ORVIA is a free, private chat platform where you can create encrypted chat rooms instantly. No sign-up required — just generate a room code and start chatting. All messages disappear when everyone leaves.

Is ORVIA free to use?

Yes, ORVIA is completely free. There are no ads, no subscriptions, and no hidden costs. Just create a room and start chatting.

Do I need to create an account to use ORVIA?

No. ORVIA requires no sign-up, no email, and no password. Just enter your name and a room code to join instantly.

Are messages on ORVIA encrypted?

Yes. ORVIA uses end-to-end encryption (AES-256-GCM with ECDH key exchange). Messages are encrypted on your device before being sent — not even the server can read them.

Do messages disappear on ORVIA?

Yes. ORVIA is fully ephemeral. When all users leave a room, all messages, files, and data are permanently deleted. Nothing is stored on any server.

Home

Privacy Policy

Last updated: 7 March 2026

Orvia is a real-time chat and collaboration application. We take privacy seriously and aim to be clear about what we collect, how it is used, and what control you have.

What we collect (and don't collect)

We do NOT store any of your data permanently. The app has no database — everything happens in real-time through your browser and server memory.

No permanent storage: Messages, files, usernames, and room data exist only in active sessions and are never saved to a database.
Real-time only: When you send a message or file, it's transmitted in real-time to other users in the room and then discarded.
Analytics: We might use Google Analytics to see how the app is doing (page views, clicks, that sort of thing). It's all anonymous — nothing personal.
Optional features: If you use translation or GIF search, your content goes through those services to work. They handle it on their end, so just keep that in mind when using those features.

New features & privacy

End-to-End Encryption (E2EE v2): When you enable E2EE, your messages are encrypted on your device using room-based encryption before being sent. The server only sees encrypted data and cannot read your messages. Encryption keys are derived from a shared room key using HKDF-SHA256, ensuring all participants in a room can decrypt messages while maintaining forward secrecy.
E2EE Key Storage: Your encryption keys are generated and stored locally in your browser's IndexedDB. Private keys never leave your device. Room keys are securely exchanged using X25519 key agreement.
Speech-to-text: The mic button uses your browser's speech API. Some browsers may use third-party services for transcription — that behavior is controlled by your browser/provider. We do not record or store audio.
Folder uploads: You can drop entire folders. Files are transmitted in real-time to other participants but are NOT stored permanently — they exist only in active memory during the session.
Media uploads: Images and videos are uploaded via HTTP and stored temporarily in server memory (5-minute TTL). They are automatically deleted after expiration.
Permission-Controlled Media Sharing: When sharing media, the sender can restrict who can view and download it. Permissions are stored in server memory (10-minute TTL) alongside the media and are automatically purged when the media expires. Permission checks use an internal session ID (odium), not your username. Non-permitted users see a locked placeholder — no media content is loaded or served to them. All permission enforcement happens server-side; the frontend cannot bypass it.
Watch Together: When you use Watch Together, a YouTube or Vimeo video is embedded via iframe. This means your browser loads content directly from YouTube (Google) or Vimeo, and their privacy policies apply. We do not track what you watch. Sync events (play, pause, seek) are broadcast in real time to other room members and are not stored.
Instant Join Links: Invite links contain a cryptographically signed token (HMAC-SHA256) that encodes the room ID and a timestamp. The token is verified server-side via HTTP. No personal data is embedded in the link — only the room reference and an expiry.
Capability Tokens: Fine-grained permission tokens are generated server-side using HMAC-SHA256 and held in memory. They are tied to a display name and room, not to any persistent identity. Tokens expire automatically and are purged when the room is cleaned up.
Live Presence & Activity: Your online/away/offline status and current activity (typing, recording, uploading) are broadcast to other room members via WebSocket. This data is ephemeral — it exists only while you are connected and is never stored.
Voice & Video Calls: Audio and video streams are routed through a self-hosted mediasoup SFU (Selective Forwarding Unit) embedded in the backend. Media is encrypted in transit using DTLS-SRTP. The server forwards encrypted media packets between participants but does not record, store, or inspect audio/video content. When you leave a call, all your media tracks and transport state are destroyed. Voice room membership, roles, and moderation actions (kick, lock, promote) exist only in server memory and are purged when the room empties.

