← Back to home

Last Updated: December 1, 2025

Privacy Policy

Flash Protest is committed to data minimization and transparency. This policy explains what we collect, what we refuse to collect, and how we protect the limited data we hold.

Our Privacy Philosophy

Flash Protest is built to collect as little information as possible. Our systems are designed so we cannot access your private communications even if compelled to do so.

Information We Collect

Account information

  • Device tokens for push notifications (FCM for Android, APNs for iOS).
  • Public cryptographic keys for end-to-end encryption (P-256).
  • OAuth tokens you explicitly provide for streaming (stored client-side; YouTube/Facebook limited to pre-approved admins).

Location data

  • Hosts share precise coordinates; city/state are shown publicly.
  • Viewers can opt into notifications with precise coordinates or a ZIP code.
  • Notification radius preferences (default ~20 miles, configurable).

Location data is stored to power notifications and discovery, and can be cleared at any time.

Stream metadata

Stream URLs, protest categories, and aggregated viewer counts per stream.

Information We Do Not Collect

Data TypeCollected?Reason
Chat message contentNoEnd-to-end encrypted; we cannot read it.
Real names / emails / phone numbersNoNot required for service.
Location historyNoOnly the latest location is stored.
IP addressesLimitedStored briefly in security logs for rate limiting, then purged.
Chat participation history / social graphsNoEphemeral identities prevent tracking.

End-to-End Encryption

  • Messages are encrypted on your device with AES-256-GCM; keys are exchanged using Elliptic Curve Diffie-Hellman.
  • We never possess the decryption keys and cannot read or provide message content to anyone.
  • Even if servers are compromised, your messages remain encrypted.

Ephemeral Identities

Every chat room assigns a deterministic pseudonym (e.g., "ThunderingStallion42") scoped to that room. You get consistency without exposing identity; reputation follows the device UUID.

Third-Party Services

  • YouTube, Twitch, Facebook Live: Used for streaming; subject to their policies. OAuth tokens remain on your device.
  • Firebase Cloud Messaging / Apple Push Notification Service: Used for push notifications; we store the device token required to deliver alerts.

Data Retention

  • Device tokens: retained until you uninstall or revoke permissions.
  • Public keys: retained until you rotate keys or delete your account.
  • Stream metadata: retained for 30 days after a stream ends.
  • Chat messages: never retained (E2E encrypted).
  • Optional location data: stored until you clear or update it.

Your Rights

  1. Request access to the data we store about you.
  2. Request deletion of that data.
  3. Opt out of optional location services or notifications at any time.

Access these controls inside the app under “Privacy and User Data.”

Data Security

  • All traffic rides over TLS 1.3 plus a device-specific AES-256-GCM channel.
  • Secrets are managed with HashiCorp Vault; production runs in Romanian data centers.
  • We rely on per-UUID rate limits, cooldowns, and reputation gates to curb abuse.
  • The entire codebase is open source for community audit.

Children’s Privacy

Flash Protest is not intended for users under 18, and we do not knowingly collect data from minors.

International Users

The service targets the U.S. market, but infrastructure is hosted in Romania for privacy. EU/EEA users relying on F-Droid or source builds should note that data is stored in Romania and accessed from the U.S. only as needed for support. Our legal basis is legitimate interest with strict data minimization.

Website

The Flash Protest website does not use cookies or trackers. Embedded streams hosted on third-party platforms carry their own cookies and policies.

Changes to This Policy

We notify users of material changes in-app and update this page with the new “Last Updated” date.

Contact

Email contact@flashprotest.app or visit github.com/ to review the source code.

Open Source Transparency

Flash Protest is Apache 2.0 licensed. Audit the repository at github.com/ to verify how data is handled.