No phone number. No email. No name. No contacts. No location. No tracking. No advertising identifiers. No analytics SDKs. This is not a marketing line — it is how the system is built.
This Privacy Policy explains how the Offline messenger ("Offline", "the app", "we") handles information when you use the web app at offlineapp.org and the Offline applications for Android and iOS. By using Offline you agree to this policy.
Offline is operated by Offline LLC. Offline is an end-to-end encrypted messaging service. The service is designed around a single principle: the server cannot disclose what it never holds.
Offline is built so that the following are never collected or stored:
When you first open Offline, the app generates a cryptographic key pair directly on your device. This key pair is your account. There is no registration, no SMS verification, and no personal data attached to it.
Your private key never leaves your device unless you explicitly export it (for example, to sign in on another device). We never receive it, never store it, and cannot recover it for you.
To deliver messages, the server briefly processes:
Messages held for an offline recipient are queued only until delivery, then removed. Offline practices zero-retention of message content.
All messages, voice calls, and video calls are end-to-end encrypted. Encryption and decryption happen only on the devices of the participants. Offline uses well-established, open cryptographic primitives (ECDH P-256, AES-256-GCM, HKDF-SHA-256) and per-message ephemeral keys for forward secrecy.
Because of this design, Offline cannot read your messages, cannot provide message content to any third party, and cannot comply with a request to disclose content it does not possess.
Voice and video calls connect directly between participants (peer-to-peer) wherever possible, with encrypted media. When a direct connection is not possible, encrypted media is relayed through a TURN server which sees only ciphertext. Call content is never recorded.
The mobile apps request permissions only for features you actively use:
Permissions are requested at the moment the feature is first used, and you may decline or revoke them in your device settings at any time.
If you enable notifications, a push token is provided by Apple (APNs) or Google (FCM) so the app can be alerted to new activity. Push notification payloads do not contain message content. The token is associated only with your random account identifier.
Offline does not sell, rent, or trade any data. We do not share information with advertisers or data brokers. We have no advertising business. Limited technical infrastructure providers (server hosting, push delivery by Apple/Google) process only what is strictly required to operate the service.
Offline is not directed to children under 13 (or the minimum age of digital consent in your jurisdiction). We do not knowingly collect information from children.
Because Offline holds no personal data tied to your identity, there is no personal profile to access, correct, or export. You can delete your identity at any time directly in the app, which removes your keys from the device. Any queued, undelivered envelopes expire automatically.
We may update this Privacy Policy as the service evolves. Material changes will be reflected by the "Last updated" date above and, where appropriate, announced in the app.
Questions about this Privacy Policy can be directed to privacy@offlineapp.org.