XMPP.party Terms of Service (TOS) / Privacy Policy

Last updated: Thursday, September 26, 2024, 9:03AM EST

Terms of Service (TOS)

  1. Acceptable Use Policy (AUP)

    At XMPP.party, we believe in freedom of speech and open communication. While we allow a relaxed stance on what users can discuss and share, all users must comply with applicable laws and refrain from engaging in illegal activities, harassment, spamming, or any actions that disrupt the experience of others. Violation of these guidelines may result in the suspension or termination of your account.

  2. Data Ownership

    Users retain full ownership of the content they create and share through the XMPP.party service. However, by using our service, you grant us permission to store and transmit your data as necessary for providing the XMPP service.

  3. Compliance with Legal Requests

    XMPP.party will only comply with lawful court orders and legal requests as required by law. If we receive such a request, we will make every effort to notify the affected user(s), unless prohibited by law.

  4. Account Termination

    We reserve the right to terminate accounts for any reason, including but not limited to violations of the TOS, abuse of the service, or engagement in illegal activities.

  5. Service Availability and Changes

    We strive to provide continuous service but cannot guarantee 100% uptime. XMPP.party reserves the right to modify or discontinue the service at any time without prior notice.

  6. Changes to the Terms of Service

    We may update this TOS from time to time. Changes will be posted on this page, and the "last updated" date will reflect the most recent changes. Continued use of our service after changes indicates acceptance of the updated terms.

Privacy Policy

Your privacy is important to us. This Privacy Policy explains how we handle your data, additionally you can browse the Prosody module documentation to gain a better understanding of our loaded modules.

  1. General Data Management Modules:

    Our XMPP server uses the following modules that may impact your data:

    • mod_roster: Stores your contact list (roster) so you can access your contacts across different devices. This data can be read by administrators, you can see similar output to what we would by using "query private data" adhoc command.
    • mod_vcard4 / mod_vcard_legacy: Manages user profile information, such as avatars and nicknames. You can modify or delete your vCard at any time.
    • mod_private: Some clients offer users the ability to store arbitrary notes or client specific information on the server such as chatroom bookmarks. The server stores this information and can be seen by administrators.
    • mod_pep: Personal Eventing Protocol (PEP) is used for sharing status messages, avatars, and other user-specific information with contacts. You control the data shared with others.
    • mod_bookmarks: Stores the list of your favorite chatrooms and contacts for easy access, enabling you to join them quickly from any device.
    • mod_carbons: Allows message synchronization across multiple devices. This means when you send or receive messages on one device, they are mirrored on your other connected devices.
  2. Security and Privacy Modules:

    To protect your data and enhance security, we use the following modules:

    • mod_saslauth: Handles user authentication. We use secure methods for password storage (hashed) and authentication, ensuring your password is never stored in plain text.
    • mod_tls: Ensures all communication with the server is encrypted, protecting your data in transit from unauthorized access.
    • mod_blocklist: Allows you to block unwanted contacts, ensuring you have control over who can interact with you.
    • mod_limits: Protects against abuse by rate-limiting certain actions (e.g., message sending) to maintain server stability and prevent spam.
    • mod_tombstones: Ensures that deleted accounts and data leave a record to prevent data re-use but do not retain the actual content.
    • mod_password_reset: Allows you to reset your password securely in case you forget it. Passwords are reset using a token that generates a link through Prosody's internal web server. Only admins can perform this.
    • mod_filter_chatstates: Reduces the amount of chat state information sent to inactive sessions, optimizing your experience and minimizing unnecessary data transmission.
    • mod_cloud_notify: Pushes notifications to your device when you receive new messages, ensuring you are alerted promptly.
  3. Data Retention and Message Handling Modules:

    We strive to be transparent about how your messages and data are handled:

    • mod_mam: Stores your message history for up to 14 days to enable synchronization across devices. After 14 days, all archived messages are permanently deleted.
    • mod_smacks: Ensures reliable message delivery, even when your connection is unstable. This does not store any message content but helps maintain continuity.
    • mod_announce: Used by administrators to send announcements to all online users. This module does not store message content long-term.
    • mod_uptime: Tracks server uptime for monitoring purposes. This module does not store personal data.
  4. File Transfer and Media Handling Modules:
    • mod_http_file_share: Enables file sharing within chatrooms. Uploaded files are stored temporarily and are removed after 14 days. No logs of uploaded content are kept after deletion.
    • mod_turn_external: Provides access to our TURN server (we use coturn), this is used to allow clients behind NAT firewalls to make audio/video calls.
    • mod_proxy65: Provides relay services for media sharing (e.g., file transfers) when direct connections are not possible. Similar to mod_turn_external.
  5. Administrative and Monitoring Modules:

    The following modules assist administrators in maintaining and managing the server:

    • mod_admin_adhoc: Allows administrators to perform various tasks through ad-hoc commands (e.g., adding/removing users). These actions are logged for security purposes.
    • mod_watchregistrations: Monitors new user registrations, notifying administrators of new accounts created on the server. This data is used solely for monitoring and is not shared.
    • mod_adhoc_account_management: Allows a user to change their own password through adhoc, requires input of current password to use.
    • mod_report_forward: Forwards abuse or issue reports to server administrators for prompt handling. This module helps maintain a respectful environment throughout the fediverse.
  6. Miscellaneous Modules:
    • mod_disco: Provides service discovery features, allowing clients to explore available services and features offered by our server.
    • mod_ping: Helps maintain a connection between your client and the server, ensuring a stable connection. No user data is stored.
    • mod_csi / mod_csi_simple: Implements Client State Indication, optimizing the server's behavior based on your activity state (e.g., active or inactive). This helps reduce data usage but does not store any personal data.
    • mod_invites / mod_invites_adhoc / mod_invites_register: Allows users/admins to generate invite tokens using an XMPP URI scheme.
    • mod_posix: Allows the server to run efficiently on POSIX-compliant operating systems. This module does not impact your personal data.
    • mod_server_contact_info: Provides contact information for server administrators to clients. This module does not handle or store user data.
    • mod_http: Provides basic HTTP services for components such as BOSH and WebSocket connections. This module handles data transmission but does not store user data.
    • mod_websocket: Enables WebSocket connections for real-time messaging. Data transmitted via WebSocket is encrypted and not stored.
    • mod_bosh: Facilitates XMPP connections via HTTP, allowing you to stay connected even when behind restrictive firewalls. Data transmitted through BOSH is encrypted and handled securely.
    • mod_onions: This plugin allows Prosody to connect to other servers that are running as a Tor hidden service. Running Prosody on a hidden service works without this module, this module is only necessary to allow Prosody to federate to hidden XMPP servers.