ReMaze

Privacy Policy

Last updated: January 29, 2026

ReMaze is designed with privacy as a core principle. Your messages are end-to-end encrypted, stored only on your device, and we cannot read them. We collect the absolute minimum data required to deliver the service.

Our Privacy Principles

ReMaze is built on a simple foundation: your conversations belong to you, not us. We've designed our systems so that:

We can't read your messages. End-to-end encryption means only you and your recipient can decrypt message content.
Your messages stay on your device. We don't store message content on our servers.
We collect minimal data. Only what's technically necessary to deliver messages.
We don't sell your data. Ever. To anyone. For any reason.
We don't track you. No analytics, no profiling, no advertising.

Information We Collect

We collect only the minimum information necessary to operate the service:

Data	Purpose	Storage
Phone number or email	Account identification	Server
Public encryption keys	Secure key exchange	Server
Push notification token	Message delivery notifications	Server
Profile name & picture	Display to your contacts	Device
Message content	Your conversations	Device
Contact list	Finding friends on ReMaze	Device

Information We Don't Collect

Unlike many messaging apps, we explicitly do not collect:

✓

Message content — Your messages are end-to-end encrypted and stored only on your device. We technically cannot read them.

✓

Contact lists — We don't upload or store your contacts on our servers.

✓

Location data — We don't track where you are or where you've been.

✓

Usage analytics — We don't track how often you use the app, which features you use, or your behavior patterns.

✓

Device identifiers — We don't collect advertising IDs, hardware identifiers, or device fingerprints.

✓

Social graph metadata — We don't analyze who you talk to, when, or how often.

End-to-End Encryption

All messages in ReMaze are protected by end-to-end encryption using industry-standard cryptographic protocols. This means:

Messages are encrypted on your device before being sent
Only the intended recipient can decrypt and read messages
Not even ReMaze can access your message content
Encryption keys are generated and stored securely on your device

We use proven cryptographic libraries (NaCl/TweetNaCl) and follow established security practices. Our encryption implementation is designed to protect your messages from interception, even if our servers were compromised.

Data Storage

On Your Device

The following data is stored locally on your device and never transmitted to our servers:

All message content and conversation history
Your private encryption keys
Profile information of your contacts
App settings and preferences

This data is stored in encrypted form using your device's secure storage capabilities. If you uninstall the app or clear its data, this information is permanently deleted.

On Our Servers

We store only the minimum data required to operate the service:

Your account identifier (phone number or email)
Your public encryption keys (necessary for others to send you encrypted messages)
Push notification tokens (to alert you of new messages)

Messages in transit are encrypted and queued temporarily until delivered, then immediately deleted from our servers.

App Permissions

ReMaze requests only the permissions necessary for core functionality:

Permission	Why We Need It
Camera	Scan QR codes to add contacts securely and take profile pictures
Photo Library	Select a profile picture from your existing photos
Notifications	Alert you when you receive new messages
Internet	Send and receive messages

All permissions are optional. You can deny any permission and still use the app with reduced functionality. We never access your camera, photos, or other device features without explicit action on your part.

Data Retention

Messages: Stored only on your device. You control deletion.
Account data: Retained while your account is active. Deleted upon account deletion request.
Messages in transit: Deleted immediately upon successful delivery (or within 30 days if undeliverable).

When you delete your account, we remove all associated data from our servers within 30 days.

Your Rights

You have full control over your data:

Access: Your message history and contacts are stored on your device and accessible to you at any time.
Deletion: Delete individual messages, entire conversations, or your complete account at any time.
Export: Export your data from within the app.
Portability: Your data belongs to you.

For users in the European Union, you have additional rights under GDPR including the right to access, rectification, erasure, and data portability. Contact us to exercise these rights.

Policy Changes

We may update this privacy policy from time to time. When we make significant changes, we will:

Update the "Last updated" date at the top of this policy
Notify you through the app or via email
Provide a summary of what changed

We encourage you to review this policy periodically. Continued use of ReMaze after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this privacy policy or our privacy practices, please contact us at:

Email: privacy@remaze.app

We take privacy concerns seriously and will respond to inquiries promptly.