Privacy Policy
How R-ESM LLC processes data in the StateNull and StateNull-SecoM services. This is a plain-language summary; for questions contact media.supply@statenull.com.
Who we are
The data controller is R-ESM LLC (Royal Enterprise Service Management), 30 N Gould St # 38144, Sheridan, WY 82801, USA (see the Impressum).
What we process
- Account data — your e-mail address, optional display name and @handle, and a one-way (scrypt) hash of your password. Used to create and secure your account.
- Communications & files — your messages, calls and shared files are end-to-end encrypted. Our servers act as a blind relay and store only opaque ciphertext; R-ESM LLC cannot read your content (zero-knowledge).
- Captured media (StateNull-SecoM) — encrypted on your device and uploaded as opaque ciphertext under your own keys.
- Managed devices — on devices enrolled by an organization (MDM), the organization administrator can view device inventory (model, OS, battery, installed-app list, compliance) and issue management actions (e.g. lock/wipe). This is controlled by the organization, not by R-ESM LLC.
- Operational & security logs — minimal logs needed to run the service securely and prevent abuse.
What we do NOT do
- We do not sell or rent your personal data.
- We do not read your end-to-end-encrypted content.
- We do not use your content for advertising.
Security
Transport is TLS with certificate pinning. Content uses AES-256-GCM with a post-quantum hybrid key exchange (ML-KEM) and signatures (ML-DSA). Encryption is on by default.
Retention & your rights
Account data is kept while your account is active; encrypted blobs are kept per your storage settings and removed on deletion. You may request access, correction or deletion of your personal data by contacting media.supply@statenull.com.
Children
The services are not directed to children under 16.
This policy is a baseline summary and should be reviewed by legal counsel before relying on it for regulatory filings.