Privacy Policy

LAST UPDATED: APRIL 2026

1. What OpenedMic Is

OpenedMic is a browser-based live audio and video broadcasting service. A broadcaster opens a room; listeners join by room code, QR scan, or direct link. No installation or registration is required to use the service.

The service consists of a public landing page at https://www.openedmic.com/ and a separate operational application at https://www.openedmic.com/app. The application is designed for browser-first use and is installable on supported devices as a home-screen web application, without requiring distribution through a native app store.

2. No Registration Required

OpenedMic does not require you to create an account, provide an email address, or submit any personal information to use the service. You can create and join live rooms without registration.

3. What We Do Not Collect or Store

The following data is not collected, stored, or persisted by OpenedMic itself in its application logic, analytics systems, or telemetry systems:

• Names, email addresses, usernames, or avatars
• Room codes, room identifiers, or hashed room identifiers
• Raw IP addresses or hashed IP addresses
• Session identifiers or user identifiers of any kind
• Device fingerprints or browser fingerprints
• Chat message content
• Reaction content
• Room passwords
• Copied link text
• Audio, video, or media content of any kind
• Free-text client error messages, raw stack traces, or request bodies
• Any identifier, direct or derived, that can be linked to a person, device, browser, or session

4. Session Data

When you use OpenedMic, the following data is processed temporarily in memory to operate the service. None of it is persisted after the session ends:

• Room codes — randomly generated 6-character codes, held in server memory only for the duration of the room's lifecycle
• Nicknames and avatars — entered voluntarily per session, held in server memory only during the active session, discarded when the room closes
• WebRTC signaling data — SDP offers, answers, and ICE candidates processed in real time for audio/video connection; not retained
• Chat messages — relayed in real time within the room; not stored server-side
• Reactions — relayed in real time; content is not stored or counted in analytics
• Broadcaster reconnect token — a short-lived random string stored in localStorage under a per-room key (om_btoken_[room]) during an active broadcast, used to reattach to the same room after a brief page refresh or transient disconnect. The token carries a client-side expiry of approximately 60 seconds and the server honors a 15-second reconnect grace window. The token is not linked to any account or profile — it is a random value scoped to one room
• Approved Guest Mic state — a per-room state machine (idle / pending / approved / live) and an opaque request token are held in server memory only for the duration of the room. The token is randomly generated, never logged, and discarded as soon as the request is approved, denied, canceled, or times out. No guest identifier is persisted

4a. Approved Guest Mic — Privacy Specifics

When a listener uses the Approved Guest Mic feature, the following privacy properties apply:

• Microphone permission is required and explicit. After the broadcaster approves a request, the listener's browser asks for microphone access. If the listener denies the prompt, the guest mic ends cleanly and no audio is captured.
• Guest audio is transported via WebRTC. It travels peer-to-peer from the guest to the broadcaster, is mixed into the broadcaster's outgoing audio, and is then fanned out as part of the regular broadcast stream. OpenedMic's server does not record, transcribe, or store guest audio.
• The broadcaster's device receives a local-only monitor signal so the broadcaster can hear the approved guest. This monitor plays through the broadcaster's chosen audio output (headphones recommended). It is not transmitted anywhere additional and is not recorded.
• No guest identifier is stored. The broadcaster sees the guest's display name and avatar in the request prompt — these are the same per-session strings already covered in the Session Data list above. They are not persisted server-side and are not written to logs or analytics.
• Guest mic analytics are enum-only. The server records counter events (e.g. guest_mic_requested, guest_mic_started, guest_mic_ended) along with the broadcast mode and an end-reason category. No socket identifiers, no room codes, no usernames, no tokens, no SDP, no ICE candidates, no IP addresses, and no device identifiers are written.

5. Anonymous Operational Analytics

OpenedMic operates a self-hosted, server-side anonymous analytics system backed by a local SQLite database. This system collects strictly non-identifying operational signals to understand product usage, service health, and feature adoption over time. No personal data, no identifiers, and no free text are stored.

What the analytics system stores:

• Timestamps (UTC)
• Event type (e.g. room created, broadcast started, listener joined, feature used)
• Broadcast mode or category selected
• Whether a room was private or public
• Listener count and peak listener count
• Session duration in seconds
• Language/locale setting
• Coarse device class derived from the request (mobile / tablet / desktop / unknown)
• Coarse browser family derived from the request (chrome / safari / firefox / edge / unknown)
• Coarse operating system family derived from the request (ios / android / windows / macos / linux / unknown)
• Join source category (QR code / direct link / manual code / unknown)
• Feature usage indicators (e.g. screen share used, recording started)
• Structured error category codes from a fixed whitelist (e.g. room_not_found, mic_permission_denied)
• PWA interaction signals (e.g. install prompt shown, install accepted, standalone launch detected)
• Server version at time of event

Raw User-Agent strings are never stored. Browser, OS, and device class are derived from the User-Agent at request time; the raw string is discarded immediately after derivation.

All analytics read and reporting endpoints — including the aggregate summary page /stats, the analytics API under /analytics/*, and the operations endpoints /logs, /ops, and /ops/snapshot — are access-controlled behind a bearer token and, in the production deployment, are additionally restricted to a separate operations hostname. None of these endpoints are publicly accessible.

