Privacy Policy

Last updated: February 2026

Overview

TheChatApp is designed around a simple principle: your data is yours. How we handle it depends on which tier you use.

Self-Hosted (Community & Business tiers)

When you self-host TheChatApp, we collect no data from you or your users. There is no telemetry, no analytics, no phone-home mechanism, and no connection to our servers. We do not know you exist.

All messages, files, and call data stay on your network. You are the sole data controller. No Data Processing Agreement is required with us because we never process your data.

Cloud-Hosted (Enterprise tier)

When you use our managed cloud hosting, we store encrypted blobs on servers operated by Hetzner Online GmbH in Germany and Finland (European Union). We do not hold decryption keys and cannot access the content of your messages, files, or calls.

What we store:

  • Encrypted message blobs (content is unreadable to us)
  • Encrypted file blobs (content is unreadable to us)
  • Anonymized operational metadata (e.g., “a message was sent” — not who sent it or what it said)
  • Account information you provide (email address for login)

What we never store:

  • Plaintext message content
  • Decryption keys
  • Call recordings or transcripts
  • Behavioral analytics or tracking data

Website

The thechatapp.chat website does not use cookies for tracking. We do not use third-party analytics services. Server access logs are retained for security purposes and deleted after 30 days.

Payment Processing

Payments are processed by third-party payment processors. We do not store credit card numbers or bank account details on our servers. Payment processors receive only the information necessary to complete transactions.

Data Location

Cloud-hosted data is stored on Hetzner Cloud servers in Germany and/or Finland, within the European Union. Self-hosted data is stored wherever you choose to run your server.

Your Rights (GDPR)

If you are a cloud-hosted Enterprise customer, you have the right to:

  • Access: Request a copy of the data we hold about your account
  • Rectification: Correct inaccurate account information
  • Erasure: Request deletion of your account and associated encrypted data
  • Portability: Export your data in a standard format
  • Restriction: Request that we limit processing of your data

To exercise these rights, contact us at contact@thechatapp.chat.

Data Retention

  • Self-hosted: Your responsibility. Data exists only on your infrastructure.
  • Cloud-hosted: Encrypted data is retained while your subscription is active. Upon cancellation, data is deleted within 30 days.
  • Account data: Retained until you request deletion.

Third Parties

We do not sell, share, or provide your data to advertising networks, data brokers, or any third party for marketing purposes. Our only third-party relationships are:

  • Hetzner Online GmbH: Infrastructure hosting (EU)
  • Payment processor: Transaction processing only

Changes to This Policy

We will notify cloud-hosted customers of material changes to this policy via email at least 30 days before they take effect.

Contact

For privacy-related questions or requests: contact@thechatapp.chat