Privacy Policy

Last Updated: 2025-11-13

Welcome to Mercury. Your privacy is not just a feature; it's the foundation of our application. This policy explains what information we handle and, more importantly, what we don't.

The Core Principle: We Don't Collect Your Data

Mercury is designed from the ground up to minimize data collection. All of your personal and sensitive information, including your identity, contacts, and message history, is stored exclusively on your own device. It is never uploaded to, stored on, or processed by our servers.

Information Stored on Your Device

• Cryptographic Identity: Your unique private key, which proves your identity, is generated and stored securely on your device.
• Contact List: Your list of contacts (their public IDs and chosen display names) is stored on your device.
• Message and Call History: All text messages, system messages, and call logs are stored in an encrypted database on your device.

The Role of the Signaling Server

To establish a direct peer-to-peer (P2P) connection between you and your contact, a temporary intermediary called a "signaling server" is required. Its role is strictly limited to helping your devices find each other on the internet.

What the Signaling Server Sees (Temporarily)

• Your Public ID: To let other users know you are online.
• Network Information (IP Address): This is necessary for the connection negotiation process (ICE) but is not logged or stored permanently.
• Encrypted Signaling Messages: Messages like "I want to connect to user X" are passed through the server but are not inspected. The server cannot read your actual chat messages or listen to your calls.

The signaling server does not store conversation content, call data, or contact lists. Once a direct P2P connection is established, the server is no longer involved in your communication, which flows directly and encrypted between you and your peer.

Third-Party Services

Mercury may use STUN/TURN servers to facilitate connections when users are behind restrictive firewalls. These services may see your IP address but have no access to the content of your communications, which remains end-to-end encrypted.

Data Deletion

Since all your data resides on your device, you have complete control. To permanently delete all your Mercury data, simply uninstall the application from your device or clear its application data through your device's system settings. See our guide on deleting your information for more details.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page. You are advised to review this Privacy Policy periodically for any changes.

Contact Us

If you have any questions about this Privacy Policy, you can contact us through the official Eillance website.