Murmr

Privacy Policy

Last updated 20 June 2026

If you're reading this, you care about privacy. So do we. murmr is built on Matrix, an open protocol, and run on our own Element Server Suite deployment at murmr.coop— not a third party's. We won't lock you in, surveil you, or monetise your friendships.

Questions: contact@murmr.coop

Current status: closed beta

murmr is in early development. This policy describes how the app works right now, for the small group of people testing it, not a finished public product. The Encryption section below covers a limitation we are fixing before public launch.

Information we collect

  • Account info: your phone number, display name, and avatar.
  • Friend groups: names, descriptions, and member lists (including phone numbers of contacts who don't have murmr yet, if you add them).
  • Events: title, description, date/time, location, link, and attendee list.
  • Location searches: the text you type when setting an event location is sent to OpenStreetMap's Nominatim service to look up the place. We never send your device's GPS location, only what you type.
  • Photos: any avatar or group photo you upload.

All of this is stored on our own Matrix homeserver. We don't run analytics, ad tracking, or anything that profiles you.

Information we don't collect

  • We don't upload your phone contacts. They're read on your device, locally, so you can find friends who use murmr. Only the specific people you add to a group or event get sent to our server.
  • We don't read or upload your calendar. Adding an event to it stays on your device.
  • We don't collect advertising identifiers.
  • We don't sell or share your data with anyone.

Encryption

Right now, during closed beta:group and event data (member lists, descriptions, locations, attendee lists) is stored unencrypted on our server. We can technically read it. It is not exposed to any other server — murmr isn't federated with the wider Matrix network yet.

Before public launch:this data will be fully end-to-end encrypted, so we won't be able to read it either. This is a committed roadmap item, not a maybe. Until then, please don't put anything you'd consider sensitive in event or group descriptions.

Public event links

Creating a public link for an event is opt-in, per event — off by default. If you make one, anyone with the link can see that event's title, time, location, and RSVP count. Not the guest list, not phone numbers.

You have the option to self-host both your Matrix backend and our external RSVP service. Self-hosting changes who's running that server, but public links are public links.

Third parties

Data retention and deletion

  • Leaving a group or event removes your membership going forward.
  • Want your account deleted? Email contact@murmr.coop.
  • Leaving a room doesn't retroactively delete data you already shared with people still in that room.

Security

We use TLS for everything in transit. No system is perfectly secure, and we can't guarantee it — but we'll tell you if something goes wrong.

Children

murmr isn't for children under 16. We don't knowingly collect data from them.

Changes

We'll update this page as soon as we ship a change to the architecture described above — in particular, when we fully encrypt event details.

← Back to home