Privacy Policy

Last updated: March 2026

Hosting Telecom LTD ("we", "us", "our") operates the HTCNet mobile application. This policy explains what information we collect, how we use it, and your rights under applicable data protection law including the UK General Data Protection Regulation (UK GDPR).

1. Information We Collect

Account information. When you register, we collect your username, password (stored as a cryptographic hash — we cannot read it), and an email address for two-factor authentication.

Messages. HTCNet uses end-to-end encryption. Message content, attachments, and call media are encrypted on your device before transmission. We cannot read or access the plaintext content of your messages or calls. Our server stores encrypted ciphertext only, for the purpose of message delivery.

Encryption keys. Your device generates and stores private encryption keys locally. Only public key material is uploaded to our server to enable the key exchange protocol.

Push notification tokens. We receive a device token from Apple Push Notification service (APNs) and a VoIP push token from Apple PushKit to deliver notifications and incoming calls. These tokens do not identify you personally and change periodically.

Technical data. Our server logs may record IP addresses, request timestamps, and basic connection metadata for security and abuse prevention. We do not log message content or call metadata beyond what is necessary for delivery.

2. Information We Do Not Collect

• We do not access your device contacts.
• We do not collect location data.
• We do not use analytics, advertising, or tracking frameworks.
• We do not sell, rent, or share your data with third parties for marketing.

3. Device Permissions

HTCNet may request the following device permissions. Each is used only for the stated purpose and can be revoked at any time in your device Settings.

• Notifications — to alert you of new messages and incoming calls.
• Microphone — for voice and video calls.
• Camera — for video calls and scanning QR codes during device-to-device chat transfer.
• Face ID / Touch ID — optional app lock, if you enable it. Biometric data is processed entirely on-device by Apple's Secure Enclave and is never sent to us.
• Photo Library (save only) — to save photos from chats to your library. We request write-only access; we do not read your photo library.
• Local Network — for direct peer-to-peer chat transfer between your devices on the same network.

4. How We Use Your Information

• To operate the messaging service: deliver messages, route calls, and synchronise encryption keys.
• To authenticate your identity and protect your account.
• To deliver push notifications.
• To maintain security and prevent abuse of our infrastructure.

5. Data Storage and Security

Messages are stored in encrypted form on our servers until delivered. After delivery, messages may be retained in encrypted form for a limited period to support multi-device delivery and offline recipients. We employ TLS for all data in transit, certificate pinning in the application, and encryption at rest on our servers.

Your private encryption keys, message history, and local data are stored on your device. If you delete the app, this local data is permanently removed.

6. Data Retention

We retain account information for as long as your account is active. Server-side encrypted message data is retained only until delivery or for a reasonable period to support delivery to offline devices, after which it is deleted. Server logs are retained for no longer than 90 days.

7. Your Rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your account and associated data.
• Object to or restrict processing of your data.
• Data portability — receive your data in a structured format.
• Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, contact us at the address below.

8. Children's Privacy

HTCNet is not intended for use by anyone under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal data, we will delete it promptly.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes through the application or by updating the date at the top of this page. Continued use of HTCNet after changes constitutes acceptance of the revised policy.

10. Contact Us

If you have questions about this policy or wish to exercise your data rights, contact:

Hosting Telecom LTD
United Kingdom
Email: privacy@hosting-telecom.uk