6. Structured Privacy-Safe Error Telemetry

The application includes a lightweight client-side error reporting mechanism. When a technical error occurs in the browser, the application may transmit structured, non-identifying telemetry to the server. This telemetry is strictly limited to:

• Error type category (from a fixed whitelist, e.g. JS_ERROR, UNHANDLED_REJECTION)
• Error family, stage, and surface from fixed whitelists (e.g. "permissions", "browser_api", "app")
• Line and column number of the error
• Coarse browser, OS, and device class (derived from User-Agent; raw UA discarded)
• Language/locale setting

Free-text error messages, raw stack traces, request bodies, source file paths, and any content that could contain user-generated or identifying information are not transmitted and not stored. The client application strips all such fields before sending.

7. Contact Form

When you submit the contact form at openedmic.com/contact.html, your submission is sent to the OpenedMic server for validation. The server validates the format of your submission, records only a minimal anonymous operational signal (a count of successful submissions, with no content), and returns a response to your browser.

The submission content — including your name, email address, subject, and message — is forwarded once to a configured outbound delivery webhook so the service operator can receive and respond to your message, and is then discarded. It is not retained in any OpenedMic database, log file, or analytics system after that forward. The outbound webhook provider's own privacy policy applies to what they store at their end.

If the outbound delivery webhook is temporarily unavailable or has not been configured, the server still does not retain your message: the user interface offers a direct email fallback to hello@openedmic.com so you can reach the operator from your own mail client.

8. Google Analytics 4

Both the public landing page at https://www.openedmic.com/ and the application at https://www.openedmic.com/app use Google Analytics 4 with the following privacy configuration:

• IP addresses are anonymized before processing (anonymize_ip: true)
• No analytics cookies or client-side storage are written to your device (storage: 'none', client_storage: 'none')
• Data is used only to understand aggregate page usage
• It is not used for advertising or individual user profiling

9. Installable Web Application

OpenedMic supports installation as a home-screen web application on supported devices and browsers. When you install the application:

• The application shell is served from the same origin — no app store is involved
• A service worker is registered in your browser to enable reliable loading of static assets (fonts and scripts) and to provide a basic offline message page if connectivity is unavailable
• The service worker does not cache HTML pages or dynamic content. Live session functionality — room creation, joining, audio/video streaming, signaling — requires an active internet connection and is not available offline
• If you dismiss the install prompt, a flag is stored in localStorage on your device to avoid showing the prompt again
• If you launch the application in standalone mode (after installation), an anonymous install engagement signal may be recorded in the operational analytics system

10. Cookies and Browser Storage

OpenedMic does not use advertising cookies or tracking cookies. Browser-side storage is used only for the following functional purposes on your own device:

• Language preference — app (localStorage key: openedmic-app-lang) — remembers your selected UI language in the application across visits
• Language preference — landing page (localStorage key: openedmic-lang) — remembers your selected UI language on the landing page
• Accessibility settings — landing page (localStorage key: openedmic-a11y) — remembers contrast, motion, and font preferences if you change them on the landing page
• Install prompt dismiss flag (localStorage key: pwa-dismissed) — set if you dismiss the application install prompt, to prevent it from appearing again
• iOS install hint dismiss flag (localStorage key: pwa-ios-dismissed) — set if you dismiss the iOS add-to-home-screen guidance, to prevent it from appearing again
• Broadcaster reconnect token (localStorage key: om_btoken_[room]) — stored during an active broadcast only to support brief reconnection after a page refresh or transient disconnect. The stored record carries a client-side time-to-live of approximately 60 seconds; after that it is treated as stale and removed, and the server only honors reconnect attempts within a 15-second grace window

These browser-side storage values are used only for local application functionality, preference restoration, install-prompt suppression, or active-session continuity. They are not used for advertising, profiling, or personal identification. Where the application sends anonymous operational analytics or structured technical telemetry, the current locale may also be included as a non-identifying field.

11. Local Recording

If you use the local recording feature during a broadcast, audio and/or video is captured directly in your browser using the MediaRecorder API and saved to your own device as a WebM file. Nothing is uploaded to any server. OpenedMic has no access to your recordings. You retain full control of any recording you create.

12. Infrastructure and Third-Party Services

• Render.com — origin hosting for the Node.js server. Standard access logs may be generated by the hosting platform per their policies.
• Cloudflare — DNS and DDoS protection. All connections are HTTPS/TLS encrypted. Cloudflare may process connection metadata per their privacy policy. Note: the primary application domain currently operates in DNS-only mode; Cloudflare proxy protection applies to redirect domains.
• Metered.live — TURN relay servers used to facilitate WebRTC peer-to-peer connections when a direct path is unavailable. TURN servers relay encrypted media streams and do not store media content.

13. No Advertising

OpenedMic does not display advertisements and does not share data with advertising networks.

14. Children

OpenedMic is not directed at children under the age of 13. We do not knowingly collect any data from children.

15. Changes to This Policy

This policy may be updated when the service changes. The date at the top of this page reflects the most recent revision. Continued use of the service after updates constitutes acceptance of the revised policy.

16. Contact

If you have questions about this privacy policy, please use the contact page.