What only you and your friends can see

Your posts, photos, and boops are encrypted on your device before anything is uploaded. What lands on our servers is ciphertext: scrambled data we don't have the keys to. The keys live on your phone, not ours.

  • Posts and photos: readable only by the friends you sent them to.
  • Boops: same, and gone once they've been seen.
  • Your profile: encrypted the same way.
  • Your friend list: it never leaves your phone. It isn't stored on our servers at all, so not even we know who your friends are.

What we can see

We're not going to pretend it's magic. To deliver posts we keep some metadata: things like who posted at what time, and who pulled which post. That's the routing information that makes the app work. We can never see the content, even if someone hands us a subpoena; there's nothing on our side to decrypt.

We also keep crash logs and basic service metrics so the app stays up. That's the whole list.

What we don't do

  • No ads, ever.
  • No analytics on your content.
  • No selling or sharing your data.
  • No uploading your contacts, and no tracking you across other apps.

Even your notifications

Push notifications carry only a routing ID, never the message. Your phone composes the text ("Sarah sent you a boop") after it decrypts locally. Apple and Google pass the ping along but can't read what's inside it.

"Only you and your friends can see what you share." That isn't a promise to behave. It's how the app is built. We can't read your content because we never hold the keys. You can read more about the approach on our Security page.

Related
What happens if someone screenshots Your 24-word recovery phrase How boopr is built (Security)
Back to Help Center