← Back to Home

Privacy Policy

Last updated: February 27, 2026

1. Introduction

Bedrock Chat (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our communication platform.

By using Bedrock Chat, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the service.

2. Information We Collect

2.1 Information You Provide

  • Account information: username, email address, password (hashed)
  • Profile information: display name, avatar, status
  • Messages and content: text messages, file uploads, reactions
  • Server and channel settings: server names, roles, permissions

2.2 Anonymous Technical Data

We collect anonymous technical data to understand how the app is being used and to fix problems. None of this data is linked to your account or identity. It cannot be used to identify you. See Section 9 for the full explanation.

  • Pages visited — recorded as anonymized paths (e.g., “/server/*/channel/*” with all IDs stripped out)
  • Features used — for example, “a voice channel was joined” (not who joined or which channel)
  • Performance metrics — page load times, connection speeds, error rates
  • Session patterns — how long anonymous sessions last (not who the sessions belong to)
  • Device category — mobile, tablet, or desktop, derived from screen width only (not device fingerprinting or user-agent strings)
  • Viewport size — small / medium / large / extra-large (Tailwind breakpoints, not exact pixel dimensions)
  • Browser family — Chrome, Firefox, Safari, Edge, or Other (no version numbers)
  • OS family — Windows, macOS, Linux, iOS, or Android (no version numbers)

Voice call metadata (timestamps, participant list, duration) is stored as part of your account record — not as anonymous analytics.

2.3 What We DO NOT Collect

  • Government IDs or facial scans — never required, never collected
  • Audio or video recordings — only metadata is stored (timestamps, participants)
  • Message content in analytics — your messages are end-to-end encrypted and never read by our analytics system
  • IP addresses — not stored in any analytics record
  • Device fingerprints — no canvas fingerprinting, no audio fingerprinting, no user-agent sniffing
  • Browsing history outside our platform
  • Third-party tracker data — no hidden surveillance, no advertising pixels

3. How We Use Your Information

  • Provide, maintain, and improve the Bedrock Chat service
  • Authenticate and secure your account
  • Enable messaging, voice, and collaboration features
  • Detect and prevent abuse, spam, and security threats
  • Understand anonymous usage patterns to prioritize features and fix bugs
  • Comply with legal obligations

Legal basis under GDPR: We process account data on the basis of contractual necessity (providing the service) and security (legitimate interest). We process anonymous analytics data on the basis of legitimate interest (Article 6(1)(f)) — specifically, improving app performance, fixing bugs, and understanding feature usage. This does not require consent because no personal data is processed, data is fully anonymized, and you can opt out at any time without any effect on your account.

4. Data Retention

  • Messages: retained until you delete them or delete your account
  • Account data: retained while your account is active; deleted within 30 days of account deletion
  • Voice call metadata: retained for 90 days
  • Anonymous analytics raw events: automatically deleted after 30 days. Only statistical aggregates survive (e.g., “47 sessions visited the settings page on February 15” — no individual session data)
  • Bug reports: retained until resolved or closed; then archived for 12 months
  • Security logs: retained for 12 months

5. End-to-End Encryption

Bedrock Chat uses end-to-end encryption (AES-GCM) for messages. This means:

  • Messages are encrypted on your device before transmission
  • Only you and your intended recipients can read messages
  • Our servers cannot decrypt your message content
  • Private keys are stored locally in your browser's IndexedDB
  • Key exchange uses ECDH (Elliptic Curve Diffie-Hellman)

6. Third-Party Services

We currently use the following third-party services to operate Bedrock Chat:

  • Supabase — database, authentication, and real-time messaging (PostgreSQL)
  • LiveKit — WebRTC voice and video calls
  • Vercel — application hosting and CDN

Note: These are temporary dependencies. We are building self-hosted infrastructure to eliminate all third-party data processors. No third-party advertising or analytics services are used. Our anonymous analytics system is entirely self-hosted — your usage data never leaves our infrastructure and is never sent to Google Analytics, Mixpanel, Amplitude, or any other external service.

7. Your Rights

7.1 GDPR Rights (EU/EEA Residents)

  • Right of access: request a copy of your personal data
  • Right to rectification: correct inaccurate data
  • Right to erasure: request deletion of your data (“right to be forgotten”)
  • Right to restrict processing: limit how we use your data
  • Right to data portability: receive your data in a machine-readable format
  • Right to object: opt out of certain data processing
  • Right to opt out of anonymous analytics: go to Settings → Privacy & Analytics and toggle analytics off. This takes effect immediately. No data is collected after opting out. No penalty, no reduced functionality.

7.2 CCPA/CPRA Rights (California Residents)

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information
  • Right to opt out of the sale or sharing of personal information (we do not sell your data)
  • Right to limit use of sensitive personal information
  • Right to non-discrimination

Note for California residents: Anonymous analytics session tokens are not “personal information” under CCPA/CPRA because they are not reasonably linkable to a particular consumer or household. We do not “sell” or “share” (as defined by CCPA/CPRA) any analytics data. All analytics data remains exclusively on our infrastructure.

To exercise any of these rights, visit Data Export or contact us at privacy@bedrock-chat.com.

8. Children's Privacy (COPPA)

Users under 13 require parental consent through our Family Account system. Parents can:

  • Set monitoring levels (Minimal, Moderate, Balanced, Restricted)
  • View a transparency log of all monitoring actions
  • Control which servers their child can join
  • Export or delete their child's data at any time

Teens always see their current monitoring level in Settings, ensuring full transparency.

