Privacy Policy

Effective date: June 15, 2026 · DirectoLink

DirectoLink messages are end-to-end encrypted. The encryption keys live only on your devices (in the conversation link), never on our servers. We cannot read the content of your messages, and neither can anyone who gains access to our servers.

1. Who we are

DirectoLink is a private messaging and personal-profile service. This policy explains what we collect, how we use it, and the controls you have. Questions: directolink@cobaltframework.com.

2. Information we collect

Account info — your username/@handle, optional display name, a password verifier (we never store your raw password), your contact code, and your encrypted keychain.
Messages & media — message content is end-to-end encrypted; we store only the ciphertext needed to deliver it. Photos and media you upload are stored to provide the service.
Public profile — anything you choose to publish on your profile (bio, links, photos).
Limited technical data — basic request and device data needed to operate and secure the service.

3. How we use it

To deliver the service: sign-in, message routing, profiles, and contacts.
To keep the service safe (abuse prevention and moderation of reported content).
We do not sell your personal information, and we do not run third-party ad tracking.

4. Who we share with

We share data only with the infrastructure providers that run the service on our behalf (for example, hosting, database, and storage providers), and only as needed to operate it. We may disclose information if required by law. Because messages are end-to-end encrypted, we cannot disclose their content.

5. Your rights & data deletion

You can permanently delete your account at any time from inside the app. Deleting your account removes your account record, profile, and the messages you sent.

Delete your account →

You may also email directolink@cobaltframework.com to request access to or deletion of your data.

6. Security

Messages use end-to-end encryption. We use industry-standard safeguards to protect data in transit and at rest. No system is perfectly secure, but our architecture is designed so that we cannot read your private conversations.

7. Children

DirectoLink is not directed to children under 13 (or the minimum age required in your country). We do not knowingly collect data from children.

8. Changes

We may update this policy. Material changes will be reflected by the effective date above.

9. Contact

directolink@cobaltframework.com