XMPP.party Terms of Service / Privacy Policy

Last updated: Friday, November 7, 2025, 4:20PM EST

Terms of Service (TOS)

  1. Acceptable Use Policy (AUP)

    At XMPP.party, we believe in freedom of speech and open communication. While we allow a relaxed stance on what users can discuss and share, all users must comply with applicable laws and refrain from engaging in illegal activities, harassment, spamming, or any actions that disrupt the experience of others. Violation of these guidelines may result in the suspension or termination of your account.

  2. Data Ownership

    Users retain full ownership of the content they create and share through the XMPP.party service. However, by using our service, you grant us permission to store and transmit your data as necessary for providing the XMPP service.

  3. Compliance with Legal Requests

    XMPP.party will only comply with lawful court orders and legal requests as required by law. If we receive such a request, we will make every effort to notify the affected user(s), unless prohibited by law.

  4. Account Termination

    We reserve the right to terminate accounts for any reason, including but not limited to violations of the TOS, abuse of the service, or engagement in illegal activities.

  5. Service Availability and Changes

    We strive to provide continuous service but cannot guarantee 100% uptime. XMPP.party reserves the right to modify or discontinue the service at any time without prior notice.

  6. Changes to the Terms of Service

    We may update this TOS from time to time. Changes will be posted on this page, and the "last updated" date will reflect the most recent changes. Continued use of our service after changes indicates acceptance of the updated terms.

Privacy Policy

Your privacy is important to us. This Privacy Policy explains how we handle your data. Additionally, you can browse the Prosody module documentation to gain a better understanding of our loaded modules.

  1. General Data Management Modules

    Our XMPP server uses the following modules that may impact your data:

    • mod_roster: Stores your contact list (roster) so you can access your contacts across different devices. This data can be read by administrators; you can see similar output to what we would by using the "query private data" adhoc command.
    • mod_vcard4 / mod_vcard_legacy: Manages user profile information, such as avatars and nicknames. You can modify or delete your vCard at any time.
    • mod_private: Some clients offer users the ability to store arbitrary notes or client-specific information on the server, such as chatroom bookmarks. The server stores this information and it can be seen by administrators.
    • mod_pep: Personal Eventing Protocol (PEP) is used for sharing status messages, avatars, and other user-specific information with contacts. You control the data shared with others.
    • mod_bookmarks: Stores the list of your favorite chatrooms and contacts for easy access, enabling you to join them quickly from any device.
    • mod_carbons: Allows message synchronization across multiple devices. This means when you send or receive messages on one device, they are mirrored on your other connected devices.
  2. Security and Privacy Modules

    To protect your data and enhance security, we use the following modules:

    • Security Logging: We log IP addresses in transit for security evaluation and abuse prevention, but do not store them persistently beyond a limited time in RAM.
    • mod_saslauth: Handles user authentication. We use secure methods for password storage (hashed) and authentication, ensuring your password is never stored in plain text.
    • mod_tls: Ensures all communication with the server is encrypted using modern security standards, protecting your data in transit from unauthorized access. We support direct TLS connections with TLSv1.2+ and a modern security profile.
    • mod_blocklist: Allows you to block unwanted contacts, ensuring you have control over who can interact with you.
    • mod_limits: Protects against abuse by rate-limiting certain actions to maintain server stability and prevent spam.
    • mod_tombstones: Ensures that deleted accounts and data leave a record to prevent data re-use but do not retain the actual content.
    • mod_cloud_notify: Pushes notifications to your device when you receive new messages, ensuring you are alerted promptly.
  3. Data Retention and Message Handling Modules

    We strive to be transparent about how your messages and data are handled:

    • mod_mam: Stores your message history for up to 30 days to enable synchronization across devices. After 30 days, all archived messages are permanently deleted.
  4. File Transfer and Media Handling Modules
    • mod_turn_external: Provides access to our TURN server (we use coturn) at turn.xmpp.party. This is used to allow clients behind NAT firewalls to make audio/video calls.
    • mod_proxy65: Provides relay services at proxy.xmpp.party for media sharing (e.g., file transfers) when direct connections are not possible. Similar to mod_turn_external.
  5. Registration and Account Management Modules

    We enable user registration with protective measures:

    • mod_register: Allows users to register accounts using their XMPP client. Registrations are enabled but protected by several security measures.
    • mod_register_limits: Enforces time-based limits between registrations from the same IP address to prevent abuse.
    • mod_block_registrations: Blocks usernames containing offensive terms and requires usernames to contain only simple ASCII characters (letters, numbers, underscores, periods, and hyphens).
    • mod_user_account_management: Allows users to manage their own accounts, including password changes through adhoc commands. Requires current password verification.
    • mod_watchregistrations: Monitors new user registrations, notifying administrators of new accounts created on the server. This data is used solely for monitoring and is not shared.
  6. Anti-Spam and Abuse Prevention Modules

    To maintain a safe and respectful environment, we employ several anti-spam measures:

    • mod_spam_reporting: Allows users to report spam and abuse directly from their XMPP client, helping us maintain service quality.
    • mod_watch_spam_reports: Monitors spam reports to identify patterns and take appropriate action against abusive accounts.
    • mod_report_forward: Forwards abuse reports to server administrators and to the XMPP Blacklist (xmppbl.org) to help maintain a respectful environment throughout the XMPP network. Reports are forwarded to submit@reports.xmppbl.org.
    • mod_anti_spam: Integrates with anti-spam services (xmppbl.org) to proactively block known spam sources and protect users from unwanted communications.
  7. Data Storage

    All server data is stored in a PostgreSQL database with secure authentication. Message archives are automatically purged after 30 days. Account data is retained as long as your account is active. Deleted accounts are marked with tombstones to prevent immediate re-registration.