Analytics and age protections:

  • Under 13: Analytics is completely disabled. No events, no session tokens, no collection of any kind. Period. Parental consent for analytics is not required because no analytics data is collected.
  • Ages 13–15: Only anonymized page views are collected. No feature usage tracking, no session duration, no performance metrics tied to their sessions.
  • Ages 16–17 and adults: Standard anonymous collection with opt-out available at any time via Settings → Privacy & Analytics.

9. Anonymous Analytics

TL;DR: We collect anonymous data about how people use Bedrock Chat so we can make it better. We never know who you are. You can turn it off anytime in Settings.

9.1 Why We Collect Analytics

We want to build the best privacy-first chat app. To do that, we need to know which features people actually use, which pages are slow to load, and where errors happen. Analytics helps us prioritize what to fix and build next.

Most chat apps track you personally to build advertising profiles. We don't do that — and we don't want to. Our analytics only tells us that someone did something, never who did it.

9.2 What We Collect

  • Which pages are visited (with all IDs stripped)
  • Which features are used (e.g., “voice channel joined” — not who joined or which channel)
  • App performance metrics (page load times, connection speeds, error rates)
  • Session duration patterns (how long sessions last, not who the sessions belong to)
  • Device category (mobile/tablet/desktop — from screen width, never device fingerprinting)
  • Viewport size bucket (sm/md/lg/xl — Tailwind breakpoints, not exact pixel dimensions)
  • Browser family (Chrome/Firefox/Safari/Edge/Other — no version numbers)
  • OS family (Windows/macOS/Linux/iOS/Android — no version numbers)

9.3 What We NEVER Collect Through Analytics

  • Your name, username, or display name
  • Your email address
  • Your IP address
  • Any message content
  • Voice audio or transcriptions
  • Contact lists or friend lists
  • Server or channel names or IDs
  • Your account ID or user ID
  • Any data that could identify a specific individual

9.4 How It Works (The Technical Bit)

When you open Bedrock Chat, your browser generates a random ID — something like 7f3a9b2c-e4d1-... — using your browser's built-in random number generator. This ID is stored only in your browser's session memory (called sessionStorage). When you close the tab, it's gone. When you open a new tab, a completely new random ID is created. There is no way to link one session to another.

Think of it like dropping an anonymous comment card into a suggestion box. The card says “someone visited the Settings page” — but there's no name on it, no handwriting analysis, no way to figure out who dropped it in. We see the card. We don't see you.

When you visit the Settings page, we record that “someone visited Settings” — but we have no idea it was you.

No cross-session tracking. Close the tab and reopen it — you are a completely new anonymous session. There is no mechanism, technical or otherwise, to link Tuesday's session to Wednesday's session.

9.5 How Long We Keep It

Raw anonymous events are automatically deleted after 30 days. After that, only statistical summaries survive — for example, “47 sessions visited the settings page on February 15.” Those summaries contain no individual session data.

9.6 Age-Specific Protections

  • Under 13: Analytics is completely off. No data. No session tokens. Nothing.
  • Ages 13–15: Only anonymized page views. No feature tracking, no performance metrics tied to sessions.
  • Ages 16 and up: Standard anonymous collection with opt-out available.

9.7 How to Opt Out

Go to Settings → Privacy & Analytics and toggle analytics off. It takes effect immediately. No data is collected after you opt out. No penalty, no reduced functionality, no nagging.

9.8 No Third Parties

All analytics data is stored exclusively in our own database (Supabase, which we control). It is never sent to Google Analytics, Mixpanel, Amplitude, Hotjar, or any other analytics service. It never leaves our infrastructure.

9.9 GDPR Legal Basis

We process anonymous analytics data under legitimate interest (GDPR Article 6(1)(f)). The legitimate interest is improving app performance, fixing bugs, and understanding feature usage to prioritize development. Consent is not required because: no personal data is processed, data is fully anonymized, users can opt out at any time, and the processing causes no detriment to users.

10. Bug Reports

You can submit bug reports to help us fix problems. Here's exactly how your data is handled:

By default, bug reports are anonymous. We don't know who submitted them.

If you choose to, you can attach your display name and account ID to a report by toggling “Attach my account” when submitting. This is OFF by default — you have to actively turn it on. You see exactly what will be shared before you submit.

10.1 What's Included in Every Bug Report (Anonymous)

  • Your description of the problem
  • What page you were on
  • Your device type (mobile/tablet/desktop)
  • Your browser type (Chrome, Firefox, etc. — no version number)
  • Your operating system (Windows, Mac, etc. — no version number)
  • Recent app errors from your current session

10.2 What's NOT Included (Unless You Opt In)

  • Your name or username
  • Your email
  • Your account ID
  • Any message content
  • Any server or channel information

We automatically scan bug report descriptions for accidentally included personal information (email addresses, phone numbers, etc.) and remove it before storing. Screenshots you attach are stored privately and only accessible by our support team.

11. Global Privacy Control (GPC)

We honor Global Privacy Control (GPC) signals. If your browser sends a GPC signal, we automatically disable analytics data collection. We also honor Do Not Track (DNT) signals.

12. Security

We implement industry-standard security measures including:

  • End-to-end encryption for messages (AES-GCM)
  • TLS/HTTPS for all data in transit
  • Secure password hashing
  • Content Security Policy (CSP) headers
  • Rate limiting and brute-force protection
  • Regular security reviews

13. Data Transfers

Your data may be processed in the United States where our infrastructure is hosted. We ensure appropriate safeguards are in place for international data transfers in compliance with GDPR requirements.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Last updated” date and prompt you to review the updated policy through our consent management system.

15. Contact Us

If you have questions about this Privacy Policy or your data: