March 6, 2018
Threema GmbH (hereafter «Threema») was founded on the premise of bulletproof data protection. It is our primary goal to store only the absolute minimum of information for the shortest possible time («Privacy by Design»). In addition to using state-of-the-art encryption methods, we take all necessary technical and organizational measures to prevent unauthorized data access and misuse. The processing and protection of data is carried out in accordance with applicable legal regulations and EU Regulation 2016/679 (GDPR).
1. General Information
The Threema app (hereinafter referred to as "Threema") was developed in order to leave as little metadata as possible on a central server. It is therefore not absolutely necessary to indicate personal data to use the app. The identification of a subscriber takes place exclusively via an 8-digit ID and a key pair created by the user himself. Groups are only managed on the participating devices.
2. Purpose of Data Processing
Threema processes data to enable the transmission of short messages and media to other subscribers. The processed data is processed exclusively by Threema on its own server infrastructure in Switzerland and is not passed on to third parties.
3. Scope and Duration of Data Processing
A. Inventory Data
In the context of the use of Threema, the following inventory data are collected and stored:
- Threema ID
- Public key
- Operating system and version of the Threema Work-App
- Date (without time) of creation of the Threema ID
- Date (without time) of the last login
The following information is optional and can be provided by the user voluntarily in order to make it easier to be found by other Threema users:
- Mobile phone number
- E-mail address (one-way encrypted)
When exchanging messages, only the following information is passed on to other participants:
- Threema ID
- Public key
The information will not be passed on to third parties.
All data will only be stored until deleted by the user. Once the information is deleted, it cannot be restored.
B. Message Contents
Threema encrypts all messages, including control messages, using a highly secure end-to-end encryption method.
Header information of messages (sender, recipient etc.) is protected by an additional encryption layer for transmission to the server, and from the server to the recipient, to prevent eavesdropping by third parties (e.g. in open wireless LANs).
Threema GmbH as the operator of the Threema servers has no possibility to decrypt messages of Threema users because it does not have knowledge of their private keys.
Encrypted messages and media (images, videos, files, etc.) are completely deleted on the servers as soon as they have been successfully delivered. If the messages and media are not or not completely fetched, they will be automatically and irretrievably deleted from the server after two weeks.
C. Address Book Data
At the express request of the user, email addresses and phone numbers from the user's address book can be synchronized. This data is transmitted to the servers in one-way encrypted ("hashed") from enabled and additionally protected using SSL. The servers only keep these hashes in volatile memory for a short time to determine the list of matching IDs, and then delete the hashes immediately. At no point are the hashes or the results of the synchronization written to a data carrier.
4. Data Processed by Third Parties
A. Crash Notifications
In order to improve the stability and reliability of the app, Threema relies on anonymous crash reports.
Android: If the user voluntarily and explicitly consents to the general transmission of crash notifications to Google when setting up his mobile phone, information (status of the app at the time of the crash, stack trace, manufacturer and operating system of the mobile phone, latest log messages) will be transmitted to Google and stored there for evaluation by Threema GmbH. This information does not contain any personal data.
B. Send Location (Android)
5. Right to Information, Correction, Blocking, Deletion and Objection
You have the right to receive information about your personal data stored by Threema GmbH at any time. Likewise, you have the right to correct, block or (apart from the legally required data storage for business purposes) delete your personal data.
The stored inventory data can be viewed at any time within Threema in the "My ID" screen and can be corrected or deleted by the user with immediate effect.
In case of loss of the end-user device, mobile phone numbers and email addresses linked to a Threema ID can be deleted via the following link: https://myid.threema.ch/unlink
You can delete all personal data related to your Threema ID and revoke your key pair at any time using the following link: https://myid.threema.ch/revoke
6. Responsible Body
If you have any questions about data protection at Threema GmbH, you can contact us directly. Send us an e-mail to email@example.com.
Responsible body and direct contact for data protection topics at Threema GmbH:
Data Protection officer
8808 Pfäffikon SZ
Representative in the EU according to Art. 27 para. 1 GDPR: GeKaCe GmbH, Dept. T, Weilerweg 13, 72411 Bodelshausen, Germany
This is a mere translation of the German version of this document.
In case of any discrepancies between the English version and the German version of this document, the German version will prevail.