Privacy Policy

1. The Basics

We run a Nostr relay. By definition, a relay's job is to receive public messages (Events) and broadcast them to anyone who asks. If you send an event to this relay, you are making it public. We cannot "un-publish" data that has already been synced to other relays or clients.

2. Data We Collect

• Nostr Events: The JSON blobs you sign and send to us. We store these so other people can read them.
• Account Info: If you log in to our dashboard, we store your public key (npub) and display name to manage your whitelist status.
• Connection Logs: Our web server (Caddy) temporarily logs IP addresses for security and anti-abuse purposes (e.g., rate limiting).
• Admin Messages: If you submit an invite request or appeal, we store the text you wrote, your IP address, and your User Agent string to help us filter spam.

3. Cookies & Local Storage

We use a single session cookie (`next-auth.session-token`) to keep you logged in to the dashboard. That's it. No tracking pixels, no analytics scripts, no third-party ad networks spying on you.

4. Data Sharing

We do not sell your data. We do not share your private data (like IP logs) with third parties unless compelled by a valid legal order (and even then, we'll try to fight it if it's stupid).

However, remember that Nostr events are public data. We share them with every client that connects to this relay. That is the entire point of the protocol.

5. Your Rights

You can ask us to delete your account from our whitelist database. This will revoke your access to write to the relay.

You can send NIP-09 deletion events to remove your posts. Our relay respects these and will delete the referenced content from our database. However, we cannot delete content from other relays that may have already copied it.