaging and collaboration platform. We are committed to protecting your personal data and respecting your privacy rights. This Privacy Policy explains how we collect, use, process, and protect your information.

By using Wiped, you agree to this Privacy Policy. If you do not agree, please do not use our services.

2. Data We Collect

2.1 Account Information

Account creation: email address, username, password (hashed)
Profile data: avatar, display name, status message
Billing data: payment method (Stripe or Monero), subscription tier, invoice history

2.2 Communication Data

Messages: text, files, images, voice messages (encrypted end-to-end)
Metadata: timestamps, sender/recipient identifiers, encryption keys (stored encrypted)
Spaces: space names, descriptions, member lists, channel data
Calendar events: event titles, descriptions, attendees, times (encrypted in transit)

2.3 Feature-Specific Data

Notes: encrypted notebooks, shared notes, revision history
Reminders: reminder text, times, associated tasks
Polls: poll questions, responses, voting data (anonymized by default)
Calendar (Google/Outlook sync): OAuth tokens (encrypted), synced event data, webhook metadata
Voice & Video: connection metadata via LiveKit (IP, media quality stats, call duration)
File transfers: file metadata (name, size, MIME type), expiration, access logs

2.4 Technical & Usage Data

Device info: browser type, OS, device model (for error reporting)
Session data: session token, login times, IP address, device fingerprint
Log data: API calls, errors, performance metrics, security events
Push notification tokens: device registration for browser/mobile notifications

⚠️ What we DON'T collect:

We do not use cookies (except session tokens), analytics trackers, or third-party pixel trackers. We do not profile you or sell your data. We do not track you across the internet.

3. End-to-End Encryption & Data Security

3.1 E2E Encryption

All direct messages and group conversations are encrypted end-to-end using the Signal protocol (Double Ratchet Algorithm). This means:

Only the sender and intended recipient(s) can decrypt messages
Wiped servers never have access to plaintext messages or media
Even we cannot read your conversations, even if legally compelled
Each message has a unique encryption key (perfect forward secrecy)

3.2 Data in Transit

All communication with Wiped servers uses HTTPS/TLS 1.3
WebSocket connections are encrypted with wss:// (secure WebSocket)
Calendar webhook traffic from Google/Outlook to our servers uses signed HMAC verification

3.3 Data at Rest

Encrypted fields: messages, files, encryption keys, OAuth tokens
Database: AES-256 encryption for sensitive columns
File storage (Cloudflare R2): server-side encryption (AES-256), TLS in transit
Backups: encrypted backups, access restricted to core team

3.4 Key Management

User encryption keys are derived from password using Argon2 + PBKDF2
Master keys are rotatable and stored in hardware security modules (HSM)
OAuth tokens (Google, Outlook) are encrypted with AES-256 and rotated regularly

4. How We Use Your Data

4.1 Core Service Delivery

Deliver encrypted messages and files to intended recipients
Manage spaces, channels, and access control
Store encrypted notes, reminders, and calendars
Sync with external calendars (Google Calendar, Outlook) via OAuth

4.2 Account & Security

Authenticate and authorize your access
Detect and prevent fraud, abuse, and unauthorized access
Enforce rate limits and abuse policies
Maintain audit logs for security incidents

4.3 Service Improvement

Aggregated usage stats: feature popularity, performance bottlenecks (no personal data)
Error monitoring: crash logs, bug reports (anonymized)
Capacity planning: storage usage, bandwidth trends

4.4 What We DON'T Use Your Data For

Advertising or marketing personalization
Selling to third parties
Training AI/ML models on your conversations
Profiling or behavioral analysis

5. Third-Party Services & Integrations

5.1 Payment Processors

Stripe: processes credit/debit card payments. Stripe Privacy Policy
NOWPayments: processes Monero payments (privacy coin). NOWPayments Privacy Policy

We share only: email, account ID, transaction amount, subscription tier. No conversation data is shared.

5.2 Calendar Integrations

Google Calendar: When you connect Google Calendar, we request OAuth access to read/write calendar events. Google Privacy Policy
Outlook Calendar: (planned v1.1) similar OAuth flow with Microsoft Graph. Microsoft Privacy Statement

What happens: We store your OAuth token (encrypted), sync calendar events locally, and set up webhooks to pull updates when Google/Outlook notifies us. We do NOT read your email, contacts, or other Microsoft/Google data.

5.3 Voice & Video

LiveKit: open-source SFU (Selective Forwarding Unit) for group voice/video calls. LiveKit Privacy

LiveKit handles media relay only; encryption happens end-to-end between clients. LiveKit does not store or access call content.

5.4 Push Notifications

Vapid Protocol: web push via browser native APIs. Your notification token is encrypted and stored locally.

5.5 File Storage

Cloudflare R2: S3-compatible object storage for file transfers, encrypted at rest. Cloudflare Privacy Policy

6. Data Retention

6.1 Active Accounts

Messages: 7 days (free) or 1 year (paid). Deleted messages are permanently removed after TTL.
Notes: stored indefinitely until you delete them
Files: stored indefinitely unless you set an expiration date
Session data: 30 days of login history
Calendars & Events: until deleted by user

6.2 Deleted Accounts

Upon account deletion, all personal data is purged within 30 days
Shared group messages remain (with sender anonymized)
Encryption keys are destroyed immediately
Logs are retained for 90 days for security/legal reasons, then deleted

6.3 Backup & Disaster Recovery

Backups are retained for 30 days (encrypted)
Backups are deleted when your account is deleted

7. Your Rights (GDPR & Global Privacy Laws)

7.1 Right to Access

You can request a copy of all personal data we hold about you. Email us and we'll provide a JSON export within 14 days.

7.2 Right to Deletion ("Right to be Forgotten")

You can request deletion of your account and all associated data. Upon deletion, we permanently remove your data within 30 days (except legally required logs, deleted after 90 days).

7.3 Right to Portability

You can download your data in standard formats (JSON, CSV, etc.). Contact us for details.

7.4 Right to Correction

You can update or correct your account information at any time in Settings.

7.5 Right to Object

You can object to certain data processing (e.g., push notifications, analytics). We will honor your preferences without affecting core service delivery.

7.6 Right to Restrict Processing

If you believe your data is being misused, you can request processing restrictions while we investigate.

7.7 How to Exercise Your Rights

Email [email protected] with your request and proof of identity. We will respond within 14 business days.

🔒 EU Users:

Wiped complies with the EU General Data Protection Regulation (GDPR). You have additional rights, including submitting complaints to your local data protection authority.

8. Contact Us

If you have questions about this Privacy Policy or our data practices:

Privacy Questions: [email protected]
Support: [email protected]
Data Protection Officer: [email protected]
General Contact: [email protected]

8.1 Changes to This Policy

We may update this Privacy Policy as our services evolve. We will notify you of material changes via email or a prominent notice on the app. Your continued use constitutes acceptance of changes.