Privacy Policy

Last updated: June 2026

This Privacy Policy describes how Blink collects, uses, and protects information when you use our services. This is a demonstration project and does not constitute a legal privacy policy.

Our Zero-Knowledge Posture

Blink is built so that we cannot read your conversations. Messages and media are encrypted on your device with AES-256-GCM (keys established via ECDH P-256 and HKDF-SHA256), and our servers store only ciphertext in ScyllaDB. Media is encrypted client-side before it is uploaded. Your device holds only derived keys and an encrypted vault — your content is not stored in plaintext on your device or ours.

Information We Collect

To operate the service we process limited account and routing metadata, such as your identifier, device registrations, and the encrypted payloads we relay. We do not have access to the contents of your end-to-end encrypted messages, media, or Secure Locker files.

Where Your Data Lives

Today Blink runs in the United States and India. Switzerland and GDPR data residency are on our roadmap and not yet available.

Contact

For privacy-related inquiries, contact us at privacy@blink.app.