Privacy Policy

Last updated: March 2026

What GuardianMesh Does Not See

GuardianMesh is end-to-end encrypted infrastructure. Relay nodes (guardians) transport encrypted bundles but cannot read message content. Specifically:

• Message content is encrypted with the Double Ratchet before leaving your device. No guardian, relay, or intermediary can decrypt it.
• Group messages use MLS (RFC 9420) with TreeKEM. Only group members hold the epoch keys.
• Optional onion routing hides metadata so no single relay knows both sender and recipient.

What Guardians See

Guardian relay nodes process the following metadata to route bundles:

• Destination identity hash (SHA-256 of Ed25519 public key) — not a human-readable identifier
• Bundle ID, TTL, hop count, priority level, and payload size
• Source guardian identity (for federation routing)
• Timestamp of relay events

No precise geolocation is exposed. Public network views show region-level data only, unless an operator explicitly opts in to sharing more.

Data Retention

• Pending bundles are stored only until delivered or until TTL expires, whichever comes first.
• Per-peer bundle stores are limited to 10 MB and 100 bundles maximum.
• Relay receipts are retained for credit settlement, then archived.
• No message content is ever stored by relays — only encrypted bundles in transit.

BLE Mesh Privacy

BLE mesh connections use Ed25519 challenge-response authentication. Your device's BLE service UUID is visible to nearby Bluetooth scanners, but message content is end-to-end encrypted. Mesh forwarding uses LRU deduplication caches that are kept in memory only and cleared on restart.

Admin Portal AI Features

The admin dashboard offers optional AI-assisted analysis (all features disabled by default). When enabled:

• PII, secrets, and identifiable data are never sent to the AI provider.
• A sanitizer with 47 forbidden field names strips all sensitive data before any API call.
• Only SHA-256 hashes of prompts and responses are stored in audit logs — never raw content.

Investor Portal

The investor portal (invest.guardianmesh.ca) collects information necessary for securities compliance:

• Registration data: name, email address, and investor classification.
• KYC (Know Your Customer) verification data as required by applicable securities regulations.
• Subscription and holdings records for share class transactions.

This data is stored in MongoDB with access restricted to authenticated portal sessions. It is not shared with the relay network or AI systems.

Canadian Privacy Law

GuardianMesh Inc. is a Canadian federal corporation. The collection, use, and disclosure of personal information is governed by the Personal Information Protection and Electronic Documents Act (PIPEDA, S.C. 2000, c. 5). You have the right to access, correct, and request deletion of your personal information. To exercise these rights, contact us at the address below.

Contact

Questions about this policy: hello@guardianmesh.ca