Privacy policy.

Effective: 2026-04-26 · Short, because there isn't much to say.

The short version.

Lattice does not collect, store, or transmit any data about you to any server we operate. Your messages live on your phone and on the phones of the people you sent them to. Your identity is generated on your phone and never leaves it. There is no Lattice account, no Lattice login, no Lattice cloud sync. There is no central place that holds your data because there is no central place at all.

The longer version.

What Lattice does on your device.

• Generates and stores your cryptographic keys, hardware-protected by the iOS Secure Enclave or Android StrongBox.
• Stores your messages, contacts, and group memberships in an encrypted local database.
• Uses Bluetooth and Wi-Fi to discover and exchange messages with other Lattice users in radio range.
• (If you enable it) caches Plus Code location hints encrypted with your contacts' keys, to share approximate location during festivals or emergencies.

What Lattice does not do.

• Send any analytics, telemetry, crash reports, or diagnostic data to any server.
• Use any third-party SDK that phones home (we have none — auditable in source).
• Track your location, your usage patterns, your retention, your engagement, or anything else.
• Store your messages on a server. There is no server.
• Have a way to read your messages even if compelled to. End-to-end encrypted, keys on your phone, period.

What information about you might exist outside your phone.

Three legitimate cases, all by your action:

1. Messages and metadata you sent. Other Lattice users you communicated with have copies of those messages on their phones, encrypted and subject to the same expiry rules they configured.
2. Mesh-relayed packets. Other Lattice users in radio range may have temporarily forwarded packets on your behalf without being able to read them. Their phones discard these packets after relay or after expiry (default 7 days).
3. Public information you chose to publish. If you generate an introduction bundle and share it, the recipient has it. If you publish your Bullet ID, it's public. We never do this on your behalf.

Apple and Google.

If you install Lattice from the App Store or the Play Store, Apple or Google may collect their own information about your install (device, OS version, etc.) according to their respective policies. We have no access to that data. You can install the open-source build via F-Droid or directly from our releases page to bypass that channel entirely.

Children.

Lattice is not aimed at children, but it does not collect any data from anyone, so we do not need to make special provision for under-13s. The wallet-style identity model means a child who installs Lattice will get the same key-on-phone, no-server experience as anyone else.

Cookies and the website.

lattice.fyi is a static website. It uses no cookies. It uses no analytics. It uses no fonts that phone home. It uses no third-party JavaScript. View source to verify.

Changes to this policy.

If we ever did want to change the data-collection posture (we don't intend to), we would publish notice on this page and on the project blog (which we don't currently have, because we don't currently need one). The current policy is "we collect nothing" and it is unlikely to change because changing it would require us to operate infrastructure that the project explicitly avoids.

Your rights under GDPR / CCPA / similar regimes.

The Lattice project is not a "controller" or "processor" of your personal data in the GDPR or CCPA sense, because we do not collect or process personal data. There is no data to access, port, or delete on our side. If you wish to delete your Lattice data, uninstall the app from your phone — that is the entire dataset.

Security disclosure.

If you find a privacy bug — something this policy promises that the code doesn't deliver — please report it via our security disclosure policy.

Contact.

Privacy questions: our Matrix room. We aim to reply within 7 days.