Rhizome
Privacy
Last updated: May 14, 2026.
Controller
Summary
- Profiles, messages, known spaces, keys and files are stored locally in the browser, mainly in IndexedDB.
- The local profile is encrypted with a password chosen by the user; the operator cannot recover it.
- Spaces are joined by invitation or shared secret; Rhizome does not publish a public space catalogue.
- The signaling server does not transport chat messages, files, audio or video.
- The signaling server processes technical identifiers, presence and WebRTC messages needed for peer-to-peer connection.
- Microphone calls, camera, screen sharing and file transfers pass between peers over WebRTC when possible, or through TURN when a direct connection fails.
Processing
| Processing | Data | Purpose | Indicative retention |
|---|---|---|---|
| Local profile | Profile name, display name, user/device identifiers, cryptographic keys, known spaces. | Create a local identity and join invitation-only spaces. | In the browser until deleted by the user. |
| Messages, events and files | Messages, event metadata, file manifests, local blobs and chunks. | Synchronize conversations and transfer files between peers. | In the browser according to the chosen local budget and user deletions. |
| WebSocket signaling | userId/deviceId identifiers, display name, public keys, signatures, presence, voice/camera/screen states, SDP offers and ICE candidates. | Establish presence and enable WebRTC connections. | Mainly in memory during the session. |
| Abuse limitation | IP address and in-memory connection counters. | Limit abuse, protect the server and apply per-IP quotas. | In memory during the connection and rate-limit windows. |
Legal bases
The legal bases must be confirmed by the operator. Operationally, processing needed to provide the service requested by the user may rely on performance of the service; security, abuse prevention and minimal technical metrics may rely on the operator's legitimate interest.
Cookies and local storage
Rhizome does not use advertising cookies or third-party audience measurement trackers in the user application.
The application uses IndexedDB to store encrypted profiles, spaces, events and local files. It uses localStorage to remember the language preference.
WebRTC and peers
To establish a peer-to-peer connection, WebRTC may exchange technical network information between participants, configured STUN/TURN servers and the signaling server. Other participants in the same space may see information needed for presence and connection, such as display name, device identifier and voice/camera/screen-sharing state.
Data subject rights
You may request access, rectification, erasure, restriction or objection to processing concerning you, under the conditions set by applicable regulations.
You may also lodge a complaint with the CNIL.
Local deletion
Data stored in the browser can be deleted from Rhizome's storage settings, by deleting the local profile, or through the browser settings. Encrypted exports remain under the control of the person who keeps them.