Privacy Policy

Last Updated: March 24, 2026

1. Introduction

Yufony is a decentralized, peer-to-peer community chat platform. Unlike traditional chat services, Yufony does not operate a central server that stores your messages or personal information. Your identity is a cryptographic keypair generated and stored on your device.

This Privacy Policy explains what data exists in the Yufony ecosystem, who has access to it, and what Yufony ("we," "us"), the entity that develops the Yufony client software and operates the Yufony Central seed node, collects, if anything.

2. How Yufony Works

Understanding Yufony's privacy model requires understanding its architecture:

  • Your identity is an Ed25519 cryptographic keypair generated locally on your device. Your public key is your user ID. There is no email, password, or account registration.
  • Seed nodes are relay servers that store and forward messages for communities. Anyone can run a seed node. Yufony operates one default seed node, Yufony Central (central.yufony.com).
  • Public communities send messages in plaintext through the seed node. The seed operator can read message content.
  • Private (E2EE) communities encrypt all message content client-to-client. The seed node stores only ciphertext and cannot read message content.
  • Direct messages (DMs) are always end-to-end encrypted using X25519 key agreement. No seed node can read DM content.

3. Data We Do Not Collect

Yufony does not:

  • Require or collect email addresses, phone numbers, or real names
  • Use cookies, tracking pixels, or individually-identifying analytics
  • Sell, share, or monetize any user data
  • Perform behavioral profiling or ad targeting
  • Access or store the content of E2EE messages or DMs

4. Data Stored on Your Device

The following data is generated and stored locally on your device. We never have access to it:

  • Private keys: Your Ed25519 master signing key and any device sub-keys. These never leave your device unless you explicitly export them (e.g., via BIP39 mnemonic backup).
  • Message history: Messages you send and receive are cached locally in a SQLite database.
  • Community keys: Encryption keys for private communities you are a member of.
  • Recovery data: Backup key commitments, Shamir secret shares (if you set up social recovery), and guardian information.
  • Settings and preferences: Display name, avatar, audio device selections, and other local configuration.

5. Data Processed by Seed Nodes

When you join a community, the community's seed node processes the following:

5.1 Data the Seed Always Sees (Metadata)

Even in E2EE communities, the seed node can observe:

  • Your IP address when you connect
  • Your public key (user ID)
  • Which communities you are a member of
  • When you are online or offline
  • Which channels you send messages to and when (timing metadata)
  • Voice channel participation (who joins/leaves, when)
  • Friend request routing (sender and recipient public keys, not content)

5.2 Data the Seed Can Read (Public Communities Only)

In public communities, the seed node stores and can read:

  • Message content (text, images, file attachments)
  • Display names and avatars
  • Reactions and message edits
  • Role assignments and moderation actions

5.3 Data the Seed Cannot Read (E2EE Communities and DMs)

In private communities, the seed stores encrypted ciphertext and empty content bodies. It cannot decrypt or read message content, reactions, or edits on encrypted messages.

All DMs are encrypted client-to-client using X25519 key derivation. The seed may relay encrypted DM payloads but cannot read them.

6. Yufony Central Seed Node

Yufony operates the default seed node at central.yufony.com. For this node specifically:

  • Connection logs: We do not log IP addresses beyond what is necessary for active TCP connections. No connection logs are retained after disconnection.
  • Message storage: Messages are stored in a SQLite database for message delivery and sync. Public community messages are stored in plaintext. E2EE community messages are stored as ciphertext.
  • Retention: Messages may be subject to a retention period (configurable by the seed operator), after which they are automatically purged.
  • Access: Only the Yufony team has access to the Yufony Central seed node and its database.

We cannot make guarantees about third-party seed nodes. Each seed node is independently operated and may have its own data practices.

7. Third-Party Services

7.1 Yufony Client

The Yufony client may optionally interact with:

  • STUN servers (Google's public STUN servers) for WebRTC voice/video NAT traversal. These servers see your IP address during voice calls but do not receive message content.
  • Giphy API (if configured by the seed operator) for GIF search. Search queries are sent to Giphy's servers.

7.2 Yufony Website

The yufony.com website uses Plausible Analytics, a privacy-focused analytics service. Plausible does not use cookies, does not track individuals across sites, and does not collect personal data. It provides aggregate statistics only (e.g., page views, referral sources, country-level location). No individual visitor can be identified. For details, see Plausible's data policy.

No other third-party services are used by the website or the client.

8. Data You Share with Other Users

When you use Yufony, other community members can see:

  • Your display name and avatar
  • Your online/offline status
  • Messages you send in shared channels
  • Your voice channel participation
  • Your public key (user ID)

In private communities, this information is only visible to other members who hold the community encryption key.

9. Data Deletion and Portability

  • Local data: You can delete all local data by removing your Yufony data directory. Your identity, messages, keys, and all local state will be permanently erased.
  • Seed-stored data: Messages stored on seed nodes are retained according to the seed operator's retention policy. You cannot remotely delete messages already delivered to a seed. Leaving a community removes your membership but does not retroactively delete previously sent messages.
  • Identity: Your identity is your keypair. There is no account to "delete." If you stop using your keypair, no further data is associated with it.

10. Security

Yufony employs the following security measures:

  • Transport encryption: All peer and seed connections use TLS.
  • End-to-end encryption: Private communities use symmetric encryption (NaCl SecretBox) with per-community keys. DMs use X25519 + NaCl Box.
  • Message signing: All messages are signed with the sender's Ed25519 key, preventing forgery.
  • Key rotation: Community encryption keys are rotated when members are kicked or banned.
  • Device sub-keys: Each device can have its own sub-keypair, enabling per-device revocation without abandoning your identity.

No system is perfectly secure. Yufony's security depends on the integrity of your device and the safekeeping of your private keys.

11. Children's Privacy

Yufony is not intended for users under 13 years of age. We do not knowingly collect or process data from children. Since Yufony does not require account registration, we cannot verify age. Community operators are responsible for enforcing age policies within their communities.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in the software or our practices. The "Last Updated" date at the top will be revised accordingly. Continued use of Yufony after changes constitutes acceptance of the revised policy.

13. Contact

If you have questions about this Privacy Policy:

Email: support@yufony.com