Privacy Policy
Effective date: July 3, 2026
IPTinCan is built for private communication between people who know each other — couples, families, and small communities. Our business is selling private servers, not your data. We do not sell personal information, we do not run ads, and we do not profile you.
1. The short version
- Your messages and media live on your own private server, not in a shared cloud database. Calls are end-to-end encrypted; the media relay cannot read them.
- We (the IPTinCan operators) hold only what's needed to run the platform: your billing account details, your license, and infrastructure telemetry about your server (up/down, version, user counts — never message content).
- Server admins — not us — control who joins a server and can manage the content on it.
2. What we collect, and why
Account & billing (managed hosting customers): your email, the server name you choose, license records, and payment status. Payments are processed by Stripe; we never see or store your full card number. Stripe's privacy policy applies to payment data.
License telemetry: managed servers periodically contact our licensing service with the license key, server version, and current user count, so we can enforce plans and spot outages. This does not include names, messages, or media.
Server contents (your private server): chat messages, uploaded files, recordings you choose to make, and account records for the people the admin invites (display name and an optional email used to deliver the invite). This data is stored in your server's database on a single-tenant virtual machine. Voice and video calls are end-to-end encrypted between participants; the server relays media it cannot decrypt.
Backups: managed servers are backed up nightly (database and media) to protect against outages. Backups are stored in our cloud project, are retained for roughly 14 days, and are deleted automatically. Destroying your server deletes its data; its backups age out within the retention window.
Website: iptincan.com serves static pages and does not use third-party analytics or advertising trackers.
3. Children
IPTinCan servers are often used by families, including children — that is by design, and it shapes how the product works:
- Children cannot sign up for IPTinCan on their own. There is no public registration; the only way onto a server is an invite issued by that server's admin — for a family server, a parent or guardian.
- We treat the inviting admin's action as the parent/guardian's consent for the child to use their private server.
- We collect no more information about a child than the display name the admin sets, and we never use members' data for marketing.
- A parent/guardian admin can review, export, or delete their child's account and content on their server at any time, or contact us at support@iptincan.com to have a server and its backups removed entirely.
4. Who we share data with
Only infrastructure processors, and only what they need to run the Service: Google Cloud (server hosting, backups), Cloudflare (DNS, network security), Stripe (payments), and Resend (transactional email such as invites and receipts). We disclose data beyond that only if legally required, and where lawful we will tell the affected customer.
5. Retention and deletion
- Server contents: retained on your server until you or your admin delete them, or the server is destroyed.
- Backups: ~14 days, then deleted automatically.
- Billing/license records: kept while your account is active and as required for tax/accounting after that.
- To delete everything, destroy your server in the admin portal (or email us) and cancel your subscription.
6. Security
Managed servers use TLS for all connections, end-to-end encryption for calls, single-tenant isolation per customer, and signed licensing. No system is perfectly secure; if we learn of a breach affecting your data we will notify you without undue delay.
7. Your rights
Depending on where you live (e.g. GDPR, CCPA), you may have rights to access, correct, export, or delete personal data we hold about you. Because most personal data lives on your own server under your admin's control, the fastest path is usually your server admin — but you can always reach us at support@iptincan.com and we will help within the timelines the law requires.
8. Changes and contact
We'll post any changes to this policy here with a new effective date. Questions or requests: support@iptincan.com.