Your Data, Architected.
A transparent ledger of how Metrino Pro processes, protects, and respects the information entrusted to our infrastructure. This isn't legalese—it's a technical specification for trust.
data_retention: "90_days",
encryption: "AES-256-GCM",
third_party_sharing: false,
audit_log: "immutable"
};
Zero-Knowledge Architecture
Metrino Pro operates on a strict principle of data minimization. We do not store message payloads on our servers. Your data flows from client to client; our infrastructure only routes metadata required for delivery—the "who," "when," and "where," never the "what."
For account management, we collect only the email address necessary for authentication. All personal identifiers are hashed and salted. We have no visibility into your raw data, and we prefer it that way.
Retention Schedule
- Authentication Logs 30 Days
- Delivery Metadata 90 Days
- Deleted Accounts Immediate
Information We Process
To maintain the integrity of the Metrino Pro network, specific operational data is processed. This is a technical breakdown of that data flow.
Account Credentials
Email address and salted password hash. Stored via Argon2id. We do not know your password.
Routing Metadata
Timestamps, source/destination IDs, QoS levels. Required for network reliability. Aggregated and anonymized after 24h.
Device Identifiers
Session tokens generated per client. Used for maintaining persistent connections. Refreshed every 6 hours.
Key Terminology
The actual message content. Metrino Pro does not log, store, or inspect payloads.
Envelope data (timestamps, routing). Essential for network health, stripped of personal context.
Random data added to your password before hashing. Prevents rainbow table attacks.
Quality of Service. Determines delivery guarantees (At most once, At least once, Exactly once).
"We treat data like a liability, not an asset. If we don't need it, we don't keep it. Our infrastructure is designed to be resilient to subpoenas by simply having nothing to hand over."
— Metrino Pro Security Policy v2.4Constraints
- 01. We cannot comply with requests for message content because it is technically impossible (E2E encryption).
- 02. Traffic analysis is limited to 24-hour rolling windows.
- 03. EU data residency is default for all accounts.
Trade-offs
- Speed → Privacy. No data mining means slower analytics.
- Flexibility → Security. We cannot reset your password; only email recovery.
- Support → Anonymity. We cannot see your specific config errors.
⚠️ Common Pitfall
Do not use Metrino Pro for storing PII (Personal Identifiable Information) in message bodies. While the transport is secure, the payload remains the user's responsibility.
Status: Expected Behavior • Severity: Medium • Workaround: Use client-side encryption
Questions about your data?
Our Data Protection Officer handles all inquiries regarding privacy, deletion requests, and compliance. Reach out directly for a human response.