Back to Home

Privacy Policy

Last updated: January 2, 2026

Overview

Rail Gun is built with privacy as a core principle. We use end-to-end encryption to ensure that your messages can only be read by you and your intended recipients. We cannot read your messages, and we minimize the data we collect.

What We Don't Collect

  • Message content (end-to-end encrypted)
  • Contact lists
  • Group membership details
  • Profile information beyond what you share
  • Location data
  • Phone numbers (not required)

What We May Collect

  • Account identifiers (username, device IDs)
  • Encrypted message routing metadata
  • IP addresses (temporarily, for rate limiting)
  • Crash reports (opt-in, anonymized)

Encryption

Rail Gun uses the Signal Protocol for end-to-end encryption. This means your messages are encrypted on your device before being sent and can only be decrypted by the intended recipient. Your encryption keys are generated and stored locally on your device—they never leave your device.

Data Retention

We retain encrypted messages on our servers only until they are delivered to all recipients. Undelivered messages are automatically deleted after 30 days. Account data is retained until you delete your account.

Your Rights

You can delete your account and all associated data at any time from the app settings. Upon deletion, we remove your account identifiers and any stored encrypted messages.

Contact

For privacy-related questions, please contact us at privacy@railgun.app