How we use information

Deliver messages, media, and collaboration features in real-time to room participants.
Route optional features (translation, GIF search, speech-to-text) to third-party APIs when you choose to use them.
Collect anonymous analytics to improve app performance and reliability.

Important: Since we have no database, there is no persistent data to moderate, delete, or backup. Everything is ephemeral.

Third-party services

Google Analytics: We use Google Analytics to collect anonymous usage statistics (page views, clicks, and session activity) to help improve the app. It does not collect personally identifiable information.
Translation: When you translate a message, it goes to a translation service to do its magic. They might see that content, so keep that in mind.
GIF Search: Your GIF searches go to a GIF provider to find you the perfect reaction GIF. Pretty standard stuff.
Browser APIs: Features like speech-to-text and folder uploads use your browser's built-in tools, which might connect to other services depending on your browser.
YouTube / Google: Watch Together embeds YouTube videos via iframe. Your browser loads content directly from YouTube, subject to Google's Privacy Policy.
Vimeo: Watch Together can also embed Vimeo videos. Content loads directly from Vimeo, subject to Vimeo's Privacy Policy.

We're just passing things along — we don't store or keep track of what gets sent to these services.

Data retention (spoiler: none)

Zero permanent storage. We do not retain messages, files, usernames, or any user data after your session ends. Once you close the room or disconnect, your data is gone. There is no database, no backups, and no data to delete.

This means you cannot recover old messages or files — everything is truly ephemeral and private by design.

Security

All traffic is encrypted in transit using HTTPS and secure WebSocket (WSS) protocols.
Messages pass through the server but are never written to disk or a database.
End-to-End Encryption (E2EE v2): Toggle E2EE in the chat header to encrypt your messages client-side. Uses X25519 for key exchange and XChaCha20-Poly1305 for symmetric encryption. Room keys are derived using HKDF-SHA256 for secure key derivation.
E2EE keys are stored locally in your browser's IndexedDB — we never see your private keys.
When E2EE is enabled, the server cannot read message content — only encrypted ciphertext passes through.
Each room has its own encryption context, ensuring message isolation between rooms.
Permission-controlled media access is enforced server-side — non-permitted users receive a 403 response and no media content is served, even if they attempt to bypass the UI.
Voice and video streams are encrypted with DTLS-SRTP between your browser and the server. The server forwards encrypted packets without recording or inspecting content.
Voice room governance (kick, lock, promote) is owner-only and server-enforced — participants cannot escalate their own permissions.

Your choices

End-to-End Encryption: Enable E2EE in the chat header to encrypt your messages. When enabled, only you and recipients can read message content.
Microphone: Control mic permission via your browser settings to enable/disable speech-to-text.
Optional features: Don't use translation or GIF search if you don't want your data sent to third parties.
Analytics opt-out: Use browser ad blockers or tracking protection to block Google Analytics.
Media permissions: When someone shares media with restricted permissions, you will see a locked card if you are not in the allowed list. The sender controls access — ask them to grant you permission if needed.
Voice & Video: Camera and microphone are opt-in. You control when to turn them on. The pin/focus feature is local only — other participants do not see your pinned layout.
Data deletion: Not needed! We don't store anything. Just close the room and your data is gone.

Children & sensitive info

The app is not intended for children under 13. Do not share sensitive personal data (SSNs, payment info, medical records) in chat messages or uploads.

Contact

For questions, data removal concern, or privacy concerns: stormnova04@gmail.com

Changes to this policy

We may update this policy as the app evolves. The "Last updated" date at the top reflects changes. Significant changes will be posted to the Features page.