Sendant
Private by default. Calm by design.

Privacy Policy

Effective 1 July 2026 · Applies to the Sendant mobile app (io.sendant) and web client.

Sendant is a private, end-to-end encrypted messenger. The short version: your messages belong to you. They are encrypted on your device, your keys never leave it, and our infrastructure only ever handles content it cannot read. We don't ask for your phone number, and we don't run analytics by default.

The one-sentence summary: we are built so that there is as little to collect as possible — no account, no phone number, no advertising, no behavioral tracking, and no plaintext for us to see.

1. Who we are

Sendant ("we", "us") is the Sendant messenger, developed by Yoni Ryabinski (yoniryabinski.com). You can reach us about privacy at privacy@sendant.io.

2. Information we do not collect

3. Information that exists on your device

The following stays local to your device and is not transmitted to us in readable form:

Uninstalling the app removes these local databases from your device.

Device permissions

Sendant requests only feature-specific permissions when needed: camera access to scan invite or verification QR codes, microphone/audio access for voice messages and calls, network access to send and receive encrypted messages, and notification permission so your device can show a local alert after it receives a content-free wake signal. These permissions are not used for advertising, profiling, or contact discovery.

4. Information that passes through our infrastructure

To deliver messages when your contact is offline, Sendant uses a store-and-forward "mailbox" and relay infrastructure. What that infrastructure sees:

DataWhat we can seeRetention
Message & attachment content Opaque ciphertext only. Messages are end-to-end encrypted; we cannot read, search, or decrypt them. Held only until delivered, and auto-expires (currently up to 30 days), then deleted.
Delivery/routing data The minimum needed to route an encrypted envelope to its mailbox. Sealed-sender techniques minimize sender metadata. Transient; not used for profiling or advertising.
Network connection data Standard connection metadata (e.g. IP address) inherent to any internet service, used to operate and protect the service. Not used to build a profile of you.
Push token An FCM device token tied to your device so the mailbox can send content-free wake pushes. Kept while notifications are enabled for that device, then replaced or removed when the token rotates or notifications are disabled.

All communication with our infrastructure is encrypted in transit (TLS); the app does not permit cleartext network traffic.

Push notifications. On Android, Sendant uses Firebase Cloud Messaging (FCM) to wake the app when you have mail. These push messages are data-only and contain no message content — just a signal to fetch; the app then retrieves and decrypts your messages locally. Google (the FCM provider) can see that your device received a wake signal and when, but not who messaged you or what they said.

5. Diagnostics

Sendant does not collect crash or diagnostic telemetry by default, and the app currently ships with no analytics or crash-reporting SDKs. If we ever add optional diagnostics, they will be off by default, scrubbed of message content before anything is sent, and used only to fix bugs and improve reliability — never for advertising or profiling.

6. How we use information

We use the limited data above only to: deliver your encrypted messages, operate and secure the service, and (if you opt in) diagnose crashes. We do not sell your data, and we do not share message content with third parties — we cannot, because it is encrypted.

7. Sharing & legal requests

Because message content is end-to-end encrypted and only transient ciphertext passes through our infrastructure, we have no plaintext messages to disclose. If compelled by valid legal process, we can only provide the limited data we actually hold, which by design excludes the content of your conversations.

8. Your choices and rights

9. Children

Sendant is intended for adults and is not directed to children under 13. We do not knowingly collect personal information from children under 13.

10. Changes

If we change this policy we will update the effective date above and, for material changes, surface a notice in the app or on this page.


Questions about your privacy? Email privacy@sendant.io.