Privacy

Privacy Policy

Effective 19 April 2026

Lominn is a private messaging app, designed so that we never learn what you say. Your messages are encrypted on your device with the Signal Protocol before they leave it; our server routes an opaque encrypted envelope to the recipient and cannot read its contents. This policy explains what information Lominn does handle, why we handle it, and how long we keep it.

Information you give us

Information handled while messages move

What Lominn does not collect

We do not collect or store:

Lominn contains no third-party trackers, no advertising SDKs, and no product analytics tools.

How long we keep data

DataRetention
Delivered and read messages (ciphertext + metadata)Deleted 30 days after you read them
Undelivered messagesHeld only until the recipient's device reconnects
Consumed one-time pre-keysDeleted 7 days after use
Authentication refresh tokens7 days
Authentication audit events14 days; no IP addresses are recorded

When you delete your account, we delete your profile, your uploaded public-key bundle, and any messages queued for you. Messages already delivered to other people live on their devices and can only be removed by them.

Who we share data with

We do not sell, rent, or share personal data with advertisers, marketers, data brokers, or analytics providers. We do not use your data to build profiles about you.

A small set of infrastructure providers process data on our behalf so Lominn can run:

None of these providers has access to the content of your Lominn messages.

Law enforcement requests

Because Lominn uses end-to-end encryption, we cannot produce the content of any message, past or present, in response to a legal request — we don't have it. What we can be compelled to produce is the limited data described above, bounded by the retention windows listed. We review every request we receive for legal validity and narrow scope, and we will challenge ones that are not.

Security

No system is perfect. If you believe you have found a vulnerability, please write to security@lominn.com.

Your rights

Depending on where you live, you may have the right to access, export, correct, or delete your personal data, and to object to its processing. You can delete your account directly from the Settings screen in the Lominn app at any time. For anything else, write to privacy@lominn.com and we will respond within 30 days.

Children

Lominn is not intended for people under 16. If you believe a child has created an account, please contact us and we will remove it.

Changes to this policy

If we change this policy, we will update the effective date at the top and post the revised version on this page. Material changes will be announced in the app before they take effect.

Contact

Questions about this policy, or about the data we hold on you:
privacy@lominn.com