MTXGR — Privacy Policy
Last updated: 2026-02-26
This Privacy Policy explains how MTXGR (“Service”) processes personal data when you use
mtxgr.net, matrix.mtxgr.net, and related endpoints.
1) Data Controller and contact
The data controller is the Operator (George N. Melissourgakis). Contact:
gmelis@hermx.org.
2) What data we process
- Account data: Matrix ID/username, account settings, authentication and device identifiers/keys.
- Technical logs: IP address, timestamps, user-agent, and security events (e.g., rate limits, failed logins).
- Usage metadata: rooms you join, message delivery events, and client/server interactions needed to operate the service.
- Content:
In end-to-end encrypted rooms, the server cannot read message content, but it still processes encrypted payloads and related metadata.
In unencrypted rooms, message content may be processed and stored as required for service operation.
3) Why we process data (purposes)
- To provide and maintain the Service (account creation, login, message delivery, federation settings if enabled).
- To secure the Service and prevent abuse (spam, attacks, fraud, and policy violations).
- To comply with applicable legal obligations.
4) Legal bases (EEA/UK)
- Contract: to provide the Service you request.
- Legitimate interests: security, abuse prevention, and service reliability.
- Legal obligation: where required by law.
- Consent: only where specifically requested (e.g., optional features).
5) Retention
We retain personal data only as long as needed for the purposes above.
Security and access logs are kept for a limited period and then deleted or anonymized, unless a longer period is required
for investigation, abuse handling, or legal compliance.
6) Sharing and disclosures
We do not sell personal data. We may share data only:
- With service providers strictly necessary to operate the Service (e.g., infrastructure hosting), under appropriate safeguards.
- When required by law, court order, or to protect the Service and users.
7) International transfers
If data is processed outside your country/EEA, we apply appropriate safeguards where required by law.
8) Your rights (GDPR)
- Access, rectification, deletion, restriction, objection, and data portability (where applicable).
- You may also lodge a complaint with your local data protection authority.
To exercise rights, contact: gmelis@hermx.org.
9) Security
We implement technical and organizational measures to protect the Service. No method of transmission or storage is 100% secure,
but we continuously work to reduce risk and abuse.
10) Changes
We may update this policy by posting a new version on this page with a new “Last updated” date.