Privacy Policy
Zero-Knowledge Architecture • Last Updated: January 14, 2026
1. Zero Logging Policy
IP Addresses
Tor network strips all IP headers. No IP logging possible or implemented at any layer.
Browser Fingerprinting
JavaScript minimized. No canvas fingerprinting, WebGL, or tracking pixels deployed.
Traffic Analysis
Connection timing attacks prevented through traffic padding and dummy requests.
2. Data Minimization
Kerberos collects only essential operational data, encrypted at rest with AES-256-GCM.
| Data Type | Stored | Encryption | Retention |
|---|---|---|---|
| Username | Hashed (Argon2id) | AES-256 | Account lifetime |
| PGP Key ID | Public fingerprint | At rest | Account lifetime |
| Transaction IDs | XMR tx hashes | AES-256 | 2 years |
| Shipping Info | PGP-encrypted | End-to-end | 90 days post-finalize |
3. Encryption Standards
- Communications: PGP RSA-4096 + Cataclysm v2.0 forward secrecy
- Database: AES-256-GCM with per-user keys derived from master seed
- Escrow: 3-of-5 Monero multisig contracts
- Backups: Sharded across 7 onion mirrors with threshold encryption
4. Third Party Access
Law Enforcement
No data available. Zero-knowledge storage.
Hosting Providers
Encrypted volumes. No plaintext access.
Payment Processors
XMR on-chain only. No KYC processors.
5. User Rights
- Account Deletion: PGP-signed deletion request processed within 24 hours
- Data Export: Encrypted export available via support ticket
- Objection Rights: All data processing consensual and revocable
- Complaint Process: PGP-encrypted dispute resolution system
6. Cookie Policy
No tracking cookies deployed. Essential session cookies only (24h TTL, encrypted).
7. Changes to Policy
Material changes PGP-signed and posted to all mirrors 30 days in advance. Continued use constitutes acceptance.
8. Contact
PGP-encrypted support tickets only. Response SLA: 24 hours. No clearnet email addresses published.