Back to HomeGet StartedDownloadsPreview Source CodeAboutFAQ

Privacy Policy

Version: 1.0

Last Updated: January 8, 2026

These documents govern the use of Hasher applications and services. They are written to comply with Google Play Store and Apple App Store policies.

1. Overview

Hasher is designed with privacy as a core principle.

We do not collect personal identifiers such as:

  • Names
  • Email addresses
  • Phone numbers
  • Contacts

2. Data We Do Not Collect

Hasher does NOT collect personal data or identifiers, including:

  • Contact lists
  • Call logs
  • Message content
  • Media content in plaintext
  • Device hardware identifiers
  • Hardware fingerprints
  • Advertising identifiers

3. Encryption & Message Content

Hasher uses zero-knowledge, end-to-end encryption.

All messages, voice notes, media, and calls are encrypted on the user's device before transmission.

Hasher servers store only encrypted data.

We cannot read or access message content.

Decryptor passwords and device keys never leave your device unless you enable recovery; recovery stores only hashes for rebinding.

4. Camera & Microphone Access

Camera and microphone access occurs only when the user explicitly initiates:

  • Voice recording
  • Media capture
  • Calls

These permissions are:

  • Requested at runtime
  • Used only while the app is in the foreground
  • Released immediately after use

Captured media is encrypted on-device before upload.

5. Device Keys & Security

Hasher uses cryptographic device keys generated on the user's device to manage access.

Biometric unlock is optional. When enabled, authentication is performed by the device operating system.

Hasher does not collect, store, or access biometric identifiers. The OS manages biometrics and only returns a success or failure signal.

If biometric unlock is enabled, a copy of your private keys is stored locally on your device's secure storage so the app can unlock without your decryptor.

These keys:

  • Are cryptographic device keys, not hardware fingerprints
  • Are not derived from device identifiers
  • Are bound only by explicit user action
  • Can be reset by uninstalling the app

Only public cryptographic keys are stored on servers.

Each account supports one active device key at a time; rebinding requires explicit user action and (if enabled) recovery verification.

6. Server Data

Servers may store:

  • Encrypted message blobs
  • Encrypted media blobs
  • Cryptographic device public keys
  • Subscription verification tokens
  • Optional recovery hashes

No plaintext content is stored.

7. Logs & Analytics

Hasher does not log message content.

We do not use invasive analytics or tracking technologies.

Limited operational logs may exist for abuse prevention and service reliability.

8. Third-Party Services

Hasher may use infrastructure providers for:

  • Hosting
  • Content delivery
  • Push notifications

These providers do not receive message content.

9. User Control

Users may:

  • Delete local app data
  • Uninstall the app at any time
  • Stop using the service without providing personal information

10. Changes to This Policy

We may update this Privacy Policy as the service evolves.

Updates will be reflected on this page.

11. Contact

For privacy-related inquiries:

[email protected]