Privacy Policy

Introduction

This Privacy Policy explains how Suhuf ("we", "us", or "our") handles information when you use our platform. We believe privacy is a fundamental right. This document is written in plain language so everyone can understand it—no legal jargon, no surprises.

Important: We do not collect personal information like names, email addresses, or phone numbers unless you voluntarily provide them. We have no advertising trackers. We don't sell data—ever.

What Information We Handle

Information You Provide Directly

• Public Key: When you log in with Nostr, we store your Nostr public key (a long string of letters and numbers). This is like a username that identifies you on the platform. You control the corresponding private key—it never leaves your device or signer app.
• Display Name: You may choose to set a display name for your profile. This is optional and can be anything you want.
• Messages: Public messages you post are broadcast to the Nostr network (decentralized relays). Private messages are encrypted end-to-end—we cannot read them.
• Business Information: If you claim a business, you may provide business details (name, address, website) which becomes publicly visible.

Information Stored Automatically

• Login Status: We store your login state in your browser's local storage so you don't have to log in every time you visit.
• Clout Score: We track a "clout score" based on your activity (daily logins, engagement) to enable platform features like spam prevention.
• Verification Timestamp: When you verify ownership of your Nostr key, we store when this happened for security purposes (expires after 24 hours).

Information We Do NOT Collect

• Passwords (we never see or store them)
• Private keys (these stay on your device or in your signer app)
• Email addresses (unless voluntarily provided for business claims)
• Phone numbers
• Location data from your device
• Device identifiers or fingerprinting data
• Third-party advertising IDs

How We Use Information

• Authentication: To verify you are who you say you are using cryptographic signatures (not passwords).
• Platform Functionality: To display your profile, messages, and business listings to other users.
• Spam Prevention: Clout scores help prevent spam and abuse by requiring minimum engagement levels for certain actions.
• Business Analytics: If you claim a business, we track anonymized visit counts to show you how many people view your listing.
• Security: To detect and prevent abuse, attacks, or violations of our terms.

Where Your Data Lives

Your Device (Browser Storage)

We store minimal data in your browser's local storage:

• Your Nostr public key
• Whether you're verified
• Which login method you used (browser extension or mobile signer)
• When your verification expires

How to clear: Log out, or clear your browser's local storage for suhuf.co. This data never leaves your device unless you explicitly post it.

Our Database (Supabase)

We use Supabase to store:

• User profiles (public key, display name, clout score, settings)
• Business listings and claims
• Message metadata (for threading and display purposes)
• Business analytics (anonymized visit counts)

Your message content is NOT stored in our database—public messages live on Nostr relays, and private messages are encrypted and only stored temporarily in memory for display.

Nostr Relays (Decentralized Network)

Public messages you post are broadcast to Nostr relays—servers run by various operators around the world. These relays store and forward your messages to other users. Think of it like email servers, but decentralized.

• We don't control these relays—they are independent
• Your public messages may be stored indefinitely by relays
• Private messages use NIP-17 encryption (gift-wrapped) and cannot be read by relays
• You can request deletion (NIP-09), but relays may or may not honor it

Encryption and Security

Private Messages (NIP-17)

Private messages use triple-layer encryption:

1. Message Layer: Your actual message (unsigned "rumor")
2. Seal Layer: The message is encrypted and signed by you
3. Gift Wrap Layer: The seal is re-encrypted with a random one-time key, hiding your identity from relays

This means:

• Only you and the recipient can read the message
• Relays cannot see who sent the message (only that someone sent something to the recipient)
• Even we cannot decrypt your private messages

Public Messages (NIP-01)

Public messages are signed by your private key (via your browser extension or signer app) but are readable by anyone. This is by design—the "public feed" is like a public bulletin board.

Security Measures

• All connections use HTTPS (encrypted in transit)
• Content Security Policy (CSP) headers to prevent XSS attacks
• CSRF protection for form submissions
• Rate limiting to prevent abuse
• Input sanitization to prevent injection attacks

Protecting Your Privacy

Use a VPN

We strongly recommend using a VPN (Virtual Private Network) when accessing any online platform. A VPN encrypts your internet traffic and hides your IP address from websites and potential eavesdroppers.

Why Switzerland? Switzerland has strong privacy laws that prohibit bulk data logging. While laws can change, Swiss-based VPN providers are generally required to protect user data more strictly than providers in other jurisdictions.

VPN recommendations (no affiliation or endorsement):

• Nym (nym.com) - Premium privacy-focused network (paid)
• ProtonVPN (protonvpn.com) - Swiss-based with a free tier

Use a Privacy-Respecting Browser

Consider using Firefox, Brave, or Tor Browser for enhanced privacy protections.

Manage Your Nostr Keys

• Never share your private key with anyone
• Use a hardware signer (like Amber on mobile) or secure browser extension
• Consider using different public keys for different purposes

Third-Party Services

We use the following services to operate the platform:

• Supabase: Database and backend infrastructure. See their Privacy Policy.
• Nostr Relays: Decentralized message relay servers run by independent operators. Each relay has its own policies.
• Robohash: Generates avatar images based on your public key. No personal data is sent to them—just a hash of your public key.

We do not use Google Analytics, Facebook Pixel, or any advertising/tracking services.

Your Rights

You have control over your data:

• Access: All data we store about you is visible in your profile page.
• Correction: You can update your display name and profile settings at any time.
• Deletion: Contact us to delete your account and associated data. Note that public messages on Nostr relays are outside our control.
• Portability: Your Nostr identity is portable—your public/private key pair works across any Nostr-compatible platform.
• Right to be Forgotten: We can delete your data from our database, but public Nostr messages may persist on relays.

Data Retention

• Active Accounts: Data is retained as long as your account is active.
• Inactive Accounts: Accounts with no activity for 2 years may be archived.
• Deleted Accounts: When you delete your account, we remove your data from our database within 30 days. Backups may retain data for up to 90 days.
• Nostr Messages: Public messages may be stored indefinitely by Nostr relays. We cannot control relay retention policies.

Children's Privacy

Suhuf is not intended for users under 16 years of age. We do not knowingly collect information from children. If you believe a child has provided us with personal information, please contact us immediately and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify users through the platform or by updating the "Last Updated" date at the top of this page. Your continued use of Suhuf after changes constitutes acceptance of the new policy.

Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:

• Email: privacy@suhuf.co
• Contact Form: Contact Page