Privacy Policy

Last updated: April 16, 2026

1. Who We Are

WORMIT is a decentralized communication and social platform. Direct messaging is end-to-end encrypted (E2EE), while public WORM Spaces operate as open, decentralized forums. All data travels through the GunDB peer-to-peer (P2P) mesh network. No central server — including ours — can read your private messages or control the network.

2. What Data We Process

We do NOT collect:

• Your real name, email address, or phone number
• Your central location or precise IP address (except transiently during P2P handshakes)
• Your private cryptographic key (it never leaves your local device)
• Any external data outside the WORMIT app

Limited data handled by the decentralized network:

• WORMIT Handle — your chosen username (e.g., yourname.wormit), published to the GunDB mesh. Not linked to any real-world identity.
• Optional Profile Data — display name, bio, and avatar image. Stored on the GunDB mesh under your handle.
• External Email Addresses — only when you use the Bridge to send mail to a non-WORMIT address. Used solely for delivery; not retained after sending.
• Push Notification Token — if you enable push alerts, your device token is stored linked to your WORMIT handle to deliver inbox notifications.

3. End-to-End Encrypted Messaging (Private)

All direct WORMIT-to-WORMIT messages, mesh files, and attachments are strongly encrypted on your device using your recipient's public key before broadcast. Servers relay only the ciphertext (WORMIT_ENC[…]). We are technically incapable of reading your private messages or files.

4. WORM Spaces (Public by Design)

The WORM Spaces feature functions as a decentralized, public town square. Data handled here works fundamentally differently than private messaging:

• Public Broadcasting: Any text, image, or announcement you post to a standard WORM Space is broadcast to the GunDB mesh without end-to-end encryption. It is publicly visible to all network participants subscribed to that Space.
• Public Ledger (WMT Economy): When you Upvote, Downvote, or tip a post, the associated WMT (Wormit Token) token transfer is recorded on the public mesh ledger. This transaction is permanently linked to your WORMIT handle.

5. Vault Posts & P2P Media (Access-Controlled)

Within WORM Spaces, users can create Vault Posts for exclusive media.

• Local Hosting: The media file you attach to a Vault Post is not uploaded to the mesh or any server. It remains encrypted on your local device's storage. Only the post metadata is public.
• Peer-to-Peer (P2P) Delivery: When a user spends WMT to unlock your Vault, your device establishes a direct WebRTC connection with their device to transmit the file bytes securely.
• IP Address Implications: Because Vault and large file transfers rely on direct P2P connections, your public IP address may be exposed to the connected peer during the negotiation process (unless routed through a standard relay/TURN server).

6. Local-First Storage

Decrypted messages, contacts, wallet ledger, and profile data are cached entirely locally in your device storage (IndexedDB / LocalStorage) and never transmitted in plaintext.

7. Data Retention & Account Deletion

Because WORMIT is a decentralized mesh app, you hold the ultimate power over your data:

8. Third-Party Services

• SendGrid (Twilio) — relays outbound external emails. Privacy Policy →
• Railway — hosts the decentralized discovery nodes. Privacy Policy →
• GunDB — open-source, decentralized P2P database engine; no single entity controls it.

9. Children's Privacy

WORMIT is not directed to children under 13. We do not knowingly collect data from children under 13. Since no personal information is required to register, parental guidance is advised.

10. Changes to This Policy

We may update this policy periodically and will notify you via an in-app notice for significant changes. Continued use constitutes acceptance.

11. Contact

Questions, data requests, or account deletion: privacy@wormit.online