Your Privacy Matters
WISP is designed from the ground up to minimize data collection. Here's exactly what we do and don't store.
What We Do NOT Store
- IP addresses — never stored in any database table
- Tracking cookies or analytics identifiers
- Third-party scripts, pixels or beacons
- Browsing history or referrer data
- Device fingerprints
What We Do Store
- Account information you provide (username, email) — only if you register
- Paste content you create — under the visibility and expiration you choose
- Session token — required for login, does not contain personal data
Anti-Abuse Without Surveillance
To prevent spam and abuse, we use a daily-rotating SHA-256 hash derived from your connection. This hash cannot be reversed to obtain your IP address. It rotates every 24 hours and is used solely for rate limiting and view-count deduplication. No raw IP is ever written to our database.
Encryption
When you choose the "Encrypted" security mode, your paste content can be protected with end-to-end encryption. Password-protected pastes use bcrypt hashing — we never store your password in plain text.
Data Retention
Pastes are automatically deleted after their expiration period. Self-destruct pastes are permanently removed after the configured number of views. Rate-limit and anti-abuse logs are cleaned on a regular schedule and contain no personal identifiers.
Your Rights
You can delete your pastes at any time. If you have an account, you can delete it and all associated data. We do not sell, share or transfer user data to any third party.
Contact
If you have questions about our privacy practices, contact us at privacy@wisp.cx.