Last updated: June 2026
Draft, subject to change
Toskr is in early access. This Privacy Policy will be reviewed by counsel before public launch and may change.
This Privacy Policy describes how Toskr ("Toskr," "we," "us," or "our") collects, uses, stores, and discloses information about you when you use our website at toskr.io and associated hosted Matrix server infrastructure (collectively, the "Service").
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, do not use the Service.
Privacy is not an afterthought at Toskr, it is the reason we exist. We built this service for people and organizations who take communication privacy seriously. We will always be direct about what we can and cannot see, and why. No marketing language, no vague commitments.
When you create an account, we collect your name, email address, and a hashed version of your password. We do not store your password in plain text.
Payment processing is handled by Stripe. We do not store your full payment card details. We retain billing records including subscription status, payment history, and invoices as required for accounting and legal compliance.
We store configuration data related to your Matrix server, including its domain, plan, status, and settings you configure (such as federation preferences and registered user accounts). We may collect server-level metrics such as resource usage to ensure compliance with our Terms of Service and to maintain infrastructure health.
When you contact us via email, we retain those communications for support and legal purposes.
Messages, files, and other content transmitted through your Matrix server are stored on infrastructure we operate on your behalf. Here is exactly what that means in practice:
We do not scan, analyze, mine, or otherwise process your message content for advertising, profiling, product improvement, or any purpose beyond what is necessary to keep your server running. Your conversations are yours.
This section describes the Toskr Chat application, our first-party client for web, macOS, Windows, and (soon) mobile, as distinct from the hosted Matrix server it connects to.
Toskr Chat is a local-first client. To work quickly and reduce re-syncing, it stores the following in your device's local app or browser storage:
This on-device data does not leave your device except as encrypted traffic to your own homeserver. Signing out, clearing the app's storage, or uninstalling removes it.
When encryption is set up, the app generates a recovery key and shows it to you once. It is generated on your device; neither Toskr nor your homeserver operator ever receives it. It is the only way to restore your encrypted message history on a new device or after signing out. If you lose your recovery key and also lose access to all of your signed-in devices, your end-to-end encrypted messages cannot be recovered by anyone, including Toskr. Please store it somewhere safe.
The app itself collects nothing about you. It contains no analytics, advertising, telemetry, or tracking of any kind, and it sends no usage data and no message content to Toskr. It connects only to the homeserver you sign in to (for Toskr customers, your Toskr-hosted server) and, to display media and link previews, to the servers hosting that content. Anything your homeserver necessarily processes is described elsewhere in this policy.
Two things are visible to us at the server level simply because they are ordinary web requests, not information the app reports about you:
We keep these as aggregate operational logs. We do not link them to your account or your messages, and we never use them for advertising or profiling.
Toskr Chat is built on the open Matrix protocol using the official matrix-js-sdk. Your account and messages remain interoperable with other Matrix clients, such as Element.
We use the information we collect to:
We do not sell your personal data. We do not use your data for advertising or share it with third parties for their marketing purposes.
These are not legal qualifications, they are plain commitments we are making to you:
We may share your information with:
We do not sell, rent, or share your personal data with any third party for commercial purposes beyond what is necessary to operate the Service.
If you enable federation on your Matrix server, your server will exchange data, including user identifiers, room metadata, and message content, with other Matrix homeservers on the open Matrix network. This exchange occurs between your server and servers operated by independent third parties outside of our control.
We are not responsible for the privacy practices of third-party Matrix servers. You are responsible for understanding the privacy implications of federation and for ensuring your usage complies with applicable law, including laws governing cross-border data transfers.
We retain your account and server data for as long as your account is active or as needed to provide the Service.
Upon cancellation or termination of your account, your data, including all Matrix server content, messages, files, and user records, will be retained for up to 30 days before being permanently deleted. If you actively delete your account through the portal, your data will be deleted within 24 hours.
Billing records and financial data may be retained for longer periods where required by law or accounting standards.
We take reasonable technical and organizational measures to protect your information against unauthorized access, loss, or misuse. These include encrypted connections (TLS/HTTPS) for all data in transit, hashed password storage, and access controls on our infrastructure.
We strongly encourage all users to enable end-to-end encryption in their Matrix rooms wherever possible. E2EE is the most effective protection available: encrypted messages are mathematically opaque to us, to any future infrastructure provider, and to anyone who might make legal demands of us. Your server is yours, E2EE keeps your conversations that way.
No method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, and we are not liable for unauthorized access that is outside of our reasonable control.
The Service uses session cookies strictly necessary for authentication and to maintain your logged-in state. We do not use advertising cookies, third-party tracking pixels, or analytics services that profile your behavior across websites.
Depending on your location, you may have rights regarding your personal data, including the right to access, correct, delete, or export your data. To exercise any of these rights, contact us at support@toskr.io.
You may delete your account and associated data at any time through your account settings in the portal. Account deletion will trigger permanent deletion of your data within 24 hours.
The Service is intended for users who are at least 18 years of age. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected data from a minor, we will delete it promptly.
We may update this Privacy Policy from time to time. The current version is always posted on the Service. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.
For any questions or concerns regarding this Privacy Policy or your personal data, contact us at support@toskr.io.