Privacy Policy

The Short Version

xNet is a local-first application. Your data lives on your devices, not our servers. We don't have access to your documents, files, or personal information unless you explicitly share it with us.

We collect minimal data to make the service work (like crash reports if you opt in), and we never sell your data. Ever.

How xNet is Different

Most apps store your data on their servers. xNet doesn't. Here's what that means for your privacy:

• Your data stays on your device — Documents, notes, and files are stored locally in your browser or app
• Peer-to-peer sync — When you sync between devices, data goes directly between them (via WebRTC), not through our servers
• Optional Hub relay — If you use a Hub for syncing, encrypted data passes through but we can't read it
• No account required — You can use xNet without creating an account or giving us your email

What We Collect

If You Use the App Without an Account

We collect essentially nothing. Your data lives entirely on your device. We don't track you, we don't know who you are, and we can't access your content.

If You Use the Hosted Hub (hub.xnet.fyi)

Our hosted Hub acts as a relay for peer-to-peer sync. When you connect:

• We see your IP address (necessary for network connections)
• We see encrypted sync messages pass through (but cannot read them)
• We log basic connection metadata for debugging (retained for 30 days)

We do not store your documents, files, or any content on our Hub servers.

If You Visit Our Website

For xnet.fyi, we use privacy-respecting analytics to understand how people find and use our documentation:

• Page views and referrers (no cookies, no personal data)
• General geographic region (country level, derived from IP)
• Browser and device type (for compatibility testing)

We don't use tracking cookies, fingerprinting, or any cross-site tracking.

If You Contact Us

If you email us or open a GitHub issue, we keep that correspondence to help you and improve the product. We won't add you to any marketing lists without your explicit consent.

What We Don't Do

• We don't sell your data — Never have, never will
• We don't show ads — xNet is open source and community-supported
• We don't track you across the web — No third-party trackers
• We don't read your content — We literally can't; it's encrypted and on your device
• We don't share your data with AI training — Your content is yours alone

Data Security

xNet uses strong cryptography throughout:

• Ed25519 for digital signatures
• XChaCha20-Poly1305 for encryption
• BLAKE3 for hashing
• TLS/SSL for all network connections

Your cryptographic identity (DID:key) is generated on your device and never leaves it. Only you have access to your private keys.

Self-Hosting

You can run your own Hub on your own infrastructure. When self-hosting:

• Your data never touches our servers
• You control all logs and retention
• You're responsible for your own security and backups

See our Hub setup guide for instructions.

Your Rights

Because xNet is local-first, you already have most data rights by default:

• Access — Your data is on your device; you have full access
• Portability — Export your data anytime from the app
• Deletion — Delete your data by removing the app or clearing browser storage
• Correction — Edit your data directly in the app

If you've used our hosted Hub and want us to delete any logs associated with your connection, contact us at privacy@xnet.fyi.

Children's Privacy

xNet is not directed at children under 13. We don't knowingly collect information from children. Since xNet doesn't require accounts or collect personal data, this is largely a non-issue.

Changes to This Policy

We may update this policy occasionally. When we do, we'll update the date at the top and post a notice on our website. For significant changes, we'll provide more prominent notice.

You can track all changes in our GitHub repository.

Contact Us

Questions about privacy? Reach out:

• Email: privacy@xnet.fyi
• GitHub: Open an issue