Privacy Policy

Halflight is a client app for Pixelfed and Mastodon. We do not operate any social-media servers. When you log into a Pixelfed or Mastodon instance from Halflight, your account, posts, follows, profile information, and other social data are stored on that instance's servers, not by us. Each instance has its own privacy policy, which governs your account on that server.

What Halflight stores on your device

• Authentication tokens for the instances you've signed into. These are stored in your device's secure enclave or keystore (Apple Keychain on iOS, Android Keystore on Android). On iOS the keychain accessibility class is WHEN_PASSCODE_SET_THIS_DEVICE_ONLY, which means tokens are not synced via iCloud Keychain, are bound to the Secure Enclave on supported hardware, and are deleted if the device passcode is removed.
• Per-instance OAuth credentials (client identifier and client secret), stored alongside the tokens with the same protection.
• Non-sensitive preferences such as your selected theme, last-viewed feed filters, and list ordering, stored locally in standard app storage.
• A local cache of profile information, posts, and other content you've fetched, so the app doesn't have to re-download everything every time you open it. This cache lives only on your device.

What Halflight sends, and where

API requests go directly to the Pixelfed or Mastodon instance(s) you have signed into. Halflight does not send data to any first-party servers operated by us — we do not run any backend infrastructure.

Federation behavior

When you sign into a Pixelfed or Mastodon instance, the app sends standard ActivityPub-client probes (notably to /.well-known/nodeinfo and /api/v1/instance) to detect server software and feature support. When the home feed shows posts from federated authors on other instances, the app may issue similar probes against those instances to render their custom emoji or feature flags. When you paste a Mobilizon event URL into the composer, the app issues a GraphQL POST to that Mobilizon instance to fetch event metadata. All federation probes share the same User-Agent header (Halflight identifier) and send no authentication credentials. Hosts unable to respond cause the affected feature to silently degrade — your account state and other data are unaffected.

Server discovery

If you tap "Browse open instances" or "Find an instance" from the login screen, the app fetches a directory of public Pixelfed instances from https://pixelfed.org/api/v1/mobile-app/servers/{open,register}.json. If you tap "I forgot my instance," the app opens https://recovery.pixelfed.org/forgot-instance in your device's system browser to start an email-based recovery flow. Both pixelfed.org and recovery.pixelfed.org are operated by the Pixelfed project, not by Halflight.

No analytics, no tracking, no ads, no third-party SDKs

Halflight contains no analytics SDKs, crash reporting services, advertising identifiers, ad networks, or behavioural trackers. The app does not bundle any third-party SDK that transmits data off-device. The only non-instance hosts the app reaches are: (a) the Pixelfed project's server discovery endpoints (pixelfed.org, recovery.pixelfed.org), each only if you tap the corresponding login-screen action, and (b) federated instances reached as a side-effect of rendering remote content you have chosen to view (described above under "Federation behavior"). All other network activity is between your device and the Pixelfed/Mastodon instance(s) you have explicitly signed into.

Platform-level data

The Apple App Store and Google Play may collect their own usage data about app installs, opens, and crashes, independently of Halflight. You can opt out of this at the operating-system level (iOS: Settings → Privacy & Security → Analytics & Improvements; Android: Settings → Google → Ads).

Children

Halflight follows the age requirements of the Pixelfed/Mastodon instance you join. EU/EEA users must be 16 or older; United States users must be 13 or older, in line with COPPA.

Changes to this policy

We may revise this policy. Material changes will be reflected on this page.

Contact

For questions about this policy, email support@halflig.ht.