Privacy Policy

Your circle stays yours.

This Privacy Policy explains how Circlus handles information in the Circlus web and Android apps. Circlus is developed and published by Anton Bormisov, Circlus project maintainer. Circlus is designed for private, self-hosted communication: your messages, calls, files, contacts, and keys are controlled by you and by the server you choose.

Effective date: May 26, 2026

Who This Policy Covers

This policy applies to the Circlus application and the Circlus landing website. Anton Bormisov is responsible for the Circlus-operated services described in this policy.

If you use Circlus with a self-hosted server, the person or organization operating that server is separately responsible for information processed on that server and for its logging, hosting, backup, retention, and deletion practices.

Circlus-operated supporting services may include push notification relay, TURN relay for calls, test circles, and setup support. This policy describes the limited information those services may process.

Information You Provide

Depending on how you use Circlus, you may provide:

  • Account and profile information, such as your display name, device label, avatar, circle membership, and in-app contacts.
  • Messages, files, call history, and group data that you choose to create or exchange inside a circle.
  • Support or contact information if you contact us directly or request help with setup, hosting, billing, or troubleshooting.

Circlus does not request access to your device address book or location.

End-to-End Encrypted Content

Circlus is built so message content, shared files, identity vaults, and key material are end-to-end encrypted where the app design requires it. A Circlus server stores and relays encrypted data, but should not be able to read the private content protected by end-to-end encryption.

Calls use WebRTC. Call media is exchanged between participants when possible, or relayed through a TURN server when direct connectivity is not possible. TURN relays route encrypted media packets and do not need to understand call content.

Technical and Routing Data

To operate the app, Circlus servers and optional relay services may process technical data such as:

  • IP addresses, request times, server logs, device identifiers generated by Circlus, and authentication signatures.
  • Message, file, group, device, and call metadata needed for delivery, synchronization, abuse prevention, quotas, diagnostics, and security.
  • Push notification endpoints, Firebase Cloud Messaging tokens, public notification encryption keys, and delivery status information when notifications are enabled.

Self-hosted server operators can configure their own logging, retention, backup, and infrastructure policies.

Android Permissions

The Android app may request permissions only when needed for app features:

  • Camera and microphone are used for voice and video calls.
  • Notifications are used for incoming calls, messages, and service status.
  • Internet access is required to connect to your Circlus server and relay services.
  • Shared files are accessed only when you choose to send or open them through the app.

The app does not use these permissions for advertising or cross-app tracking.

Sharing and Third-Party Services

Circlus does not sell personal data. Information is shared only as needed to operate features you enable, provide infrastructure, comply with legal obligations, or protect the service and its users.

Android push notifications use Google Firebase Cloud Messaging. When notifications are enabled, push notification endpoints, Firebase Cloud Messaging tokens, public notification encryption keys, and technical delivery data may be transmitted to Google Firebase Cloud Messaging and the Circlus-operated push relay for notification delivery. Your encrypted Circlus message content is not sent to Firebase as readable message content.

Calls may use a TURN relay provider when a direct connection cannot be established. The relay processes network addresses and encrypted call media packets needed to route the call, but does not need to read call media content.

Self-hosted deployments may use hosting, database, email, backup, monitoring, DNS, certificate, or TURN providers chosen by the server operator. Their privacy practices are controlled by that operator and by the providers they select.

How Information Is Used

We use information to provide and secure Circlus, deliver messages and calls, synchronize devices, route push notifications, prevent abuse, debug problems, maintain reliability, respond to support requests, and comply with legal obligations.

We do not sell personal data. We do not use Circlus content for advertising profiles.

Retention and Deletion

For self-hosted circles, retention depends on the server configuration and the decisions of the server operator. Encrypted messages, files, call records, device registrations, backups, and logs may remain on that server until deleted by users, administrators, retention settings, or maintenance jobs.

For optional Circlus-operated services, we keep operational records only as long as reasonably needed for service delivery, security, diagnostics, billing, legal compliance, and dispute handling.

If you have a Circle profile, you can request deletion of your server-side Circle data from within the app. The steps, the categories deleted, and information that may remain are described on the Circlus Data Deletion Request page.

Your Choices

You can disable notifications, deny camera or microphone permissions, remove devices, delete local app data, leave a circle, delete messages or files where supported, or ask the relevant server operator to export or delete data they control.

If you use a self-hosted server, contact that server operator for requests about data stored on that server.

Children

Circlus is intended to be used by families, trusted groups, and professional teams with appropriate supervision and consent. The app is not directed to children without involvement from a parent, guardian, or responsible circle administrator.

Security

Circlus uses encryption, device authentication, signed requests, scoped links, and server-side access controls to protect private circles. No system can guarantee absolute security, especially when a self-hosted server or user device is misconfigured, compromised, or operated by someone else.

Changes

We may update this policy as Circlus evolves. When we make material changes, we will update the effective date and publish the revised policy at this page.

Contact

Developer and publisher: Anton Bormisov, Circlus project maintainer.

For privacy questions about the Circlus app or Circlus-operated services, contact privacy@circlus.org.

For requests to delete your Circle profile data, follow the instructions on the Circlus Data Deletion Request page. For data stored on a self-hosted Circlus server that is unavailable through the app, contact the operator of that server.