End-to-end encryption (E2EE) means your messages are scrambled on your device before they're sent, and only unscrambled on the recipient's device. Nobody in between, not Thumpr, not your internet provider, not anyone, can read what you wrote.

Think of it like putting a letter in a locked box that only you and the person you're talking to have keys to. Even though Thumpr delivers the box, we can't open it.

Message content

When both you and the person you're chatting with have set up a passcode, your message text is encrypted end-to-end. The content of your messages is unreadable to anyone except you and your conversation partner.

Photos and files sent in chat

Attachments you share in conversations are encrypted on your device before they're uploaded. The files stored on our servers are scrambled data, and we can't view them.

Bundle content

Photos and content shared through Bundles are encrypted. When you share a Bundle in a conversation, the content is protected the same way your messages are.

Your encryption keys

Your passcode generates a unique encryption key that never leaves your device. Thumpr doesn't store your passcode and can't recover it for you.

Your profile

Your display name, photos, bio, and other profile details are not encrypted. This information is visible to other users on the platform and accessible to Thumpr for moderation purposes.

Message metadata

We can see that a message was sent, when it was sent, and between whom, but not what it says. This is similar to how a postal service can see an envelope's addresses and postmark but can't read the letter inside.

Read receipts and delivery status

Whether a message has been delivered or read is not encrypted. This helps us send relevant notifications.

You'll see a lock icon on conversations where end-to-end encryption is active. Here's what the different states mean:

Lock icon visible, both you and the other person have set up encryption passcodes. Your messages are end-to-end encrypted.

No lock icon, one or both of you haven't set up a passcode yet. Messages in this conversation are still protected in transit (like a secure website), but Thumpr can access them on our servers.

This is an honest indicator. We'll always tell you the real encryption status of your conversation.

If either person in a conversation hasn't set up an encryption passcode, messages are still protected while traveling between your device and our servers. However, until both you and your chat partner set up a passcode, these messages are not stored encrypted. We don't review conversations without reported abuse, but we do have the ability to access them.

We believe privacy and safety can coexist. Here's how:

For end-to-end encrypted conversations

• We cannot read your messages or view your shared files.

• We can act on user reports. If someone reports a conversation, we can review the reported content that the reporting user shares with us.

• We can take action based on behavior patterns (metadata), such as a user sending an unusually high volume of messages to many people in a short time.

• We can enforce account-level actions (warnings, suspensions, bans) based on reports and behavioral signals.

For non-encrypted conversations

• We can review message content for community guideline violations when reported.

• We can proactively act on policy violations when necessary.

Revoking encryption for policy violations

If a user's behavior results in a serious violation of our community guidelines, Thumpr reserves the right to reset their encryption keys. This means:

• Their future messages would no longer be end-to-end encrypted. Privacy is a privilege, and we do not support abuse.

• Their past encrypted messages remain unreadable to us. We can't retroactively decrypt old conversations.

We take this step only in serious cases, and affected users are notified.

When you set up encryption, you choose a 6-digit passcode. A few important things to know:

Your passcode is yours alone. Thumpr never sees it, stores it, or transmits it.

Same passcode, any device. Enter your passcode on a new device and your encryption keys are recreated. Your messages stay accessible wherever you log in.

If you forget your passcode, you can reset and start fresh, but messages encrypted with your old passcode will no longer be readable. There's no recovery option. This is by design, not a limitation. It means no one, not even Thumpr, can bypass your encryption.