Privacy Policy

Last updated: April 2026

      TL;DR: We cannot read your messages. They are encrypted on your device
      before reaching our servers. You can delete all your data at any time. You can bring
      your own database so data never touches our servers at all.
    

What We Store

When using our Firebase relay (the default option), we store:

Encrypted message blobs — nonce + ciphertext. We cannot decrypt these.
Hashed chat identifiers — SHA-256 hashed, we cannot reverse them.
Timestamps — for message ordering and expiry.
Account info — email (if you signed up), plan type, message count.

What We Cannot See

Message content (encrypted end-to-end with NaCl crypto_box)
Who sent or received messages
Which chat platform messages came from
Contact names or phone numbers

Data Retention

Free plan: messages auto-expire after 7 days
Paid plan: messages auto-expire after 30 days
You can wipe all data instantly from the desktop app
Expired messages are permanently deleted by an hourly cleanup process

Bring Your Own Database

You can connect your own PostgreSQL database. When using BYOD mode, your message data never passes through our servers. Your database connection string is stored locally on your device only and is never transmitted to us.

Third-Party Services

Firebase (Google) — hosting, authentication, database
Stripe — payment processing (paid plans only)
Beeper — runs locally on your desktop, no data sent to Beeper from PebBeep

Contact

Questions about privacy? Open an issue on our GitHub repository.