← Overview | Deutsch

Privacy Policy

JCH Messenger

1. Overview

We operate a messaging service based on the Matrix protocol. All messages are end-to-end encrypted. We have NO technical access to message content.

2. Data Controller

Joachim Christof Huben
c/o flexdienst – #11403
Kurt-Schumacher-Straße 76
67663 Kaiserslautern
Germany

Phone: +49 15679 698581
Email: mail@jch-technologies.de

3. Data Protection Officer

As a company with fewer than 20 employees regularly involved in automated processing of personal data, we are not required to appoint a Data Protection Officer pursuant to Art. 37 GDPR.

For data protection inquiries, please contact: mail@jch-technologies.de

4. Supervisory Authority

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia
Kavalleriestr. 2–4
40213 Düsseldorf, Germany

5. Data We Collect

• Username (chosen during registration)
• Email address (optional, for account recovery)
• Profile picture (optional, uploaded by user)
• Device IDs and encryption keys (for E2EE)
• IP address (temporarily in server logs, max. 7 days)

6. Data We Do NOT Collect

• Message content (end-to-end encrypted, technically unreadable)
• Contact lists / phone books
• Location data
• Usage profiles or tracking data

We use NO cookies, NO Google Analytics, NO Facebook Pixel.

7. Legal Basis

Your data is processed on the basis of Art. 6(1)(b) GDPR (performance of a contract) – data processing is necessary for the provision of the messaging service.

8. Retention Period

• Account data: until account deletion
• Media in direct messages: automatically deleted after delivery (max. 48h)
• Media in groups: 7 days
• Server logs (IP): max. 7 days

9. Your Rights (GDPR Art. 15–21)

• Right of access
• Right to rectification
• Right to erasure
• Right to restriction of processing
• Right to data portability
• Right to object
• Right to lodge a complaint with a supervisory authority

10. Data Transfer to Third Countries

• Server location: Hetzner Online GmbH, Germany
• NO data transfer to third countries (USA etc.)
• NO use of Google, Apple, Facebook or other US services for core functions
• Push notifications: via our own European server (ntfy)

11. Encryption

• All messages are end-to-end encrypted (Olm/Megolm)
• Transport encryption via TLS
• We CANNOT technically access message content

12. Hosting

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen, Germany
Data processing agreement pursuant to Art. 28 GDPR in place.

13. Camera Permission

The app uses the camera exclusively for scanning QR codes (adding contacts) and for taking photos/videos that the user voluntarily shares in chats. No camera data is stored or shared with third parties. The camera is only activated when the user explicitly initiates it.

14. Status Feed

• Posts in the status feed (text, images, videos) are end-to-end encrypted and only visible to the contacts you have shared them with – NOT readable on the server.
• For technical reasons, only metadata is visible on the server: sender, timestamp and the chosen expiry time of a post – required for the timely automatic deletion.
• Posts with an expiry time are automatically deleted at the chosen time, including their images and videos.
• Posts marked as “permanent” remain stored until you delete them yourself.

Last updated: March 2026 | Child Safety