← back to home

privacy policy

Last updated: March 22, 2026. Covers Matrix, XMPP, Lemmy and Search.

Quick Navigation

  • Transparency
  • Service Data
  • Technical Logs
  • Your Rights
  • Minimum Age
  • Disclosure
  • Operator
  • Community Rules
  • Search Processing
  • Not Stored
  • Cookies
  • Third-Party Engines
  • Search Security

1. Privacy-Preserving Transparency

AnonymizedWeb Access Logs
3 DaysLog Retention

2. Service Specific Data

  • Matrix (Chat) Matrix supports end-to-end encryption in encrypted rooms and direct messages where enabled by clients and all participants. The server cannot read message content in properly end-to-end encrypted conversations as designed, though encryption depends on client behavior, participant configuration, and protocol limitations.

    The server processes and retains certain metadata required for operation - including room membership, event timestamps, and routing information. Not all Matrix events are end-to-end encrypted; unencrypted rooms and certain system events are accessible to the server operator.
  • XMPP (Chat) Server logs are configured to exclude user JIDs and source IP addresses. I support Message Archive Management (MAM) for device synchronization. While encrypted content (OMEMO) is unreadable by the server, delivery metadata is stored briefly.
  • Lemmy (Social) This is a federated instance. Your posts are broadcasted to other servers. While I can delete data locally, I cannot control it once it reaches external instances. Detailed legal terms are available at lemmy.blehiscool.com/legal.

3. Technical Logs & Anonymization

Nginx logs are configured to mask the last octet of your IP address (e.g., 192.168.1.XXX). These records are used solely for DDoS protection and are automatically purged every 3 days. Public transparency stats never include raw logs, IP samples, or account-level activity.

4. Your Rights

Subject to technical and federation limits, you may request export or deletion of your account through your account settings where the service supports it. For federated services such as Lemmy, deletion removes data from this server but cannot guarantee removal from external instances that have already received it. For manual "Right to be Forgotten" requests regarding logs or server data, contact me on Matrix: @kat:blehiscool.com.

5. Minimum Age

These services are intended for users who are at least 18 years of age. By using these services you confirm that you meet this requirement.

6. Disclosure & Legal Requests

I do not sell or share your data with third parties for commercial purposes. I may preserve or disclose data when required by applicable law, court order, or legal process, or when reasonably necessary to address abuse or security incidents, protect the rights or safety of users, or respond to legal claims. Where permitted by law, I will attempt to notify affected users of such requests. Unencrypted content and publicly federated posts may be accessible to administrators of other servers in the federation.

7. Operator & Jurisdiction

These services are operated by an individual based in the United Kingdom. Server infrastructure is hosted in France (EU). Data is processed as necessary to provide, maintain, secure, and troubleshoot the services described in this policy. By using these services you acknowledge that your data may be stored and processed in France and, where the operator accesses or administers the service, in the United Kingdom. This policy reflects actual practices to the best of my ability and is not formal legal advice.

8. Community Rules

Service usage is governed by the Terms of Service, including zero-tolerance rules for illegal content, harassment/hate, and doxxing.

Search — search.blehiscool.com — private self-hosted SearXNG metasearch instance.

1. What Is Processed

The following data passes through the server during a search request but is not persisted to disk or any database:

  • Your search query Forwarded to upstream search engines on your behalf so results can be fetched and aggregated. It is not written to any log.
  • Your IP address Visible to the server during the HTTP request. Nginx access logging is disabled, so your IP is never written to disk. It may be briefly held in memory solely for rate-limiting purposes (see below), but is not logged, stored persistently, or linked to your queries.
  • Cached results Search results may be held briefly in memory to improve response times. Cache entries are not linked to your IP or any identifier and expire automatically.
  • Rate-limiting counters A Valkey backend stores short-lived, IP-keyed counters used solely to detect and throttle abusive request patterns. These entries are volatile, expire within seconds to minutes, and are never written to persistent storage.

2. What Is Not Stored

  • No query logs Search terms are never written to disk or any database.
  • No IP logs Web server access logging is fully disabled — no IP address is recorded at the server level.
  • No user accounts There is no registration, login, or user profile system.
  • No search history The server retains no record of what has been searched.
  • No persistent identifiers No persistent session tokens or tracking IDs are assigned to visitors.

3. Cookies & Tracking

No tracking, analytics, or advertising cookies are used. SearXNG may set a short-lived browser cookie to remember interface preferences such as theme or language. This cookie is stored locally in your browser, is not transmitted to any third party, and contains no personally identifiable information. No fingerprinting, pixel beacons, or cross-site tracking of any kind are employed.

4. Third-Party Search Engines

SearXNG is a metasearch engine: it queries external search engines (such as Google, Bing, DuckDuckGo, and others) on your behalf and merges the results. When it does so:

  • Your IP is not forwarded Upstream engines see the server’s IP address, not yours.
  • The query is forwarded Your search terms are sent to those engines in order to retrieve results. This is an inherent part of how metasearch works.
  • Third-party policies apply Each upstream engine operates under its own privacy policy. This policy cannot govern how those services handle the queries they receive.

5. Security & Abuse Prevention

To protect the service from automated abuse, the following controls are in place:

  • Nginx rate limiting Limits the number of requests per IP per second at the reverse-proxy layer.
  • Connection limiting Caps the number of concurrent connections from a single IP address.
  • Valkey counters Short-lived in-memory counters enforce additional rate limits at the application layer. This data is volatile and expires automatically — it is not a log and serves no analytical purpose.
  • HTTPS only All traffic is encrypted in transit via Let’s Encrypt TLS certificates.