Terms of Service

Last updated: November 2025

Welcome to Sryptos

These Terms of Service (“Terms”) govern your access to and use of Sryptos (the “Service”, “Platform”, “App”, or “Website”), provided by Sryptos Labs (“Sryptos”, “we”, “our”, or “us”). By accessing or using Sryptos, you agree to be bound by these Terms. If you do not agree, please stop using the Service immediately.

1. Introduction

Sryptos is a modern, encrypted communication platform that allows users to send messages, share media, and make voice or video calls securely and privately. We designed Sryptos to respect your privacy and minimize data collection. You may use the Service either as a Guest User (without registration) or as a Registered User (with an optional linked account). These Terms form a legally binding agreement between you and Sryptos Labs governing your use of our products, software, and services.

2. Eligibility

To use Sryptos, you must:

Be at least 16 years old (or the minimum legal age in your country to consent to online services under local data protection law).
Have the legal capacity to enter into these Terms.
Use the Service only for lawful purposes.

If you are under 16, you may only use Sryptos with parental or guardian consent, and only if permitted under applicable law.

3. Account Types

3.1 Guest Accounts

You may start using Sryptos immediately without providing personal details. By choosing “Guest Login”, a temporary account is automatically generated for you.

Guest accounts are valid for 24 hours.
During this period, your messages and encryption keys remain stored locally on your device.
After expiration, your account and session keys are automatically deleted from the system.

3.2 Registered Accounts

You may optionally create a permanent account by:

Choosing a username and password, or
Linking a third-party account (e.g., Google).

Upon linking, your data and encryption keys are securely associated with your new account.

3.3 Linking and Conversion

You may convert your Guest account to a permanent account at any time before expiration. Sryptos ensures your existing encrypted data remains protected during this process.

3.4 Account Security

You are responsible for keeping your device secure. Sryptos cannot access or recover your private encryption keys — if you delete them or uninstall the app, your encrypted data will become permanently inaccessible.

4. Privacy & Data Protection

Your privacy is central to Sryptos. Our practices are detailed in our Privacy Policy, but key points include:

4.1 Encryption Models

End-to-End Encryption (E2EE): This is the default mode, offering the highest level of security. Keys are generated and stored only on your device, meaning no one else can read your messages. This mode does not support multi-device chat history sync.
Synced AES-256: This optional mode allows you to sync your encrypted chat history across multiple devices logged into the same account. It uses AES-GCM encryption with a master key for secure synchronization.
Voice & Video Calls: All calls use mandatory, built-in WebRTC encryption (DTLS-SRTP).

4.2 Data We Store

We store only limited metadata required for functionality:

Randomly generated user ID (for Guests) or chosen username (for Registered users)
Encrypted message delivery tokens (ephemeral)
Device type and connection information (for debugging)
Optional linked account information (if provided)

We do not store plaintext messages, passwords, or unencrypted media.

4.3 Local Data

All chat content and keys are stored on your device. You may delete them at any time via the Settings → Storage menu.

4.4 Retention & Deletion

Encrypted messages and media on servers (for delivery) are automatically deleted after 30 days.
Guest accounts expire after 24 hours and are permanently erased.
You can delete your account and server-stored data at any time.
Deleted content cannot be recovered.

4.5 Backups

You may choose to back up your encrypted data to your own Google Drive. Backups remain fully encrypted; Sryptos cannot decrypt them.

4.6 GDPR Compliance

For users in the European Union:

You have the right to access, rectify, erase, or export your personal data.
You may withdraw consent or request deletion at any time by contacting us at privacy@sryptos.com.
Data processing is based on user consent (Article 6(1)(a) GDPR) or legitimate interest (Article 6(1)(f) GDPR) where applicable.

5. User Responsibilities

By using Sryptos, you agree to:

Use the Service lawfully and ethically.
Not upload, share, or distribute illegal, harmful, or abusive content.
Not impersonate others, spread misinformation, or engage in harassment.
Not attempt to hack, modify, or reverse engineer Sryptos systems.
Not use automated scripts, bots, or scraping tools without authorization.
Respect local laws and international export regulations.

Violation of these terms may result in suspension or termination of your account (see Section 14).

6. Acceptable Use Policy

You may use Sryptos solely for personal, private, or lawful communication. The following activities are strictly prohibited:

Spamming or unsolicited advertising
Promoting violence, terrorism, or hate speech
Distribution of sexually explicit or harmful materials
Sharing copyrighted or illegal files
Misuse of encryption for criminal activity
Attempting to overload or disrupt the service infrastructure

We reserve the right to investigate and cooperate with law enforcement when legally required under applicable law.

7. Content Ownership

You retain ownership of all messages, media, and files you send through Sryptos. By sending content, you grant Sryptos a limited, non-exclusive, revocable license to store and transmit encrypted data solely for delivery purposes.

We do not claim ownership of your data and cannot view its contents.

