Privacy Policy

Last Updated: January 21, 2026

Privacy is a basic human right.

Summary

Vector is a privacy-first messenger built on decentralized technology. Unlike traditional messaging applications, Vector operates without central servers. Here is what makes Vector different:

No Central Servers: Vector uses a community-based Relay System with no central authority. The community owns the network.
No User Accounts: Vector does not require registration, phone numbers, email addresses, or any personal identifiers to use the service.
End-to-End Encryption: All messages are encrypted on your device before transmission. Only you and your intended recipients can read your messages.
Local Data Storage: Your messages, contacts, and profile information are stored on the user's device as well as accessible through a decentralized relay network by the sender and recipient.
Open Protocols: Vector is built on Nostr and peer-to-peer (P2P) protocols, ensuring transparency and interoperability.

1. Introduction

Vector Privacy Messenger ("Vector," "we," "our," or "the Application") is a decentralized messaging application designed with privacy as its foundational principle. This Privacy Policy explains how Vector handles information when you use our application.

Vector is fundamentally different from traditional messaging services. We have designed our application so that we cannot access your messages, your contacts, or your personal information. This is not merely a policy choice—it is an architectural reality. The decentralized nature of Vector means there is no central server that stores or processes your data.

By using Vector, you agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use Vector.

2. Our Decentralized Architecture

2.1 No Central Servers

Vector operates on a fully decentralized model. Unlike conventional messaging applications that route all communications through company-controlled servers, Vector utilizes:

Community-Based Relay System: Messages are transmitted through community-operated relays. No single entity controls the network.
Nostr Protocol: Vector is built on the Nostr protocol, an open standard for decentralized communication that does not rely on any central server or company.
Peer-to-Peer Communication: Where possible, Vector establishes direct peer-to-peer connections between users, further reducing reliance on any intermediary.

2.2 Community Ownership

The relay network that supports Vector is owned and operated by the community. This means:

Any individual or organization can operate a relay
Users choose which relays to connect to
No central authority can censor, monitor, or shut down the network
The network remains operational as long as community members continue to operate relays

3. Information We Do Not Collect

Because of Vector's decentralized architecture, we do not have the technical capability to collect:

Message Content: All messages are end-to-end encrypted. We cannot read, access, or store the content of your messages.
Contact Lists: Your contacts are stored locally on your device. We have no access to who you communicate with.
Phone Numbers or Email Addresses: Vector does not require any personal identifiers to create an account or use the service.
Location Data: Vector does not access or transmit your location information.
Usage Analytics: We do not collect analytics, telemetry, or usage data from the application.
IP Addresses: Vector does not log or store IP addresses on any central server (because no central server exists).
Metadata: We do not collect metadata about your communications, including who you talk to, when, or how often.

4. Information Stored on Your Device

4.1 Local Data

Vector stores the following information locally on your device:

Your Cryptographic Keys: Your public and private key pair, which forms your identity on the network, is generated and stored exclusively on your device.
Messages: Sent and received messages are stored in an encrypted database on your device.
Contacts: Information about your contacts is stored locally.
Application Settings: Your preferences and configuration settings.
Media and Files: Any media or files you send or receive.

4.2 Your Responsibility

Because personal data is stored locally on your device:

You are responsible for backing up your data. If you lose your device or uninstall the application without backing up, your data cannot be recovered.
You are responsible for securing your device. Anyone with access to your unlocked device may be able to access your messages.
You control your data. You can delete your local data at any time by uninstalling the application or clearing its data.

4.3 Data Portability

You may export your data from Vector at any time. Your cryptographic keys can be backed up and restored to a new device, allowing you to maintain your identity across devices.

5. Information Transmitted Through the Network

5.1 End-to-End Encryption

All messages transmitted through Vector are end-to-end encrypted. This means:

Messages are encrypted on your device before being sent
Only the intended recipient can decrypt and read the message
Relay operators cannot read message content
Even if a relay is compromised, message content remains protected

5.2 Relay Servers

When you send a message, it passes through one or more relay servers. These relays:

Are community-operated: Relays are run by independent community members, not by Vector.
Cannot read your messages: Due to end-to-end encryption, relay operators cannot access message content.
May temporarily store encrypted messages: Relays may temporarily store encrypted messages for delivery to offline recipients. This storage may be temporary and the content remains encrypted.
May log connection information: Individual relay operators may log IP addresses or connection times according to their own policies. You can choose which relays to use based on their privacy practices.

5.3 Choosing Relays

You have full control over which relays you connect to. You can:

Use default community relays
Add custom relays
Remove relays you do not trust
Run your own relay

We recommend reviewing the privacy practices of any relay you choose to use.

6. Information We May Receive

6.1 Support Communications

If you contact us for support, we may receive:

Your email address or other contact information you provide
The content of your support request
Any attachments you send

We use this information solely to respond to your inquiry and will not share it with third parties.

7. Third-Party Services

7.1 No Third-Party Analytics

Vector does not integrate any third-party analytics, advertising, or tracking services.

