Terms of Service & Privacy Policy

Legal Framework: Terms of Service & Privacy Policy

 

Sovereignty Agreement: By creating an account and utilizing the Zero-Knowledge Messenger (ZKM) ecosystem, you definitively accept this unified legal framework. This architecture permanently shifts the paradigm from “Server-Side Trust” to “Client-Side Certainty.” If you do not agree to these terms of absolute mathematical and sovereign responsibility with your secret messages, please terminate this terminal interface session immediately.

This proprietary platform and software (SaaS) has been developed and is administered by César Ramos (forensic auditor, developer and owner, based in São Paulo, Brazil). The domain is registered and hosted in Brazil (Hostinger).

1. Terms of Service & Operational Boundaries

  • Service Description: ZKM provides a secure, non-custodial cryptographic relay network running AES-256-CBC local browser sandboxed encryption. The network operates strictly as a blind utility tunnel.
  • Subscription Level: Access is structured through tier accounts: Bronze accounts allow testing the ZK Hasher SHA-256 for 7 days (to calculate and verify hashes of documents); Silver accounts (promotional coupon codes) allow testing the ZK Hasher and the ZK Messenger for 7 days; Gold account is a production access to encrypt, send, decrypt and read secret messages. Gold accounts require a unique paid subscription fee, consumed after sending the first secret message. All expired accounts and their corresponding database metadata may be deleted by the system at any time without prior notification.
  • Fixed Lifecycle & Cryptographic Expiration: Every registered account inside the ZKM network has a strict operational lifecycle limited to a maximum of 180 days from the activation date, serving as the universal expiration date for all accounts. Upon reaching this 180-day boundary, the user terminal profile and all linked encrypted relay blobs are automatically deprecated, requiring a manual ecosystem reset to re-establish a secure tunnel with a different username and/or email.
  • Nature of Service & Consumption: In accordance with the Brazilian Consumer Defense Code (Lei nº 8.078/1990), the Gold fee is structured as a single utility license fully consumed and exhausted upon the transmission of the first production message (first secret message) over the cryptographic layer, rather than a time-distributed service. The paid subscription corresponds to a unique fee for sending one or more secret messages. The user explicitly acknowledges that the local activation and generation of the first client-side cryptographic proof constitutes the definitive and full execution of the contract, waiving any claims to partial or time-proportional refunds. After using the service to send a secret message with a Gold account, the user may delete their account or continue to use it (courtesy) for up to 180 days (expiration).
  • Promotional Tokens Silver Coupon Codes: The platform may issue promotional Silver coupon codes or activation tokens at its sole discretion to promote, benchmark, and evaluate the ZK Messenger infrastructure.
  • As Is” Warranty Disclaimer & Limitation of Liability: The platform, architecture, and software infrastructure are provided strictly on an “AS IS” and “AS AVAILABLE” basis, without warranties of any kind, either express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. Under no circumstances shall the developer or owner be liable for any direct, indirect, incidental, special, exemplary, or consequential damages (including, but not limited to, loss of data, loss of profits, cryptographic lockout, or business interruption) however caused and on any theory of liability, arising in any way out of the use of this sovereign system.
  • User Responsibility: Because encryption keys are generated locally via user-provided assets (ZK-Hasher or local password), the user holds absolute and exclusive custody of their keys. Loss of the local document or key seed results in immediate, unrecoverable cryptographic lockout. ZKM cannot reverse, decrypt, or recover any payload. ZKM is blind and has no control over your legible content.

2. Privacy Policy & Data Minimization

  • Zero-Knowledge Storage: The website database does not store, capture, or transmit cleartext messages or raw private keys. The server stores only the Public Proof (encrypted payload blobs) and cryptographic hashes necessary to execute the transmission layer for active accounts.
  • Data Hygiene & Manual Purge: To maintain zero-server footprint, active Gold users are highly recommended to manually execute account deletion and data purges before expiration of accounts.
  • Hardware Isolation: ZKM has zero visibility over terminal hardware. Users are fully responsible for ensuring local endpoint security, including the implementation of secure keyboards (e.g., Florisboard) or using the sovereign CR-APP application to insulate input strings against malicious keyloggers.
  • LGPD Compliance & Sovereign Data Ownership: In strict alignment with the Brazilian General Data Protection Law (LGPD – Lei nº 13.709/2018), the platform enforces absolute data subject sovereignty by ensuring that no personal data processing, profiling, or behavioral logging occurs within the transmission layer. Since cleartext payloads are never accessible to the controller or operator, the user maintains exclusive ownership, and exercising the right to definitive erasure is executed instantly and completely through the native account deletion function.

3. Brazilian Legal Compliance & Forensic Shield

  • Constitutional Framework: In strict compliance with the Brazilian Constitution (Article 5, IV and XII), anonymity is forbidden within the registration layer. Therefore, users must provide active verification data (active email, name, city, country and IP) to use the platform and establish an authorized terminal session.
  • The Forensic Fuse: While the visual interface and Public Ledger maintain absolute data minimization via alias obfuscation, the backend architecture maps authenticated session identities (Email and IP) inside an isolated Private Ledger. This structural barrier creates a legal fuse against illicit behavior or false accusations, fulfilling lawful requirements without exposing the encrypted, unreadable text blocks.
  • Connection Logs & Marco Civil da Internet: In strict compliance with Article 15 of the Brazilian Civil Rights Framework for the Internet (Lei nº 12.965/2014 – Marco Civil da Internet), the platform explicitly retains the access logs (IP address, dates, and connection timestamps) associated with the authenticated registration layer for the mandatory minimum statutory period of six (6) months. This statutory data preservation is restricted strictly to security, identification, and legal compliance purposes, remaining completely isolated from the unreadable cryptographic transmission layer.

Execution & Jurisdictional Authority

This document is governed by the laws of the Federative Republic of Brazil. All cryptographic interactions, digital signatures, and ledger events are anchored dynamically at the moment of terminal node execution.

  • Current Legal Status: Fully Binding.
  • Framework Version: 2026.1 // Minimalist Utility Protocol.