Privacy Policy
Last update
12 September, 2022
Terms of Service
By registering an account with JabberX and any of its associated global domains, you agree to the following terms.
- You may not use JabberX or any of its and its global domains to conduct illegal activity according to the laws of the European Union. Common illegal activities may include spam, fraud and distribution of malware.
- You may not mass register accounts or use automated scripts to bypass captcha.
- You agree that you are aware that the following, possibly identifying information is stored; hashed passwords, mod_offline messages, mod_mam archives, vcards and rosters. We do NOT store user’s IP addresses.
                        - a. The only exception is when debug logs are temporarily enabled to troubleshoot an issue with the server. After the logging is disabled, the log file is wiped.
 
- You agree that there is no guarantee of the services JabberX or any of its domains provide. You agree to not hold us responsible for service outages and or degradation of service.
- You agree that we reserve the right to terminate an account in non-compliance of our TOS/AUP.
- You agree that we reserve the right to update our policies without prior notification. (Timestamps of the last update will always be provided).
Privacy Policy
1. General Data Collection
We do not, and do not want, to gather or store information about you, log your conversations, or engage in any other behavior that would compromise your privacy and security in any way.
However, certain services provided by us, especially the XMPP/Jabber services, need to store information that allows us to operate our services, e.g. we need to store passwords so that you can logon to our services.
We do not automatically gather any personal information like your name or address. The only exceptions are information that you may voluntarily submit.
1.1 Basic Account Data
JabberX operates using the least amount of personal information as possible. In order to successfully operate our XMPP servers, the only "user data" that we need to store is a username and password. We have no record of phone numbers. We do not require your screen name to be your real name, nor will we ever ask for your name.
1.2 Your Email Address
Your email address is not required for registration. Entering your email address during registration will allow you to change or reset your password if you ever forget it. If you do not have a registered email address, you will never be able to reset your account password.
2. Stored Data
The following information is stored by our servers:
- - Jabber ID (JID) – your username and domain (e.g. user@jabberx.com)
- - Jabber and Transport passwords (Jabber passwords are stored as hashed SCRAM-SHA-1.
- - Roster (your contact list)
2.1 Offline Message Buffer and Chat History
Our XMPP servers do not store any chat history. A small buffer is maintained when messages are sent to offline users. This buffer is automatically deleted after 7 days. Once the user reads the messages in their queue, the messages are removed from our servers.
We have absolutely no storge of historical messages or logs of any kind.
2.2 Message Archive
The JabberX servers do NOT keep an archive of your chat logs. Unfortunately, this means that your messages will not synchronize to multiple devices. We realize this may be inconvenient but we do not believe in sacrificing security for convenience.
2.3 Message Retention
With the exception of offline buffer messages, user chat messages are never retained for any period of time. Offline buffer messages are automatically purged once they are received by the recipient, or automatically after 7 days.
2.4 Files Uploads
- Every file you share with a contact or a group conference will be uploaded and stored for later retrieval by the recipients.
- Files you upload in unencrypted group chats are accessible via the web server: they are only "protected" by a long, automatically generated web address. Anyone who has the link can download the file
- All uploads are automatically deleted after 14 days.
3. Data Not being Stored
JabberX does not store the following:
- IP addresses : Our XMPP/Jabber services do not log user connection details or IP address information of any kind. As the only exception, we log IP addresses from failed login attempts in order to protect from brute force attacks.
 Also we reserve the right to block specific IP addresses as well as whole IP address ranges that threaten the security or continuity of our services.
- Any connection and/or duration times.
- Conversation logs
4. Data Security and Data Encryption
- All cloud servers operate within either a SOC2 or ISO 27001 certified data centers.
- All stored data is encrypted, with the server encryption keys residing in other data centers in different jurisdictions, providing safeguards from being accessed by local law enforcement.
- Only TLS 1.2 or greater is permitted for the connection from your Jabber client to any of our jabber servers, as well as for communication between our servers and any other external Jabber servers.
5. Your Rights
5.1 Liability
The service provider provides the services without any promise of performance. Service availability is not guaranteed. It is not promised that a service rendered can be used for any purpose.
The user bears the damage caused by the fact that a service is not or was not available, does not meet their expectations or data is lost. The user is aware of the risk that it is possible, for example due to computer break-ins, that data stored about him could accidentally get into the hands of third parties. The service provider assumes no liability for this, insofar as he is not responsible for this through gross negligence.
The service provider acts with the service as an intermediary of messages both in the form of instant messages and in the form of published web content. The legal responsibility for these messages lies exclusively with the sender of the same.
If published messages, i.e. in particular content intended for publication on the web, do not comply with the applicable laws of the Federal Republic of Germany, or any other European Nation, they will be removed from the service immediately after a corresponding notification if the legal violation is recognizable as soon as this is the case the service provider is possible due to the real circumstances.
The Service may contain links to other resources and such resources may be transmitted through the Service. Despite careful content control, no liability is assumed for the content of external sources. The operators of the linked pages are solely responsible for their content.
The service provider is not liable for intentional or grossly negligent damage caused by its vicarious agents.
5.2 Your Rights and GDPR
Under applicable data protection legislation, in certain circumstances, you have rights concerning your personal data. You have a right to:
- request a copy of all your personal data that we store and to transmit that copy to another data controller;
- delete or amend your personal data;
- restrict, or object to, the processing of your personal data;
- correct any inaccurate or incomplete personal data we hold on you; and
- lodge a complaint with national data protection authorities regarding our processing of your personal data.
Unfortunately, none of that matters because we do not store any personal information.
                    
**We can't give you or change what we don't have.**
6. Termination of Service / Account Deletion
The user can delete their user account at any time using a corresponding chat program (client). It is the user's responsibility to terminate all further service registrations (e.g. transports) made via the user account beforehand.
After the end of use of the service (e.g., account deletion) the user address is released again immediately and can be used by another user. If the new user of an address uses services that were registered by the old user but were not canceled by the old user when the user account was deleted, the service provider assumes no liability for any damage caused as a result.
7. Law Enforcement Requests
JabberX operates in countries that have data retention laws. It would be illegal for us to retain data longer then directly necessary for running this service.
It is possible that a public court can order us to cooperate with law enforcement agencies to help with a criminal investigation. Such an order is only possible if the supposed criminal offense is punishable by at least a year in prison.
Cooperation means that we would be legally forced to cooperate with law enforcement and provide any and all information related to a specific account, which means handing over any stored data.
JabberX, by design, does not store any data making any and all law enforcement requests completely worthless.
Our XMPP services is free to use for all. We keep no logs, all content is owned by and is the responsibility of the uploader. Send any questions to info at jabber.tw.