1. What may be collected
Normal operation may create account records, login/session records, device identifiers, IP addresses, user-agent strings, request timestamps, room membership metadata, and content stored by the Matrix server.
If an email address is provided, it may be stored for account management. Email is not required unless a specific access flow says otherwise.
2. How data is used
Data is used for authentication, session management, abuse prevention, moderation, system stability, troubleshooting, security monitoring, and investigation of Terms violations.
3. Encryption and visibility
End-to-end encrypted rooms encrypt message content client-side. The server stores encrypted payloads but cannot read properly encrypted message contents.
Encryption does not hide all metadata. Room membership, timestamps, devices, IP/login records, and other operational metadata may still be visible. Unencrypted rooms and uploaded media may be visible to administrators.
4. Retention and backups
Retention varies by data type and configuration. Account records may remain while an account is active and may be retained for a limited period after deactivation for operational, administrative, abuse-prevention, or legal reasons.
Messages and media may persist indefinitely, be governed by room retention settings, or expire if unsynchronized. Backups may exist for disaster recovery, but they are not permanent archives.
5. Security practices
RG Herd uses layered security practices including HTTPS/TLS, delegated authentication, access controls, infrastructure logging, rate limiting, abuse detection, and operational monitoring.
No system is immune to compromise. Users are responsible for protecting credentials, devices, encryption keys, and recovery material.
6. Disclosure
Data may be disclosed when required by valid legal process, necessary to prevent imminent harm, or necessary to protect system integrity. Requests for user data must comply with applicable law.
7. Contact and updates
This policy may be updated as the system changes. Continued use of RG Herd infrastructure after updates means you accept the updated policy.