Privacy Policy
Last updated 2026-06-23
What we collect
Nothing that identifies you. Blink has no accounts, no phone numbers, no email, and no analytics or telemetry of any kind. We do not have a profile of you to sell, leak, or hand over.
Message content
End-to-end encrypted with libsignal (X3DH + post-quantum PQXDH + Double Ratchet). Keys are generated and stored on your device. We cannot read your messages, and neither can the relay that forwards them. With sealed sender, the relay does not even learn who sent a message.
Network metadata — the honest part
We can't fully hide it, so we won't pretend to. The relay runs on Cloudflare, which — like any server you connect to — sees your IP address, the timing and the size of your traffic. Sealed sender hides who you are at the app layer, not your network path. The relay itself runs zero-log (no DIDs or metadata are written to logs), and queued ciphertext is deleted after delivery or expiry. Hiding your IP from the relay would require Tor/I2P, which is on the roadmap, not shipped.
Push notifications
If you enable notifications, Blink registers a push token from Google Firebase Cloud Messaging (FCM) with the relay so it can wake your device when a message arrives. The push carries no message content and no sender — only a signal to come fetch. This does involve Google's push infrastructure; if you prefer zero Google contact, leave notifications off (a Google-free push path is on the roadmap).
This website
This marketing site sets no tracking cookies and runs no third-party analytics. Reviews you submit are stored with the name you choose to enter — leave it blank to stay anonymous.
Your control
Your identity lives on your device and is recoverable only from your 12-word phrase. Wipe the app and the keys are gone. There is no server-side copy to request or delete, because there isn't one.
Verify, don't trust
Blink is open-source under AGPL-3.0 — the full source, including the relay, is public at github.com/tralalananala-cloud/blink. You can read exactly what runs. See SECURITY.md for the complete threat model.
Changes
If this policy ever changes, the diff will be public in our changelog and git history. We will never quietly expand what we collect.