The boring-but-important page

Privacy Policy

Last updated 2026-06-03

The short version

01 Who runs disdroc

disdroc is a small, self-hosted chat app run by an individual hobbyist (not a company) on a private server. It is a personal side project and is not affiliated with, endorsed by, or related to Discord Inc. This policy explains what data the app handles and why.

02 What we collect

Account information

When you sign up we store a username, an email address, and your password (kept only as a salted hash — never in plain text). You may also add optional profile details such as a display name, avatar, status and bio.

Content you create

Messages, reactions, server and channel names, files and images you upload, and similar content. This is stored so the app can show it to you and the people you send it to.

Technical & security data

To keep accounts secure and the service working, we record login sessions, your IP address, and basic device/browser information (user-agent) for recent logins. If you turn on two-factor authentication (2FA), we store the secret needed to verify your codes.

Approximate country

On your first visit the site reads the approximate country your connection comes from (provided by our network/CDN) purely to pick a starting language — English or Turkish. It isn't stored as a profile field or used to identify you.

03 What we DON'T do

04 How your data is used

We use the data above only to: create and secure your account; deliver your messages, calls and files to the right people; show presence, friends and notifications; let admins keep the community safe (e.g. handling reports and abuse); and keep the service running and debugged.

05 Voice, video & screen share

Calls use WebRTC and are streamed live between participants — we don't record voice, video or screen shares. To set up a call, connection-helper (STUN/TURN) servers may see network address information needed to route the media; they don't see your conversation.

06 How long we keep it

07 Cookies & local storage

We use a single session cookie to keep you logged in — it's strictly necessary and not used for tracking. The app also stores small preferences in your browser's local storage (such as your chosen language, theme and sound settings). No advertising or third-party cookies are set.

08 Third-party services

disdroc keeps outside services to a minimum. The ones it does use:

These providers have their own privacy policies governing the data they receive.

09 Security

Passwords are stored only as salted hashes, traffic is served over HTTPS, and you can enable TOTP two-factor authentication for an extra layer. Access to personal details like emails and IP addresses is restricted to the site owner and admins with explicit permission. No system is ever perfectly secure, but we keep the surface small on purpose.

10 Your choices & rights

You can edit or remove most of your profile from within the app, and you can delete your account at any time — deleting it removes your profile and personal data. If you'd like a copy of the personal data we hold about you, or want help deleting it, contact us using the details below. We'll do our best to respond promptly.

11 Children

disdroc is not intended for children under 13 (or the minimum age required in your country). If you believe a child has created an account, contact us and we'll remove it.

12 Changes to this policy

If this policy changes, the “last updated” date at the top will change too. Because this is a small project, we won't always email about minor updates — please check back occasionally.

Contact

Questions about your data or this policy? Use the feedback form on our support page, and we'll get back to you.