← back to home

privacy policy

Last updated: March 2026. Covers Matrix, XMPP, Lemmy and Search.

1. Privacy-Preserving Transparency

AnonymizedWeb Access Logs
3 DaysLog Retention

2. Service Specific Data

  • Matrix (Chat) Private chats are end-to-end encrypted. I store minimal metadata (room IDs and memberships) necessary for the server to operate, but I cannot read your encrypted message content.
  • XMPP (Chat) Server logs are configured to exclude user JIDs and source IP addresses. I support Message Archive Management (MAM) for device synchronization. While encrypted content (OMEMO) is unreadable by the server, delivery metadata is stored briefly.
  • Lemmy (Social) This is a federated instance. Your posts are broadcasted to other servers. While I can delete data locally, I cannot control it once it reaches external instances. Detailed legal terms are available at lemmy.blehiscool.com/legal.

3. Technical Logs & Anonymization

Nginx logs are configured to mask the last octet of your IP address (e.g., 192.168.1.XXX). These records are used solely for DDoS protection and are automatically purged every 3 days. Public transparency stats never include raw logs, IP samples, or account-level activity.

4. Your Rights

You may export or delete your account at any time through your account settings. For manual "Right to be Forgotten" requests regarding logs or server data, contact me on Matrix: @kat:blehiscool.com.

5. Community Rules

Service usage is governed by the Terms of Service / Code of Conduct, including zero-tolerance rules for illegal content, harassment/hate, and doxxing.

Search — search.blehiscool.com — private self-hosted SearXNG metasearch instance.

1. What Is Processed

The following data passes through the server during a search request but is not persisted to disk or any database:

  • Your search query Forwarded to upstream search engines on your behalf so results can be fetched and aggregated. It is not written to any log.
  • Your IP address Visible to the server during the HTTP request. Nginx access logging is disabled, so your IP is never written to disk or retained after the request completes.
  • Cached results Search results may be held briefly in memory to improve response times. Cache entries are not linked to your IP or any identifier and expire automatically.
  • Rate-limiting counters A Valkey backend stores short-lived, IP-keyed counters used solely to detect and throttle abusive request patterns. These entries are volatile, expire within seconds to minutes, and are never written to persistent storage.

2. What Is Not Stored

  • No query logs Search terms are never written to disk or any database.
  • No IP logs Web server access logging is fully disabled — no IP address is recorded at the server level.
  • No user accounts There is no registration, login, or user profile system.
  • No search history The server retains no record of what has been searched.
  • No persistent identifiers No persistent session tokens or tracking IDs are assigned to visitors.

3. Cookies & Tracking

No tracking, analytics, or advertising cookies are used. SearXNG may set a short-lived browser cookie to remember interface preferences such as theme or language. This cookie is stored locally in your browser, is not transmitted to any third party, and contains no personally identifiable information. No fingerprinting, pixel beacons, or cross-site tracking of any kind are employed.

4. Third-Party Search Engines

SearXNG is a metasearch engine: it queries external search engines (such as Google, Bing, DuckDuckGo, and others) on your behalf and merges the results. When it does so:

  • Your IP is not forwarded Upstream engines see the server’s IP address, not yours.
  • The query is forwarded Your search terms are sent to those engines in order to retrieve results. This is an inherent part of how metasearch works.
  • Third-party policies apply Each upstream engine operates under its own privacy policy. This policy cannot govern how those services handle the queries they receive.

5. Security & Abuse Prevention

To protect the service from automated abuse, the following controls are in place:

  • Nginx rate limiting Limits the number of requests per IP per second at the reverse-proxy layer.
  • Connection limiting Caps the number of concurrent connections from a single IP address.
  • Valkey counters Short-lived in-memory counters enforce additional rate limits at the application layer. This data is volatile and expires automatically — it is not a log and serves no analytical purpose.
  • HTTPS only All traffic is encrypted in transit via Let’s Encrypt TLS certificates.