Last updated: April 2026

Tusile ("we", "our", or "the app") is a chat and voice application. This policy describes what data we collect, how we use it, and your choices.

Architecture note. Tusile has two layers: Tusile Core (operated by us) handles accounts, friends, direct messages, and server discovery. Community servers are self-hosted by independent operators; each community server stores its own channels, messages, files, and voice traffic on the operator's infrastructure. This policy covers Tusile Core. Community server operators are separate data controllers for the content on their servers.

1. Data we collect and use (Tusile Core)

1.1 Account and profile

• Email address — Used to create and sign in to your Tusile account.
• Display name and optional avatar — Your global Tusile identity. Shown to other users in DMs and in community servers you join. You choose what to set.
• Password — Stored securely (hashed) and used only for authentication. We do not have access to your plain password.
• Friends list and blocks — Stored by Core so your social graph works across every community server.

1.2 Direct messages

• DM text and DM file attachments — Stored by Tusile Core so you and the other participant can read the conversation and view shared files.
• GIFs — The app can search and send GIFs via a third-party GIF search service (e.g. GIPHY). Search terms and chosen GIFs may be processed by that provider according to their privacy policy.

1.3 Presence

• Online status — Core stores and shares whether you are online or offline so friends and members of community servers you join can see your activity.

1.4 Technical and usage data

• Device and app — We may receive technical information (e.g. app version, platform) to support and improve the service.
• Logs — Core and its hosting providers may keep limited logs (e.g. IP, timestamps) for security and operation. We do not sell this data.
• Product analytics — We use PostHog to collect anonymous usage events (e.g. which pages are visited, which features are used) to understand how the service is used and improve it. No message content or personal conversations are included. You can opt out at any time by enabling "Do Not Track" in your browser.

2. Data handled by community servers (not by us)

When you join a community server you agree that the server's operator handles the following on their own infrastructure:

• Channel messages and file attachments — Stored in the operator's database and object storage (local disk or their own S3 bucket), not by Tusile Core.
• Per-server nickname and per-server avatar (where supported) — Stored on the community server, not on Core.
• Roles, permissions, invites, bans, and moderation state — Managed by the server's operator.
• Voice and video — Your microphone, camera, and screen-share streams are relayed in real time by the LiveKit instance running on that community server. Voice is not recorded by Tusile Core and is not stored by LiveKit in the default configuration; check with the operator if you need specifics.

For retention, deletion, export, moderation, and breach notification of this data, contact the operator of the specific community server. Tusile does not have access to content stored on community servers it does not operate.

3. How we use your data

We use the Core data above to:

• Create and manage your Tusile account and global profile.
• Deliver direct messages, friend updates, and presence to you and the other participants.
• Register community servers for discovery and validate licenses.
• Enforce our terms, prevent abuse, and comply with the law.
• Operate, secure, and improve Core and the client apps.

We do not sell your personal data to third parties.

4. Who can see your data

• Other Tusile users — Your display name, avatar, and online status are visible to your friends and to members of community servers you join. DM contents are visible only to participants of that DM.
• Community server operators — When you join a community server, the server's operator (not Tusile) can see content you post to that server's channels, your membership, and any roles assigned to you.
• Core service providers — We use third-party services to run Core (e.g. hosting, database, auth). They process Core data on our behalf under agreements that limit use to providing the service.

5. Data retention

• Account and profile (Core) — Kept until you delete your account (see Section 7).
• Direct messages and DM files (Core) — Kept so long as the DM exists, in line with our backup and retention practices.
• Community server content — Retention is set by the community server's operator. Contact them for their retention policy and for deletion requests of content on their server.
• Voice — Not recorded by Core; relayed in real time by the community server's LiveKit instance.
• Logs — Retained only as long as needed for security and operations.

6. Security

We use industry-standard measures (e.g. encryption in transit, secure auth) to protect your data. No system is completely secure; we encourage strong passwords and safe use of the app.

7. Your rights and choices

• Access and correction — You can view and update your profile (e.g. display name, avatar) in the app.
• Deletion — You may request deletion of your account and associated data. Contact us (see below). After deletion, we remove or anonymize your data within a reasonable time, except where we must keep it for legal or safety reasons.
• Voice — You can leave a voice channel at any time to stop transmitting your voice.
• Local data — On your device, the app may store preferences and cache (e.g. for faster loading). You can clear app data or uninstall to remove it.

If you are in the European Economic Area or the UK, you may have additional rights (e.g. access, portability, restriction, objection) under applicable data protection laws.

8. Children

The app is not directed at children under 13 (or higher age where required). We do not knowingly collect data from such users. If you believe a child has provided us data, please contact us so we can delete it.

9. Changes to this policy

We may update this policy from time to time. We will post the revised version (with a new "Last updated" date) in the app or on our website. Continued use of the app after changes means you accept the updated policy.

10. Contact

For privacy-related questions, account deletion, or data requests:

• App / developer: Tusile (Karol Rzotki)
• Email or support: krzotki@gmail.com

If you are in the EEA/UK and have a complaint, you may also lodge it with your local data protection authority.