Privacy Policy

Threema GmbH (hereafter «Threema») was founded on the premise of bulletproof data protection. It is our primary goal to store only the absolute  minimum of information for the shortest possible time («Privacy by Design»). In addition to using state-of-the-art encryption methods, we take all necessary technical and organizational measures to prevent unauthorized data access and misuse. The processing and protection of data is carried out in accordance with applicable legal regulations and EU Regulation 2016/679 (GDPR).

1. General Information

The Threema app (hereinafter referred to as "Threema") was developed in order to leave as little metadata as possible on a central server. It is therefore not absolutely necessary to indicate personal data to use the app. The identification of a subscriber takes place exclusively via an 8-digit ID and a key pair created by the user himself. Groups are only managed on the participating devices.

2. Purpose of Data Processing

Threema processes data to enable the transmission of short messages and media to other subscribers. The processed data is processed exclusively by Threema on its own server infrastructure in Switzerland and is not passed on to third parties.

3. Scope and Duration of Data Processing

A. Inventory Data

In the context of the use of Threema, the following inventory data are collected and stored:

The following information is optional and can be provided by the user voluntarily in order to make it easier to be found by other Threema users:

When exchanging messages, only the following information is passed on to other participants:

The information will not be passed on to third parties.

All data will only be stored until deleted by the user. Once the information is deleted, it cannot be restored.

B. Message Contents

Threema encrypts all messages, including control messages, using a highly secure end-to-end encryption method.

Header information of messages (sender, recipient etc.) is protected by an additional encryption layer for transmission to the server, and from the server to the recipient, to prevent eavesdropping by third parties (e.g. in open wireless LANs).

Threema GmbH as the operator of the Threema servers has no possibility to decrypt messages of Threema users because it does not have knowledge of their private keys.

Encrypted messages and media (images, videos, files, etc.) are completely deleted on the servers as soon as they have been successfully delivered. If the messages and media are not or not completely fetched, they will be automatically and irretrievably deleted from the server after two weeks.

C. Address Book Data

At the express request of the user, email addresses and phone numbers from the user's address book can be synchronized. This data is transmitted to the servers in one-way encrypted ("hashed") from enabled and additionally protected using SSL. The servers only keep these hashes in volatile memory for a short time to determine the list of matching IDs, and then delete the hashes immediately. At no point are the hashes or the results of the synchronization written to a data carrier.

4. Data Processed by Third Parties

Threema GmbH does not pass on any data to third parties, is completely free of advertising and does not use analytics software to monitor user behavior. However, some functionalities can only be provided by using external data sources, frameworks or operating system services, which in turn process data and are subject to a separate privacy policy.

A. Crash Notifications

In order to improve the stability and reliability of the app, Threema relies on anonymous crash reports.

iOS / Windows Phone: If the user voluntarily and explicitly agrees to the transmission of a crash report after a crash of the app, information about the crash (status of the app at the time of the crash) is transferred to the servers of HockeyApp (a Microsoft company) and stored there for evaluation by Threema GmbH. If the user does not agree to the crash notification transmission, nothing will be sent. HockeyApp's Privacy Policy can be found at https://www.hockeyapp.net/imprint/ Crash reports usually do not contain any personal information. On iOS, they consist of a stack trace, some information about the device (model, operating system version, but no serial number or similar), the app version, the time stamp of the start and crash, and the list of software libraries loaded in memory. Processor register contents or log messages are not being collected.

Android: If the user voluntarily and explicitly consents to the general transmission of crash notifications to Google when setting up his mobile phone, information (status of the app at the time of the crash, stack trace, manufacturer and operating system of the mobile phone, latest log messages) will be transmitted to Google and stored there for evaluation by Threema GmbH. This information does not contain any personal data.

B. Send Location (Android)

The "Send Location" feature accesses the API of Google Play services on the end-user device in order to display or select maps, locations and POIs. Use of Google Play services is governed by the Google Privacy Policy. http://www.google.com/intl/de/policies/privacy/

If Google Play services are not installed on the end-user device, Threema accesses the OpenStreetMap Foundation's API to display maps. The use of the OpenStreetMap APIs is subject to the privacy policy of the OpenStreetMap Foundation. http://wiki.openstreetmap.org/wiki/Privacy_Policy

5. Right to Information, Correction, Blocking, Deletion and Objection

You have the right to receive information about your personal data stored by Threema GmbH at any time. Likewise, you have the right to correct, block or (apart from the legally required data storage for business purposes) delete your personal data.

The stored inventory data can be viewed at any time within Threema in the "My ID" screen and can be corrected or deleted by the user with immediate effect.

In case of loss of the end-user device, mobile phone numbers and email addresses linked to a Threema ID can be deleted via the following link: https://myid.threema.ch/unlink

You can delete all personal data related to your Threema ID and revoke your key pair at any time using the following link: https://myid.threema.ch/revoke

6. Responsible Body

If you have any questions about data protection at Threema GmbH, you can contact us directly. Send us an e-mail to privacy@threema.ch.

Responsible body and direct contact for data protection topics at Threema GmbH:

Threema GmbH
Data Protection officer
Churerstrasse 82
8808 Pfäffikon SZ
Switzerland
privacy@threema.ch

CHE-221.440.104

Representative in the EU according to Art. 27 para. 1 GDPR: GeKaCe GmbH, Dept. T, Weilerweg 13, 72411 Bodelshausen, Germany

7. Amendment of the Privacy Policy

We reserve the right to change this Privacy Policy from time to time in order to comply with changed legal requirements or to reflect new functionalities of the app. The current Privacy Policy is always available for consultation from within Threema.

Disclaimer

This is a mere translation of the German version of this document.

In case of any discrepancies between the English version and the German version of this document, the German version will prevail.