PUBLIC DISCLOSURES

LEGAL ABOUT US & CORPORATE POLICY

Effective Date: May 22, 2026 • Last Revised: May 24, 2026

This document outlines the corporate background, operational scope, legal intermediary status, and commercial support models of the dynamic communication framework **BlackBox 1:1** operated by **the BlackBox 1:1 Project Operator**.

1. Corporate Status & Platform Scope

**BlackBox 1:1** is an ultra-secure, zero-knowledge, metadata-blind communication platform operated by **the BlackBox 1:1 Project Operator** (hereafter referred to as the "Operator").

The Platform is engineered strictly on decentralized, client-side cryptographic paradigms, integrated with high-fidelity user-controlled privacy widgets—including **dynamic socket-level block lists**, **multi-tier E2EE disappearing message timers** (24h, 7d, seen-based), and **selective one-sided Clear Chat** capabilities. The Operator acts strictly as a data fiduciary and automated transit relay, maintaining zero cleartext databases, zero decryption keys, and zero transactional identity directories.

📝 PLAIN-ENGLISH TRANSLATION: We operate this platform as a secure, metadata-blind communication utility. Because all encryption keys and operations are local to your browser, we have no access to your real-world identity or chat data.

2. Free Service Model & Zero-Advertising Guarantee

To guarantee that secure digital privacy remains universally accessible to all individuals, **BlackBox 1:1** is operated as a completely **free-of-charge** platform. The Operator does not charge subscription fees, license in-app purchases, or lock features behind payment gateways.

**Zero-Advertising Policy:** To ensure a clean, distraction-free user experience and to prevent third-party tracking networks from profiling our users, the Platform enforces a strict **zero-advertising guarantee**. We do not partner with Google AdSense, serve display advertisements, or deploy third-party advertising cookies of any kind.

**Funding Model:** The ongoing network operational costs, sharded database hosting, and high-performance routing servers are 100% self-funded and privately supported by the Operator, ensuring that the platform remains entirely independent, private, and ad-free.

📝 PLAIN-ENGLISH TRANSLATION: The platform is 100% free to use. We do not show ads, we do not use Google AdSense, and we do not track you. We cover the server and database costs out of our own pocket to keep the app clean, fast, and completely private.

3. Regulatory Safe-Harbors & Intermediary Status

Under major digital information frameworks (including the Indian Information Technology Act, 2000, GDPR, and the DPDP Act), the Operator fits the absolute legal definition of an **Electronic Intermediary**.

**Safe Harbor Protections:** In accordance with Section 79 of the IT Act, the Operator receives complete safe-harbor immunity from any liability arising from third-party user communications or encrypted payloads routed through our relays. The Operator does not initiate transmissions, select recipients, or modify any dynamic data in transit.

**Decryption Infeasibility:** While the Operator fully cooperates with valid court-issued subpoenas, legal warrants, and official regulatory notices, we are **mathematically and architecturally incapable** of decrypting or supplying any user conversation data, as the private keys reside exclusively inside user-sandboxed local environments.

**Proactive Data Erasure (7-Day Purge):** To safeguard user privacy and eliminate stagnant metadata, the Platform runs a background scheduler that automatically sweeps and permanently deletes anonymous user accounts that have been inactive for 7 consecutive days. This sweep cascade-erases all E2EE messages, reported abuse history, and associated chats.

**Local Cryptographic Session Timeout (5-Min):** To prevent physical terminal access abuse, the Platform terminates browser-sandboxed E2EE keys after 5 minutes of total user inactivity (warning slides in after 2 minutes and 30 seconds), completely clearing local cookie credentials.

📝 PLAIN-ENGLISH TRANSLATION: We act purely as a transit system. Because we do not hold your keys, we cannot decrypt your chats, even under subpoena. For your security, inactive anonymous accounts are deleted after 7 days, and you are automatically logged out in your browser after 5 minutes of total inactivity.

4. Code Integrity & Brand Protections

The proprietary frontend scripts, styles, layouts, visual designs, assets, and custom Node.js Socket.IO server configurations of this Platform are the exclusive intellectual property of the Operator.

Decompiling, cloning, reverse-engineering, adapters, or public redistribution of the backend and frontend modules is strictly prohibited. The trademark **"blackbox1to1"** and associated logos are fully owned and protected by the Operator.

5. Governing Law & Dispute Resolution

All interactions with this platform, these disclosures, and our related legal policies are governed exclusively by the laws of the jurisdiction hosting our database relays. Any disputes, controversies, or legal claims must be settled through binding, individual arbitration, with a strict waiver of class-action litigation paths in court.

OFFICIAL COMPLIANCE DIRECTIVE

Designated Corporate Operator: the BlackBox 1:1 Project Operator

Official Correspondence Email: support@blackbox1to1.com

Infrastructure Relays: Render Cloud Hosting Web Servers

Persistent Storage Clusters: MongoDB Atlas Sharded Clusters