XORA Legal Requests / E2EE Policy

Effective date: May 13, 2026. Legal review required before public launch.

Encrypted message content

Where end-to-end encryption is active and XORA does not hold the relevant keys, XORA cannot decrypt protected message content in response to a legal request. This statement does not mean XORA ignores lawful requests or that no data is ever available.

Data that may be available

Depending on retention, feature use, and legal validity, XORA may be able to provide limited account, device, subscription, payment, support, abuse report, invite, session, operational, or security metadata. XORA reviews legal requests for validity, jurisdiction, scope, and proportionality before responding.

User notice and emergency requests

XORA may notify users of legal requests when legally permitted and operationally feasible. Emergency disclosure handling, if any, must be approved through legal review and documented before production use.

Translation and AI model data

On-device translation is designed so original and translated message text remain on the device and are not uploaded to XORA servers for translation by default. Technical metadata such as language pair and model-pack status may be processed without message text.

This policy is a public-safe operational summary. It is not a substitute for counsel review, law-enforcement portal design, or a formal law-enforcement guideline.

Contact: legal@appxora.xyz. Related pages: Privacy Policy and Terms.