Privacy Policy

Last updated: Jun 2, 2026

Effective: June 2, 2026

This Privacy Policy explains what data Messages Never Seen collects when you use the public website, why we collect it, how long we keep it, who can see it, and the rights you have. By using the Services you agree to the practices described here.

1. Who is responsible for your data

Messages Never Seen, based in Bergen, Norway, is the data controller. We do not have a public postal address. You can reach us at legal@messagesneverseen.com.

We operate under the EU/EEA General Data Protection Regulation (GDPR) and Norwegian data protection law, overseen by Datatilsynet (the Norwegian Data Protection Authority). Submission data is stored within the EU/EEA. Some third-party services on the public website (see section 6) process data outside the EU/EEA.

2. What we collect

2.1 When you submit a message

Earlier versions of this site said IP addresses were only logged and never stored. That is no longer accurate. We now store the following with every submission:

• Message text and recipient label. The words you write and the name or label you address them to. These become part of the public collection.
• IP address, encrypted. Stored in encrypted form at rest.
• Country, encrypted. A coarse country derived from your IP, stored encrypted.
• IP fingerprint. A one-way hash of your IP used to enforce bans without exposing the address.

We do not ask for your name, email, or account. We have no login for public users.

2.2 When you just browse

Standard web server logs (including IP) are generated to keep the service running and secure, and the third-party services in section 6 collect their own data as described there.

2.3 If you sign up for the daily message

If you give us your email to receive a daily unsent message, we store that email encrypted and use it for one purpose only: sending you one message per day. We do not share it, sell it, or use it for anything else. Every email includes a one-click unsubscribe link, and you can opt out at any time. The legal basis is your consent, which you give by signing up and can withdraw at any point by unsubscribing.

3. Why we collect it, and our legal basis

• Running the service (publishing your message): performance of the service you requested by submitting.
• The daily message (your email): consent, which you can withdraw at any time by unsubscribing.
• Safety and abuse prevention (fingerprint, encrypted IP for bans): our legitimate interest in keeping the platform safe and usable.
• Welfare emergencies (section 5): protecting the vital interests of you or another person, and compliance with legal obligations.
• Analytics and advertising (section 6): consent and/or legitimate interest, as applicable, managed through the third party.

4. Who can see your data

• The public sees only the message text and recipient label.
• Moderators see the message text and recipient label only. They never see your IP address, your country, or your fingerprint. This is enforced in our software.
• The site operator (the controller) can access the stored IP-derived data, only for the safety, ban, and legal purposes in this policy.
• The hosting provider processes data at rest and in transit only as needed to host the service, within the EU/EEA.

We do not sell your data or share it with advertisers beyond the third-party services described in section 6.

5. Welfare and safety escalations

If a submission suggests someone may be in immediate danger, a moderator can raise a welfare escalation. In that case:

• Where we reasonably believe there is a serious and imminent risk to someone's life or safety, we may decrypt and use the stored IP-derived data, and where necessary ask relevant providers or authorities for further information, in order to contact the police or emergency services so a welfare check can happen.
• This is reserved strictly for genuine safety emergencies. It is never used for marketing, analytics, ordinary rule enforcement, or any other purpose.
• Moderators are only told whether an escalation has been handled or not. They are never shown the IP, the country, the identity of anyone contacted, or any detail of how the situation was dealt with.
• We record that an escalation happened and that it was handled, so the team can keep track of open cases, but the sensitive detail is restricted to the controller.

6. Analytics, advertising, and cookies

The public website uses:

• Google Analytics for traffic measurement. It may set cookies and may process data (including IP) outside the EU/EEA. See Google's terms. You can opt out with the Google Analytics opt-out add-on.
• Google AdSense for advertising, which may set cookies for ad delivery and measurement. You can manage interest-based advertising via Your Online Choices and Google Ad Settings.

For transparency: the separate moderation console used by staff uses no analytics, advertising, or trackers, and keeps submitter IP data encrypted and out of moderators' view.

7. How long we keep data

• Published submissions and their encrypted IP-derived data: retained while the submission is part of the collection.
• Removed submissions: held in a recoverable state for 30 days, then permanently deleted.
• Ban records: kept for as long as the ban is in force.
• Daily-message email: kept (encrypted) until you unsubscribe; after that it's marked inactive and not used again.
• Analytics/ad data: retained by the relevant third party under their own policies.

8. Your rights

Under GDPR you can ask us to give you a copy of what we hold about you, correct it, delete it, or restrict or object to how we use it. Because public submissions are anonymous and we hold no account for you, we may need information from you to locate the specific submission (for example, its wording and rough date) before we can act. We may retain the minimum necessary where we have an overriding legal obligation or a live safety matter.

To exercise any right, email legal@messagesneverseen.com. You also have the right to complain to Datatilsynet in Norway, or to your local EU/EEA data protection authority.

For data collected by Google Analytics or AdSense, you may also contact Google directly, as they act as their own controller for that data.

9. Data security

• Submitter IP and country are encrypted at rest; the fingerprint is a one-way hash.
• Access to the stored IP-derived data is restricted to the controller.
• Moderators are technically prevented from seeing IP, country, or fingerprint.

No method of transmission or storage is ever completely secure, and we cannot guarantee absolute security.

10. Changes to this policy

We may update this policy. Changes are posted here with a new date. Please review it periodically.

11. Contact

Messages Never Seen (Bergen, Norway)

• Privacy / legal: legal@messagesneverseen.com
• General: contact@messagesneverseen.com