Privacy policy.
Effective: 2026-04-26 · Short, because there isn't much to say.
The short version.
Lattice does not collect, store, or transmit any data about you to any server we operate. Your messages live on your phone and on the phones of the people you sent them to. Your identity is generated on your phone and never leaves it. There is no Lattice account, no login, no cloud sync. Nothing holds your data centrally, because there is no central place at all.
The longer version.
What Lattice does on your device.
- Generates and stores your cryptographic keys, hardware-protected by the iOS Secure Enclave or Android StrongBox.
- Stores your messages, contacts, and group memberships in an encrypted local database.
- Uses Bluetooth and Wi-Fi to discover and exchange messages with other Lattice users in radio range.
- (If you enable it) caches Plus Code location hints encrypted with your contacts' keys, to share approximate location during festivals or emergencies.
What Lattice does not do.
- Send any analytics, telemetry, crash reports, or diagnostic data to any server.
- Use any third-party SDK that phones home. We have none, and you'll be able to audit that in the source repo when it's published with v1.0.
- Track your location, your usage, or anything else about how you use the app.
- Store your messages on a server. There is no server.
- Have any way to read your messages, even if compelled to. They're end-to-end encrypted and the keys sit on your phone.
What information about you might exist outside your phone.
Three legitimate cases, all by your action:
- Messages and metadata you sent. Other Lattice users you communicated with have copies of those messages on their phones, encrypted and subject to the same expiry rules they configured.
- Mesh-relayed packets. Other Lattice users in radio range may have temporarily forwarded packets on your behalf without being able to read them. Their phones discard these packets after relay or after expiry (default 7 days).
- Public information you chose to publish. If you generate an introduction bundle and share it, the recipient has it. If you publish your Bullet ID, it's public. We never do this on your behalf.
Apple and Google.
Lattice runs on iPhone (currently a TestFlight beta; App Store listing in progress) and Android (currently a signed APK you can install directly; Play Store listing in progress). If you install via TestFlight, the App Store, or the Play Store, Apple or Google may collect their own information about your install (device, OS version, etc.) according to their respective policies. We have no access to that data. Installing the Android APK directly bypasses the Play Store channel entirely.
Children.
Lattice is not aimed at children, but it does not collect any data from anyone, so we do not need to make special provision for under-13s. The wallet-style identity model means a child who installs Lattice will get the same key-on-phone, no-server experience as anyone else.
Cookies and the website.
lattice.fyi is a static website. No cookies, no analytics, no fonts that phone home, no third-party JavaScript. View source to verify.
Changes to this policy.
If we ever wanted to change what data Lattice collects, we'd post notice on this page first. The current policy is "we collect nothing", and that's unlikely to change, because changing it would mean running the kind of infrastructure the project deliberately avoids.
Your rights under GDPR / CCPA / similar regimes.
The Lattice project is not a "controller" or "processor" of your personal data in the GDPR or CCPA sense, because we do not collect or process personal data. There is no data to access, port, or delete on our side. If you wish to delete your Lattice data, uninstall the app from your phone — that is the entire dataset.
Security disclosure.
If you find a privacy bug (something this policy promises that the code doesn't deliver), please report it via our security disclosure policy.
Contact.
Privacy questions: our Matrix room. We aim to reply within 7 days.