Last updated: March 2026
Zemzeme is built on a simple principle: your conversations are yours alone. We have no servers, no accounts, and no way to read your messages — by design.
Zemzeme collects zero data. There are no Zemzeme servers, no accounts, no registration, and no telemetry. We have no analytics pipeline, no crash reporters that phone home, and no third-party SDKs that track behaviour.
Messages, contacts, and cryptographic keys are stored exclusively on your device, encrypted with AES-256-GCM via Android Keystore. Only you hold the decryption key. If you delete the app or use the emergency wipe, the data is gone permanently.
Zemzeme requests Android location permissions (ACCESS_FINE_LOCATION / ACCESS_COARSE_LOCATION) solely because the Android operating system requires these permissions in order to scan for nearby Bluetooth Low Energy (BLE) devices and WiFi Direct peers. This is an Android platform requirement, not a product choice.
Zemzeme does not collect, store, use, or transmit your geographic location. Your GPS coordinates, approximate location, latitude, longitude, and any other location-derived data are never read by the app, never written to disk, and never sent over any transport (Bluetooth, WiFi Direct, libp2p, or Nostr). The location permission is used exclusively as a gate for the Android BLE/WiFi scanning APIs and for no other purpose. Because Zemzeme has no servers and no accounts, there is nowhere for location data to be sent even if it were accessed.
Bluetooth and WiFi Direct traffic stays entirely local — no data ever leaves your area network. P2P and Nostr relay traffic is end-to-end encrypted using the Noise Protocol (Curve25519 + ChaCha20-Poly1305). Relay operators see only ciphertext they cannot decrypt.
Zemzeme has no mandatory third-party dependencies. The optional Nostr relay layer uses public, open-protocol relays — you choose which relays your device connects to. Tor integration, when enabled, routes traffic through the Tor network which has its own privacy policy.
There is no username, password, phone number, or email address linked to Zemzeme. Your identity is a Curve25519 keypair generated locally on your device at first launch. No one, including us, can link that keypair to you.
Zemzeme is fully open source under the MIT License. Every privacy claim in this document can be verified by reading the code. We encourage independent audits.
If we ever update this policy, the new version will be published here with an updated date. Because we collect no data, no retroactive changes can affect you.
Questions about privacy? Open an issue on GitHub or reach us through the community channels listed on the About page.