Germ Privacy Policy

We built Germ because privacy and consent are as important to us as they are to you.

  • Germ is not built on email addresses or phone numbers. You create your own Germ card that you share with people you want to contact you.

  • There are many sides of you. You can create different identity cards that you share based on what you want to share.

  • Our platform is built on end to end encryption. That means we do not and cannot see your cards or your messages. You can learn more about our encryption in our FAQ.

  • With freedoms come accountability. If you use our platform to harm others, they can report you to us.

Germ is designed to minimize the data that you create and that we collect or access from your usage. We do not have accounts, collect phone numbers or email addresses, see your messages or cards, record your message history and we Do Not and Will Not Sell Your Data.

We collect limited information from your device in order to make the messaging service (“Germ” “the service” or the “Germ App”) work.

You can start using Germ either by downloading the app, or interacting with a card from a Germ user who is inviting you to communicate with them. If you do not already have the Germ app, interacting with their card will prompt you to launch the Germ app clip. The process in each case is the same.

  • The app generates a new signing key, and registers it with Germ’s servers. This key is used to authenticate uploads of encrypted cards, request addresses from the backend, and retrieve messages delivered to those addresses. If you have not downloaded the Germ app, when you interact with a user’s QR code, a version of the app runs on your phone.

  • We register your device with a push notification address (PNA) so that it can receive messages at all times and not just when you are using the app. We also collect information such as the version of the app that you are running on your device.

  • Encrypted Cards are stored on Germ’s servers so that people you share them with, can retrieve them and send messages to you while you are offline. Germ cannot access these cards because they are encrypted with a key you do not share with Germ. Germ uses Cloudflare as its Service Provider to host its servers, and Cloudflare is contractually required to protect your data under its Privacy Policy. When making new connections, Cards are linked to the device that uploaded the card using the signing key (so that Germ can connect reported Cards back to the originating device). Cards may include any information you choose to include on your card

  • Encrypted messages may be stored on Germ’s servers for up to 30 days on behalf of recipients that are not available to receive messages, and then are deleted.

Germ app users may report users they interact with through our services for violating our policies.

You can delete a card at any time. When you delete a card all conversations linked to that card will be deleted off the device and users cannot contact you using that card. Users who you have conversed with using the card will retain any messages you sent them.

You can delete the Germ app at any time. When you delete the app you delete the cards and messages saved on your phone, and the registration key that allows you retrieve encrypted messages people have sent you, from Germ. .

Germ uses the data that we collect to operate the service, to protect individuals and Germ from harmful activity on our platform, and to comply with applicable laws.

We do not sell your data and we don’t collect or see data except as described. We may share data as required by law, to enforce our terms of service, to detect, prevent, or otherwise address fraud, security, or safety issues and to protect against harm to the rights, property, or safety of Germ, our users, or the public.

We value your consent. This policy reflects how Germ works now. It may change as we introduce new features or if our business ownership or operational structure changes. If any change negatively impacts your rights we will try to notify you so you can choose to continue or not continue to use the service.

If you have any questions about this policy or how we can improve (or just want to chat about privacy), please contact us at privacy@germ.network.

September 20, 2023