Privacy Policy & Security Statement

Hangar is built on a "verify, don't trust" model. We are an open-source project, and our code is publicly available on GitHub for audit. We do not operate a backend server to collect your personal data, read your messages, or track your usage.

Authentication & Security

How Credentials Are Stored

When you log in, Hangar receives secure session tokens (JWTs) from the Bluesky network. We store these tokens securely on your local device using the Linux system keyring (via libsecret / GNOME Keyring). This ensures that other applications cannot access your credentials without your permission.

Direct Connection

Hangar is a client, not a platform. When you use the app, it communicates directly from your computer to the Bluesky/AT Protocol network (Personal Data Server). There is no "Hangar Server" in the middle interception your traffic.

Data Collection

We collect zero user data from the Hangar application.

• No telemetry or crash reporting sent to us.
• No usage tracking.
• No bullshit.

Verifiable Builds

You don't have to trust our binaries. You can:

• Audit the source code on GitHub.
• Build the application transparently from source yourself.
• Download official builds from our GitHub Releases or our DigitalOcean Spaces CDN.

Website Infrastructure

While the application is private, this website (hangar.blue) uses standard infrastructure to stay online:

• Hosting: DigitalOcean App Platform (USA).
• Analytics: Fathom Analytics. This is privacy-focused analytics software that is GDPR-compliant, does not use cookies, and does not track personal data.

Contact

If you have security concerns or questions about this policy, please email [email protected] or open an issue on GitHub.