7.2 App Store Providers

When you download Vector from an app store (such as the Microsoft Store, Apple App Store, or Google Play Store), the app store provider may collect information according to their own privacy policies. We do not have access to this information.

7.3 External Links

Vector may contain links to external websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

8. Data Security

8.1 Encryption

Vector employs industry-standard encryption to protect your data:

End-to-End Encryption: All messages are encrypted using proven cryptographic protocols.
Local Encryption: Data stored on your device may be encrypted depending on your device settings and configuration.
Transport Security: Connections to relays use encrypted transport protocols.

8.2 Key Management

Your cryptographic keys are the foundation of your security in Vector:

Keys are generated locally on your device
Private keys never leave your device unless you explicitly export them
You are responsible for protecting your private key backup

8.3 Open Source

Vector's cryptographic implementations are open source and available for public audit. We believe transparency is essential to trustworthy security.

9. Children's Privacy

Vector is not directed at children under the age of 16, and we do not support, encourage, or condone the use of Vector by anyone under this age. It is recommended users should be at least 16 years old to use Vector.

Due to Vector's privacy-first architecture, we do not collect any personal information from any users—including age verification data. This means we have no technical means to identify, verify, or specifically address data from minors. Vector cannot determine or monitor the age of its users.

By using Vector, you represent and warrant that you are at least 16 years of age. If you are under 16, you are prohibited from using Vector and should discontinue use immediately.

Parental Guidance: If you believe a child under 16 is using Vector in a manner that concerns you, please contact their parents or legal guardians directly. Due to Vector's decentralized, privacy-preserving design, we have no authority, access, or ability to act as an intermediary, monitor user activity, or terminate accounts based on age.

Note for Parents/Guardians: We encourage parents and guardians to monitor their children's online activity and educate them about safe internet practices. Vector's privacy features are designed to protect all users, but they also mean we cannot assist in parental supervision.

10. International Users

Vector is available worldwide. Because Vector does not collect or store personal data on central servers, there is no "transfer" of your data to any particular jurisdiction. Your data remains on your device and is transmitted through the decentralized relay network.

Relay operators in various jurisdictions may be subject to local laws. You can choose which relays to connect to based on their location and applicable legal framework.

11. Legal Disclosure

11.1 Our Limitations

Because Vector does not collect or store user data on central servers, we have extremely limited ability to respond to legal requests for user information. We cannot provide:

Message content (we don't have it)
Contact lists (we don't have them)
User identification information (we don't collect it)
Communication metadata (we don't log it)

11.2 What We May Disclose

In response to valid legal process, we may disclose:

The fact that we cannot provide requested information due to our technical architecture

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

We will update the "Last Updated" date at the top of this policy
For significant changes, we will provide notice through the application or other means
Your continued use of Vector after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically.

13. Your Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information, such as access, correction, deletion, and portability.

Regarding Vector (the Application):

Data stored locally on your device is fully within your control. You have complete access to it, can modify it freely, can delete it by uninstalling the application or clearing its data, and can export it whenever you choose.

However, when you send messages, encrypted copies may also be stored on the relays you use. Uninstalling Vector or clearing local data does not delete data stored on relays. To request deletion of relay-stored data, you must contact the relay operator directly.

Regarding Relay Operators:

Vector connects to community-operated relays, each run by independent operators. If you have concerns about data handled by a specific relay—including deletion requests—you must contact that relay's operator directly. Relay operators are subject to the laws of their respective jurisdictions and maintain their own privacy practices.

Vector has no authority over relay operators and no means of assisting with data rights requests directed at them. We recommend reviewing the privacy practices of any relay you choose to use and selecting relays operated in jurisdictions whose legal frameworks you trust.

14. Contact Us

If you have questions about this Privacy Policy or Vector's privacy practices, please contact us:

Email: info@vectorapp.io

Website: vectorapp.io

We welcome feedback on how we can better protect your privacy.

15. Additional Information for Specific Jurisdictions

15.1 European Economic Area (EEA)

For users in the EEA, we note that Vector's architecture means:

No personal data is processed on central servers
You maintain full control of your data
There is no international transfer of your personal data by us

15.2 California Residents

Under the California Consumer Privacy Act (CCPA):

Vector does not sell personal information
Vector does not collect personal information for commercial purposes
You have the right to know what personal information is collected (in our case, none on central servers)

15.3 Brazil (LGPD)

For users in Brazil, Vector's decentralized architecture ensures:

No personal data is collected or processed by us
You maintain complete control over your data
Data protection is ensured through technical measures (encryption)

16. Open Source Commitment

Vector is committed to transparency and openness:

Our client applications are open source
Our cryptographic protocols are publicly documented
Security researchers are welcome to audit our code
We believe privacy requires verifiability

17. Disclaimer

Vector is provided "as is" without warranty of any kind. We do not guarantee the security of the relay network, as it is operated by independent community members. While we implement strong encryption, no system is perfectly secure. You use Vector at your own risk.