conduit

Privacy Policy

Who runs this

Conduit is operated privately by Gabor Angeli for a small circle of invited users. It is a personal, non-commercial project, provided as-is. Questions or requests: open an issue at github.com/gangeli/Conduit.

What data Conduit holds

When you install the Conduit app and grant permissions, the app sends the following from your phone to your isolated account:

This information necessarily includes content authored by other people — anyone who has messaged or called you. It is held with the same care as the rest of your account and is never exposed to other Conduit users.

What never leaves your phone

Your 64-digit WhatsApp backup key and the raw encrypted backup file are stored only on your device (in the Android Keystore) and are never uploaded — not even to Conduit's server. WhatsApp decryption happens entirely on the phone; only the parsed messages and images are sent to your account, the same as ordinary SMS. Conduit never connects to WhatsApp's servers.

How it's used

Your data is used for exactly two things:

It is not sold, rented, or shared with anyone, and it is not used for advertising or profiling. There is no third-party analytics or ad tracking on the site. Conduit is read-only by default; sending anything from your phone is a separate, off-by-default feature behind a kill switch you control.

Isolation between users

Every stored record is tagged to one account and every query is filtered by that account in a single access layer. One user's data is never visible to another. This tenant isolation is the project's top priority.

Where it's stored

Data is stored on Cloudflare infrastructure (Workers, the D1 database, and R2 object storage for images) operated for this deployment. Transport is encrypted (HTTPS); device uploads are additionally signed. Secrets are held in encrypted stores, and the WhatsApp key is on-device only.

Retention & your controls

A note on third-party content

Because Conduit ingests your inbound messages, it holds information created by people who contacted you, who have not themselves agreed to this. This is the same information your phone already stores. Conduit is intended for a small, trusted circle; please use it responsibly and consistent with the laws that apply to you.

Children

Conduit is not directed to children and should not be set up on a child's behalf.

Changes

This policy may be updated as the project evolves; the "last updated" date above will change. Material changes will be noted in the project repository.