EN | DE
app icon iOS
Seriously secure mobile messaging.

Privacy Policy

Threema takes data privacy very seriously. We strive to store only the absolutely necessary information for the shortest possible time. Furthermore, we take all usual technical measures to prevent unauthorized access to your data on our servers.

This privacy policy is intended to explain the most important points on how we ensure data privacy. If you have questions regarding data privacy, please contact privacy@threema.ch.

  1. Security of messages

    Threema GmbH as the operator of the Threema servers has no way to decrypt messages of Threema users because it does not have knowledge of their private keys.

    The encrypted messages and media (images, videos etc.) are deleted on the servers as soon as they have been delivered successfully.

    Header information of messages (sender, recipient etc.) is protected by an additional encryption layer for transmission to the server, and from the server to the recipient, to prevent eavesdropping by third parties (e.g. in open wireless LANs).

  2. Address book data

    Email addresses and phone numbers from the user's address book (if the user has enabled synchronization) are only transmitted to the server in one-way encrypted ("hashed") form and additionally protected using SSL. The servers only keep these hashes in volatile memory for a short time to determine the list of matching IDs, and then delete the hashes immediately. At no point are the hashes or the results of the synchronization written to disk.

  3. Linking of email addressess and phone numbers

    It is left at the discretion of the user whether or not they want to link their Threema ID with an email address or phone number. Threema can be used without this link; in that case, the user cannot be found automatically by other users via address book synchronization.

    Email addresses and phone numbers that have been linked will only be stored for the purpose of synchronization and not given to third parties. They will also not be used for advertising purposes. Users can delete their links at any time.

  4. Crash reports

    iOS: If the user explicitly chooses to submit a crash report about the iOS app, information about the crash (state of the app at the time of the crash, last log messages) will be sent to the servers of Bit Stadium GmbH, Stuttgart, Germany (operators of HockeyApp) and stored there for analysis by Threema GmbH. The privacy policy of HockeyApp is available at http://hockeyapp.net/privacy/.

    Android: If the user explicitly chooses to submit a crash report about the Android app, information about the crash (state of the app at the time of the crash, last log messages) will be sent to Google and stored there for analysis by Threema GmbH.

  5. General provisions

    In general, the regulations of the Swiss Federal Act of on Data Protection (FADP) as well as the Ordinance to the Federal Act on Data Protection (OFADP) apply.

  6. Swiss flag Made in Switzerland.