Effective June 14, 2026
Aurora Messenger was built on one principle: your private conversations belong only to you and the person you are talking to. Aurora Messenger is free, permanently. There are no subscriptions, no advertisements, and no data selling of any kind. We have designed Aurora Messenger so that we are technically incapable of reading your messages. This is not merely a promise but an architectural guarantee. This Privacy Policy explains precisely what we collect, what we do not collect, and why.
Aurora Messenger does not collect any of the following:
Aurora Messenger collects only the minimum data necessary to operate the service.
When you install Aurora Messenger, your device generates a unique random identifier called a Node ID. This identifier is generated entirely on your device and stored only on your device. It contains no personal information and cannot be traced back to you by anyone, including us.
To help your phone locate the person you want to communicate with across the internet, Aurora Messenger's rendezvous server temporarily stores your Node ID alongside your current IP address. This record expires automatically after 15 minutes of inactivity. We do not log these records, we do not retain them beyond their expiry, and they exist solely for the purpose of helping two devices establish a direct connection. All such records are deleted automatically.
So that you receive messages and calls even when the app is closed, your device keeps a lightweight connection open to the rendezvous server. This connection lets the server wake your device when someone is trying to reach you. While the connection is open, the server can tell that your device is reachable, but it learns nothing else: it never sees your messages, your media, or who you are. The wake signal it passes along carries no content of any kind. It is only an instruction for your device to come online, after which the actual message travels directly from the sender's device to yours. We keep no logs of these connections or wake signals.
The information we handle is limited to your anonymous Node ID, a temporary record of your IP address, and a transient connection that tells the server only that your device is reachable. We store no messages, no media, no personal identity, no history, and no payment data, and we keep no logs.
Every message you send is encrypted on your device before it leaves. It travels directly to the recipient's device and is decrypted only upon arrival. Aurora Messenger's server is never in the path of your messages, not even as an encrypted relay.
Aurora Messenger uses post-quantum cryptography, including Kyber-1024 and XChaCha20-Poly1305 encryption standards. This protects your conversations not only against present-day threats but also against future quantum computing capabilities. Your messages are protected for the long term.
Aurora Messenger is not intended for children under the age of 13. We do not knowingly collect any data from children under 13. Users between the ages of 13 and 17 may use Aurora Messenger only with the knowledge and consent of a parent or legal guardian.
Aurora Messenger can serve as a safer communication tool for families. When a parent pairs Aurora Messenger with their child's device using the QR pairing system, the parent directly controls who the child may communicate with. There is no algorithm, no exposure to strangers, and no data harvesting of any kind.
If you believe a child under the age of 13 is using Aurora Messenger without parental consent, please contact us at christiancorrea26@gmail.com and we will take appropriate action promptly.
Aurora Messenger offers an optional feature called ShadowMesh. Users who choose to opt in allow their device to help relay encrypted message fragments for other Aurora Messenger users. You will never have access to the content of these messages, as they are encrypted end-to-end between the original sender and recipient. Your device functions as an anonymous relay node only.
All messages are encrypted end-to-end using post-quantum cryptography. Encryption keys are generated and stored exclusively on your device using Android's hardware-backed Keystore. Our server stores only anonymous, auto-expiring records. We maintain a strict zero-log policy on our rendezvous server.
We do not sell your data. We do not share your data with advertisers. We do not share your data with any third party for any commercial or non-commercial purpose. We have no data to share because we do not collect it.
In the event of a legal request or court order, we are only able to provide what exists in our system: anonymous Node IDs and temporarily cached IP addresses that expire automatically. We have no message content, no personal identities, and no communication history to provide to any party.
Because Aurora Messenger stores no personal data linked to your identity, most traditional data subject rights do not apply in the conventional sense. However, the following applies to all users:
We may update this Privacy Policy from time to time. We will notify you of any significant changes through the application. Continued use of Aurora Messenger following such changes constitutes your acceptance of the updated policy.
For privacy-related questions or concerns, please contact us at: christiancorrea26@gmail.com