top of page

Cord

Cord Privacy Policy

Last Updated: April 2026

Summary

Cord is a private-by-design messenger. You can use Cord without phone numbers, email-based accounts, or contact uploads. Messages and media are end-to-end encrypted, so Cord’s servers are designed not to access message content. To operate the service, Cord processes limited technical metadata such as random app-generated device identifiers and push notification tokens.

1) What Cord Collects

Cord collects only the data needed to provide and secure the service:

  • Encrypted message/media envelopes: Ciphertext and delivery envelope data required for routing and synchronization.

  • Delivery metadata:

    • App-generated random device identifiers

    • Cord identifiers (for join/routing flows; hashed forms may be used where appropriate)

    • Envelope/message identifiers and delivery state metadata

  • Push notification tokens: APNs/FCM tokens required for notification delivery.

  • Optional profile metadata you choose to share in a cord: Alias/display name and profile avatar.

  • Operational and security telemetry: Limited technical events needed for reliability, abuse prevention, debugging, and service integrity.

Cord does not require:

  • Phone numbers

  • Contact list/address book uploads

  • Email/username account registration

  • Location data

  • Hardware identifiers (such as IMEI, MAC address, or advertising ID)

Cord does not use third-party advertising SDKs or cross-app behavioral profiling SDKs.

 

2) How Cord Uses Data

Cord uses collected data to:

  • Deliver encrypted messages/media to intended recipient devices

  • Maintain device registrations and routing for cord participation

  • Register and use push tokens to deliver content-minimized notifications

  • Operate, secure, and improve reliability of the service

Cord does not sell personal data and does not use message content for advertising.

 

3) End-to-End Encryption

  • Messages are encrypted on sender devices before transmission and decrypted on recipient devices.

  • Media is encrypted client-side before upload/storage.

  • Cryptographic keys and sessions are generated and stored on-device using OS-backed secure storage.

  • Cord is designed so server-side systems do not hold your private message keys.

 

4) Metadata Minimization

Cord minimizes metadata, but some metadata is necessary for delivery and security:

  • Encrypted envelopes and routing metadata are processed to deliver messages.

  • Push providers process token/delivery metadata to route notifications.

  • Cord does not require phone-number or email identity to function.

 

5) Third Parties / Infrastructure

Cord uses service providers to host and deliver functionality, including:

  • Supabase (database, storage, realtime, edge functions)

  • Firebase Cloud Messaging (FCM) and Apple Push Notification service (APNs) (notification transport)

  • AWS services via Amplify (including Cognito and S3 components used by the app)

These providers process data under Cord’s instructions to provide infrastructure, delivery, and security operations.

 

6) Data Retention

Cord applies limited-retention principles:

  • Encrypted server-side delivery data/media: Retained as needed for delivery and service operation, then removed per backend retention policy.

  • Delivery metadata: Retained only as needed for routing, device management, and reliability/security operations.

  • Operational/security telemetry: Retained for limited periods appropriate to service protection and reliability.

  • On-device history: Controlled by in-app retention settings and local deletion tools.

 

7) Your Controls

You can:

  • Manage cord participation and remove local cord data in-app

  • Configure local message retention behavior in-app

  • Remove app data by uninstalling the app (platform behavior)

Because Cord does not require personal-account identity, Cord may not be able to identify you unless you voluntarily provide contact details (for example, through support email).

 

8) Children’s Privacy

Cord is not intended for children under 13, and we do not knowingly collect personal information from children.

 

9) Changes to This Policy

We may update this policy as features and infrastructure evolve. We will update the “Last Updated” date and provide notice for material changes where appropriate.

 

10) Contact

For privacy inquiries: cordmessaging[a]protonmail.com

bottom of page