Privacy that depends on a host's goodwill is not privacy. Ours depends on holding almost no data and operating where the law provides real friction.
Where we operate
Our privacy-tier locations — the Netherlands, Switzerland, Romania, Iceland, Moldova and Luxembourg — are chosen for strong legal protection of hosted data and a high bar for compelled disclosure.
Takedown requests
DMCA notices
The US DMCA has no force over content lawfully hosted in our privacy-tier jurisdictions. We do not action DMCA notices against such content.
Private complaints
Unverified complaints, brand-protection fishing and private pressure are not grounds for us to touch a customer's service.
Valid legal orders
A binding order from a competent authority with jurisdiction over us is honoured — narrowly, and only as compelled.
The hard line
CSAM and active attacks on third parties are handled immediately regardless of any of the above.
What we can disclose
When we are legally compelled, we can only ever produce what we actually hold. By design that is close to nothing:
- No government ID, real name, phone or address — we never collected them.
- No traffic logs, no content, no activity records to surrender.
- No card or bank data — payments never touch a traditional rail.
- At most, an account email (which may be a throwaway) and a record that a balance was funded in crypto.
We cannot be forced to hand over data we do not keep. Minimising what we hold is the entire strategy.
Law-enforcement contact
Legitimate, properly-scoped legal requests from a competent authority can be sent to [email protected]. We review each for validity and jurisdiction, respond only to what is binding, and narrow the scope wherever the law allows.
Transparency
We aim to notify affected customers of requests concerning them wherever we are legally permitted to do so, so they can seek their own counsel.