8. Intellectual Property

All intellectual property in Sryptos (including trademarks, code, UI design, and documentation) remains the property of Sryptos Labs or its licensors. You may not copy, modify, or distribute any part of Sryptos without prior written permission.

9. Service Availability

Sryptos strives to provide uninterrupted service but cannot guarantee it will always be available or error-free. We may occasionally perform maintenance, updates, or security upgrades that temporarily affect availability.

Sryptos is provided “as is” and “as available” without warranties of any kind.

10. Limits on Sharing and Storage

To maintain system performance and privacy:

Maximum upload size for files and media may be limited.
Maximum duration may apply to voice or video messages.
Old or inactive media are deleted automatically after 30 days.
Excessive usage may result in temporary throttling or suspension.

11. Third-Party Services

If you choose to link a third-party account (e.g., Google), Sryptos will access only the minimal data necessary for authentication. Sryptos does not share your data with third parties except when legally required.

Third-party service providers (such as hosting or push notification providers) are contractually bound to maintain data confidentiality and comply with GDPR.

12. Security Practices

Sryptos uses the Web Crypto API, WebRTC, and other modern encryption standards to protect user data. Despite our efforts, no online service can be guaranteed 100% secure. You are encouraged to:

Use strong device passwords
Keep your app up to date
Avoid sharing sensitive data with untrusted contacts

Sryptos is not liable for losses resulting from unauthorized access to your device or compromised credentials.

13. Reporting Abuse or Security Issues

If you discover a vulnerability, abuse, or security concern, please report it immediately to security@sryptos.com. Responsible disclosures are appreciated and reviewed promptly.

14. Suspension & Termination

We reserve the right to suspend or terminate your account if you:

Violate these Terms or applicable laws
Engage in misuse, spam, or fraudulent behavior
Attempt to compromise our security or encryption mechanisms
Interfere with other users’ rights or safety
Create excessive load or abuse our infrastructure

14.1 Suspension

Temporary suspension may occur when we detect unusual activity, pending investigation. You may receive a warning or notice before suspension where feasible. During suspension, access to the app or certain features may be restricted.

14.2 Termination

We may permanently terminate accounts that engage in repeated or severe violations, are used for criminal or malicious activity, or have been inactive for extended periods. You may terminate your account at any time from within the app settings. Upon deletion, all associated server data is permanently erased and locally stored data remains under your control and responsibility. Sryptos reserves the right to refuse service or reactivation of terminated accounts at its discretion.

15. Limitation of Liability

To the maximum extent permitted by law: Sryptos shall not be liable for indirect, incidental, or consequential damages, including data loss, service interruption, or unauthorized access. We provide the Service “as is,” without express or implied warranties of merchantability or fitness for a particular purpose. You acknowledge that your use of the Service is voluntary and at your own risk. Nothing in these Terms limits liability for death, personal injury, or fraud resulting from our negligence where prohibited by law.

16. Indemnification

You agree to indemnify and hold harmless Sryptos Labs, its affiliates, officers, and employees from any claims, damages, or liabilities arising from your use of the Service, violation of these Terms, or infringement of any rights of another person or entity.

17. Modifications to Service or Terms

We may update, modify, or discontinue portions of Sryptos at any time. We may also revise these Terms periodically to reflect changes in law, features, or business practices. Updated Terms will be posted on the official website and take effect upon publication. Continued use of the Service constitutes your acceptance of the updated Terms.

18. Governing Law & Jurisdiction

These Terms are governed by and construed in accordance with European Union General Data Protection Regulation (GDPR) for EU users, and international privacy and data protection principles applicable to global users. Where permitted by law, disputes shall be resolved under the jurisdiction of the European Union courts or other appropriate venue agreed by both parties.

19. Dispute Resolution

We encourage users to contact us first to resolve any issue informally via support@sryptos.com. If a dispute cannot be resolved, users may pursue remedies under applicable consumer protection or data privacy laws.

20. Severability

If any provision of these Terms is found invalid or unenforceable, the remaining provisions will continue in full force and effect.

21. Entire Agreement

These Terms constitute the complete and exclusive agreement between you and Sryptos regarding your use of the Service, superseding any prior agreements or understandings.

22. Contact Us

For any questions, requests, or concerns regarding these Terms or your privacy rights, please contact us at:

Sryptos Labs
Email: support@sryptos.com
Security: security@sryptos.com
Privacy: privacy@sryptos.com

23. Summary of Key Points (Non-Legal Overview)

Privacy-first: Sryptos collects minimal data and uses end-to-end encryption for all communications.
Guest access: Start chatting instantly — no personal information required.
Your data: You control, export, and delete it anytime.
Retention: Media auto-deletes after 30 days; guest accounts expire in 24 hours.
Fair use: No spam, abuse, or illegal content.
Security: Keep your device safe — Sryptos cannot recover lost keys.
Termination: Accounts may be suspended or deleted for violations or inactivity.
GDPR rights: Access, rectify, delete, or export your data at any time.