patrick/sojorn
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
sojorn/PRIVACY.md
Patrick Britton 2f21c3d9a6 license: switch from BSL 1.1 to AGPL-3.0 
- Replace LICENSE file with GNU Affero General Public License v3.0
- Update PRIVACY.md to reference new license
- Add *.ps1 to .gitignore
2026-02-17 00:12:56 -06:00

7.2 KiB
Raw Blame History

Sojorn — Privacy & Data Sovereignty

Effective Date: February 12, 2026 Last Updated: February 12, 2026 Operator: MPLS LLC

Our Philosophy: Privacy as a Sanctuary

Profiting from surveillance is strictly against our principles. We reject the "attention economy" model entirely.

Most social platforms treat your data as their product. They harvest your posts, your photos, your location, your relationships, and your attention — then sell access to the highest bidder. We built Sojorn to prove that a social network can exist without any of that.

Sojorn is a walled garden where your data is not a commodity. We are groundskeepers of this space — not owners of what grows in it.

1. Data Sovereignty

We do not sell your data. We do not license your data. We do not provide your data to third-party analytics, advertising, or data brokerage firms. Your content is not indexed on public search engines. Sojorn is a private community designed to protect your posts and identity from the extractivist economy.

2. What We Collect

We collect only what is technically necessary to operate the Service:

Data Purpose Retention
Email address Authentication, critical account notifications Until account deletion
Birth month & year Age verification (16+ requirement) Until account deletion
Display name & handle Profile identity within the network Until account deletion
Content you create Posts, comments, images, video — displayed to your chosen audience Until you delete it
Approximate location (Beacons only) Community safety incident reporting Ephemeral — not stored permanently
Device push tokens Delivering notifications you have opted into Until account deletion or token refresh

We do not collect:

  • Precise GPS location outside of Beacons
  • Contact lists or phone books
  • Browsing history outside of Sojorn
  • Biometric data
  • Financial information

3. Third-Party Services

Service Purpose Data Shared
Firebase Authentication, push notifications Email, device token
Cloudflare R2 Media file storage (images, video) Uploaded media files
SendPulse Newsletter delivery (opt-in only) Email address
OpenAI / Google Vision Content moderation (hate speech, violence detection) Text snippets and image URLs of public posts only

We do not use third-party tracking pixels, cross-site cookies, behavioral analytics, or advertising SDKs.

AI Moderation Disclosure

Public posts may be analyzed by AI moderation systems to detect policy violations (hate speech, violence, spam, NSFW content). This analysis:

  • Is performed only on content you post publicly or within groups.
  • Does not apply to end-to-end encrypted messages or capsule content.
  • Does not train AI models on your content — we use pre-trained safety classifiers only.
  • Is subject to human review before permanent moderation action.
  • Produces an audit trail visible to administrators for accountability.

4. Zero-Knowledge Encryption

Private messages and encrypted capsule content are protected by end-to-end encryption (E2EE) using keys generated on your device. Your encryption keys are wrapped with a passphrase only you know and stored as an opaque encrypted blob on our servers. We cannot decrypt your private content. We cannot comply with requests to produce content we cannot read.

5. Your Right to Vanish

You have the absolute right to delete your account and all associated data at any time.

When you delete content or your account, we perform hard deletes:

  • Database records are permanently removed (not soft-deleted).
  • Media files (images, video) are permanently removed from storage buckets.
  • Encryption key backups are permanently removed.
  • We do not retain shadow copies, hidden archives, or behavioral profiles.

When you leave, you leave.

6. Anti-Extraction Commitment

MPLS LLC will never:

  • Use your content to train artificial intelligence or machine learning models.
  • Sell, license, or share your content with data brokers or advertisers.
  • Build advertising or behavioral profiles from your activity.
  • Provide "data partnerships" or "audience insights" products derived from your content.

7. Right to Livelihood

If MPLS LLC ever wishes to feature your content in promotional materials outside of the Sojorn app interface, we must contact you directly, offer financial compensation, and receive your explicit written consent. See Section 4.5 of our Terms of Service for full details.

8. Anti-Scraping

We actively defend against unauthorized commercial harvesting of user content through rate limiting, authentication requirements, and automated abuse detection. Unauthorized scraping of Sojorn content is a violation of these Terms and may be pursued under the Computer Fraud and Abuse Act (CFAA).

9. Law Enforcement

We will comply with valid legal process (court orders, subpoenas) as required by law. However:

  • We will notify affected users unless legally prohibited from doing so.
  • We cannot produce end-to-end encrypted content (we do not have the keys).
  • We will challenge overbroad or legally deficient requests.
  • We will publish a transparency report annually documenting any government data requests received.

10. Children's Privacy

Sojorn is not intended for users under 16. We do not knowingly collect data from children. If we discover that a user is under 16, we will delete their account and all associated data.

11. International Users

Sojorn is operated by MPLS LLC from the United States. If you are accessing the Service from the European Union, your data is processed in the United States. We apply the same privacy protections to all users regardless of jurisdiction.

12. Changes to This Policy

We will notify registered users via email and in-app notification of any material changes to this Privacy Policy at least 30 days before they take effect.

13. Contact

For privacy concerns: privacy@sojorn.net For legal inquiries: legal@mp.ls

Why We Chose This Model

Right Livelihood for Creators

Our source code is published under the GNU Affero General Public License v3.0. We share our code so that users, security researchers, and the public can verify that we honor every commitment in this document. We chose this license because it ensures that all modifications — including those running on network servers — remain open and available to the community.

We call this Right Livelihood for Creators — we share our work for your safety, and we protect user freedom so we can remain independent and never need to monetize your attention or your data.

Privacy as a Sanctuary

Every technical decision we make is measured against a simple question: Does this protect or erode the sanctuary?

  • We chose E2EE for private messages — because a sanctuary has walls.
  • We chose hard deletes — because a sanctuary does not hoard what you discard.
  • We chose AI moderation with human review — because a sanctuary has guardians, not surveillance cameras.
  • We chose no advertising SDK — because a sanctuary is not a billboard.

MPLS LLC — Groundskeepers, not owners.