Privacy Policy

The short summary is, we do not and can not collect any information about you.

All user created content leaving your device (text messages, images, files, etc.) is end-to-end encrypted so only your intended recipient can read them, not Numbers Station Inc. or anyone else. In addition, your username(s) are hashed (if not using the anonymous Sign in with Apple option where we know nothing at all) such that we do not know the username that you typed in that is tied to each Numbers Station address. Our usernames are NOT tied to an email address, phone number or any other identifiable piece of information.  You can use any username you want provided that it is not already taken.

The public IP addresses of the devices running our app may be temporarily retained by our backend server service provider (Firebase) for up to a few weeks but are not logged or accessed by Numbers Station. You may optionally use a VPN service with our app to remove even the potential of IP address association with a Numbers Station address.

Unlike other messaging apps, our app does *NOT* have access to your location data, contacts, microphone, social media accounts & contacts, calendar, etc. There are no surprises with our app and this can be confirmed by checking what our app has access to under Settings -> Numbers Station.  Our app requests camera access the first time QR code scanning is requested by the user for transfering OTP material but camera access can be disabled if not actively scanning a QR code.

Username / Password based Sign In

The username you type on your device is hashed with SHA512 so that even we do not know what it is.  For example, if you use "test8" as your username, it is hashed on your device and @numbersstation.app is added to it so your username that is sent to our server becomes:

"nyys+u38g4gcrvaxvq/ptcqfdr1iipslwzxxwcbzgwbhopygqki8oclofj4pghvuztbpmmjbww/04jvig2a3sa==@numbersstation.app"

Your password is also hashed using a modified version of scrypt.

Sign in with Apple based Sign In

The user authenticates directly with Apple using their Apple ID of choice and *NO* details of the Apple ID are shared with us, not the email address nor the name associated with the Apple ID.  Our app specifically does not request any such details when making the sign in request, which is why you do not see these details presented at the sign in request.  Apple then returns a random string of digits to our servers that confirms the user has authenticated and that is unique to this user, so each time you sign in we can tie it back to the same Numbers Station address/account.  Apple does not have access to your Numbers Station address/account details.

Firebase

Like other messaging services, we use external companies for our back end cloud computing/server requirements.  Our provider of choice is Firebase and they provide us with an extremelly well supported and secured environment to transfer end-to-end encrypted messages and files between the app instances running on our users' devices. Due to our use of end-to-end encryption, no messages or images, videos, files, etc. are ever readable by anyone but your intended recipient, not even by Firebase or Numbers Station. Due to our app's anonymous sign-in process, neither company has access to any personally identifiable information (PII) either.

Our app uses the following Firebase products:

Authentication: used to handle username/password sign in, as well as part of the Sign in with Apple authentication flow. IP addresses used to sign in may be retained by Firebase (but not Numbers Station) for a few weeks. See section above on usernames/passwords, neither is stored in a format that allows Firebase or Numbers Station to readily determine the original value.

Firestore: a database where end-to-end encrypted messages are temporarily stored until they are deleted either due to expiring or being downloaded by the recipient, whichever comes first. IP addresses used to connect to Firestore may be retained by Firebase (but not Numbers Station) for a few days.

Cloud Storage: storage where end-to-end encrypted images, video, files, etc. are temporarily stored until they are deleted either due to expiring or being downloaded by the recipient, whichever comes first.  IP addresses used to connect to Cloud Storage may be retained by Firebase (but not Numbers Station) for a few days.

App Check: a service that uses Apple's App Attest APIs to verify that our app has not been modified.  Attestation material does not contain any user identifiable information or content and is not retained.

Note that we do *NOT* use other Firebase products such as Firebase Analytics, Crashlytics, Performance Monitoring, etc. in our product to ensure that no data ever leaves the app without being end-to-end encrypted and without direct user intent.