Privacy Policy

Effective July 12, 2026


amanmaps is a peer-to-peer sharing tool built around a simple idea: the content you share should never touch a server. This policy describes what data our systems process, what we don’t collect, and how the architecture protects your privacy by default.

No accounts. No sign-up. No persistent identity.

There is no user database, no login system, no profile, and no way to identify you across sessions. Each session is a fresh, anonymous pairing between two browsers.

Nothing stored. Zero retention of content.

Message and link content travels directly between your phone and computer via WebRTC — a peer-to-peer encrypted data channel. Our server never sees, logs, or stores any of it.

Peer-to-peer by design.

The signaling server only relays connection setup data (session IDs, SDP/ICE handshake messages) to help the two devices find each other. Once the peer-to-peer channel is established, the server is out of the loop entirely.

Ephemeral on refresh — session dies instantly.

Closing or refreshing either browser tab immediately destroys the session and all associated state on the server. Sessions also expire automatically after 10 minutes of inactivity.

No tracking. No analytics. No cookies.

We do not use tracking pixels, analytics scripts, fingerprinting, or any form of persistent identifier. No cookies are used for tracking purposes.

What the signaling server handles

When you start a session, your browser connects to our signaling server to exchange the information needed to establish a direct peer-to-peer connection. This exchange consists of:

  • A session ID — a random identifier generated by your browser that tells the server which two devices belong to the same session. This ID has no relationship to your identity.
  • SDP handshake data— technical metadata about your device’s network configuration and media capabilities, exchanged briefly during connection setup.
  • ICE candidates — potential network routes between the two devices, relayed so they can find the most direct path to each other.

This handshake data is held in server memory only for the duration of the session. If the session is idle for 10 minutes, or if either device disconnects, all associated data is deleted immediately.

IP addresses

Our signaling server processes IP addresses transiently for two purposes: rate-limiting (to prevent abuse) and facilitating the WebSocket connection. IPs are checked against an in-memory rate limit counter and are not logged or stored beyond the current time window. We do not correlate IP addresses with session IDs or message content — we cannot, because message content never reaches our server.

Separately, WebRTC peer-to-peer connections inherently reveal each device’s public IP address to the other device. This is a structural property of direct peer-to-peer networking, not something we control or store. If you are on a local network, the two devices may connect over your local IPs without any data leaving your network.

Hosting subprocessors

amanmaps uses the following infrastructure providers, which process connection metadata as part of standard web and server hosting:

  • Vercel Inc.

    Frontend hosting

    Hosts the Next.js application that users load in their browser. Processes IP addresses and standard HTTP request metadata for CDN routing and DDoS protection.

    Vercel Inc.privacy policy →
  • Render Services Inc.

    Signaling server hosting

    Hosts the WebSocket signaling server that facilitates peer discovery. Processes connection metadata (IP addresses, timestamps, WebSocket handshake data) as part of standard server operations.

    Render Services Inc.privacy policy →

Why this is different

Most services that let you share content between devices work by uploading your data to a server, storing it (even temporarily), and then sending it to the other device. This means the service provider can see, log, or inspect your content. amanmaps was built specifically to avoid this pattern. By using WebRTC for direct device-to-device transfer, the content never exists on any intermediary — it goes from your phone to your computer, end to end, with no third party in the path.

Contact

For privacy questions, data requests, or concerns, contact:

issameljaouhariel@gmail.com