Data Retention Statement

SECRET is designed for minimal retention, end-to-end encryption, read-once delivery and emergency wipe control.

Plain text vs ciphertext

Plain text Plain text means the normal readable message: the words, voice or content a human can understand.
Ciphertext Ciphertext means the message after encryption: a locked unreadable package that only the recipient terminal can open.

Text message retention

Plain-text messages never reach our server.

The readable text is encrypted on the sender’s device before delivery. Our server does not receive the readable message, does not store the readable message and cannot read it.

What may pass through the SECRET infrastructure is only a ciphertext delivery package addressed to the approved recipient terminal. To anyone except the recipient terminal, that package is unreadable encrypted data.

After the recipient reads the message, the server-side encrypted delivery record is erased according to the read-once flow.

Encrypted audio and media

NO PLAIN AUDIO OR MEDIA IS STORED ON OUR SERVER. NO READABLE AUDIO OR MEDIA IS STORED ON OUR SERVER.

Voice and media are encrypted on the device before they are sent. Our server cannot listen to, open, play or understand the content.

SECRET does not keep readable audio files, readable media files or human-accessible message content on the server. Only encrypted delivery material and minimal delivery metadata may exist temporarily for the purpose of delivering the encrypted package to the intended terminal.

Local vault

Private keys and vault access material are stored locally on the approved device. SECRET does not keep a master key that can rebuild a wiped vault.

Panic Wipe

When Panic Wipe is executed, the account is disabled and anonymized, active sessions are removed, approved device records are revoked, linked encrypted records are purged, and local vault/session material is cleared from the device.

Operational records

Some minimal operational records may be retained for security, access control, subscription status, abuse prevention and legal compliance. These records are not message contents and are not readable private communications.

Important limitation

No system can guarantee absolute security if a device is physically compromised, jailbroken, modified, shared, or used outside the intended security model.