Privacy Policy

Last updated: November 2025

What Data is Collected

The server collects and stores the following data:

  • Account information: Email address, hashed password, account creation timestamp
  • Character profiles: Character names, descriptions, demographic information, kink preferences, profile tags, contact information, image URLs
  • Server logs: Standard web server access logs including IP addresses, request timestamps, and HTTP status codes
  • XMPP authentication logs: Character authentication attempts for debugging purposes

What Data is Not Collected

The server does not collect or store the following:

  • Message content: Chat messages are routed through server memory but never written to disk
  • Chat history: No message logs are kept on the server
  • Usage analytics: No tracking pixels, analytics services, or behavioral data collection
  • Cookies: Only session cookies for authentication. No advertising or tracking cookies.

Message Storage Architecture

Messages are transmitted via XMPP protocol. When a message is sent:

  1. The message passes through server RAM to route to recipients
  2. The message is delivered to connected clients via WebSocket
  3. Each client stores the message in browser IndexedDB storage
  4. The server immediately discards the message after routing

Prosody XMPP server is configured with mod_offline and mod_mam disabled. Room history length is set to 0. No messages are persisted on the server under any circumstances.

Data Retention

  • Character profiles: Persist until explicitly deleted by the user
  • Account data: Persist until explicitly deleted by the user
  • Server logs: Rotate after 30 days
  • XMPP auth logs: Rotate after reaching 10MB, keep 5 backup files

Data Sharing

User data is not shared with third parties except as required by law. The server is hosted by a data center in Iceland. The hosting provider has access to server infrastructure but not to application data.

User Rights

Users have the following rights:

  • Access: View all stored profile and account data via the dashboard
  • Export: Export chat history from browser storage as JSON or plain text
  • Deletion: Delete character profiles or entire account at any time
  • Correction: Edit character profiles and account information at any time

Browser Storage

Chat messages are stored in your browser using IndexedDB. This storage is local to your device. Clearing browser data permanently deletes your chat history. The server cannot recover deleted messages.

Security

Connections use HTTPS encryption. Passwords are hashed using Django's default PBKDF2 algorithm. XMPP connections use TLS encryption. Character XMPP passwords are randomly generated 32-byte tokens.

Jurisdiction

Server infrastructure is located in Iceland. This jurisdiction provides strong privacy protections. The hosting provider does not respond to data requests from other jurisdictions for data that does not exist on the server.

Changes to This Policy

Material changes to this privacy policy will be announced via a notice on the landing page. Continued use of the service after changes indicates acceptance of the updated policy.

Contact

For privacy inquiries or data deletion requests, contact the administrator. Contact information is available on the about page.