Privacy Policy

Aion is a time-locked encrypted messaging service. We allow you to write a message today and have it sealed until a date you choose. When you use Aion, you are agreeing to this Privacy Policy.

References to "Aion", "we", "our", or "us" mean the operators of this service.

We collect only what is necessary to operate the service:

• Email address — collected via Google OAuth when you sign in. Used to identify your account and route messages addressed to you.
• Message metadata — the recipient's email address and the unlock date you set. This is stored in plaintext because it is required to deliver your message.
• Encrypted message content — your message is encrypted in your browser before it is transmitted to our servers. We store the encrypted bytes only. We are technically incapable of reading your message.
• Server logs — standard request logs including IP address, timestamp, and HTTP method, retained for up to 30 days for security and abuse prevention.

• Your message content — it is encrypted before it leaves your device.
• Passwords — we use Google OAuth; we never handle or store passwords.
• Payment information — Aion is currently free; no payment data is collected.
• Location data, device fingerprints, or behavioural tracking.

• To authenticate you and give you access to your messages.
• To store your sealed message and deliver it on the unlock date.
• To enforce message ownership — we verify your email before allowing download of a capsule addressed to you.
• To maintain service security and investigate abuse.

We do not use your data for advertising. We do not sell your data to anyone.

Aion is built around a core privacy principle: your message content should never be readable by anyone except the intended recipient on or after the unlock date.

To enforce this, we use end-to-end encryption:

• Your message is encrypted in your browser before it is sent to our servers.
• The encryption key is split across multiple independent servers using a threshold scheme. No single server — including ours — holds a complete key.
• In normal operation, servers will not cooperate to reconstruct the key before the unlock date. Early access requires collusion between a threshold of independent operators.
• Even in the event of a breach of our storage servers, your message content remains protected because the keys are held separately.

Google — we use Google OAuth for authentication. When you sign in with Google, you are subject to Google's Privacy Policy. We receive only your email address and an authentication token from Google. We do not receive or store your Google password.

Infrastructure — our servers are operated by cloud providers. These providers have access to encrypted message bytes only — they do not hold decryption keys and cannot read your messages.

We do not share your personal data with advertisers, data brokers, or any other third parties except as required by law.

• Your account data (email address) is retained while your account is active.
• Sealed messages are retained indefinitely until they are opened by the recipient. We may delete messages that remain unopened 2 years after their unlock date.
• Server logs are retained for 30 days, then deleted.

Depending on where you live, you may have rights under the GDPR (European Union), UK GDPR, CCPA (California), or similar laws. These include:

• Access — request a copy of the personal data we hold about you.
• Deletion — request deletion of your account and associated data.
• Correction — request correction of inaccurate data.
• Portability — receive your data in a machine-readable format.
• Objection — object to certain types of processing.

To exercise any of these rights, contact us via GitHub. We will respond within 30 days.

We do not use advertising or tracking cookies. We may set a minimal session indicator to keep you signed in during a browsing session. It contains no personal data and is cleared when you sign out or close your browser.

Aion is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has created an account, contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date at the top of this page. Continued use of Aion after changes take effect constitutes your acceptance of the revised policy.

For privacy questions, requests, or concerns, reach us via GitHub:

github.com/manaskaul