Privacy & GDPR stance

Anymus (anym.us) is built for anonymous, invite-only conversations. Chat messages and attachments stay on your devices (IndexedDB + peer-to-peer exchange); the server only keeps per-room metadata needed for invites and your local settings.

• No accounts or login identifiers
• No cookies beyond the essential anonymous session id and CSRF token
• No analytics, tracking pixels, or third-party ads
• Room metadata stored as simple files (invite token, settings); conversation content is never retained server-side

Each participant must confirm they are 18+ before a room is created. Settings (nicknames, avatars, voice options) live in the room folder (`USER1.settings`, `USER2.settings`) and in your own browser storage for convenience; chat history stays local unless you explicitly export/import it on your device.

For production deployments, configure TURN/STUN servers that you trust, keep TLS certificates current, and schedule the provided `scripts/sweep_expired.py` to run regularly so expired room metadata is removed automatically.

Questions or suggestions? Reach the maintainers via ops@anym.us.