Legal Requests / E2EE Policy

Effective date: May 13, 2026. Legal requests are reviewed through support@appxora.xyz.

Summary

Where end-to-end encryption is active and XORA does not hold the relevant keys, XORA cannot decrypt protected message content. This does not mean XORA ignores lawful requests or that no metadata is ever available.

Encrypted message content

XORA cannot decrypt protected message content where E2EE is active and XORA does not hold the keys.

Data that may be available

Depending on retention, feature use, and legal validity, limited account, device, subscription, payment, support, abuse report, invite, session, operational, or security metadata may be available.

Review process

XORA reviews legal requests for validity, jurisdiction, scope, and proportionality before responding. User notice may be provided when legally permitted and operationally feasible.

AI and translation data

AI Summary and translation handling is designed to keep source text, prompts, model input/output, and provider bodies out of logs, analytics, crash reports, and public website materials.

Legal request summary

If E2EE is active and XORA does not hold the keys, protected message content cannot be decrypted by XORA. Limited retained metadata may be provided when lawfully required.