Sign in Subscribe

Privacy Policy

Last updated: February 26, 2026

Humanjava Enterprises Inc. operates humanjava.com and builds products for the Nostr protocol — including NostrKey, npub.bio, and NostrKeep. This policy covers what data we collect across all of these, how we handle it, and what rights you have.

Website & Newsletter

This site is hosted on Ghost (ghost.org). If you subscribe to our newsletter, we collect your email address — that's it. Ghost collects basic analytics like page views and referrer data. We don't use third-party tracking scripts, advertising pixels, or analytics tools beyond what Ghost provides natively. No Google Analytics. No Facebook pixel. No fingerprinting.

Our Products

NostrKey is a browser extension and mobile app for managing Nostr cryptographic keys. All key material is generated and stored locally on your device. We never have access to your private keys, and no key data is ever transmitted to our servers or anyone else's. The extension is open source — you can audit the code yourself on GitHub.

npub.bio provides identity and verification services on the Nostr protocol. Your profile data comes from your Nostr metadata, which is public by design. We store your NIP-05 verification records and any profile configuration you set through our service. Payment processing for the annual subscription is handled by Stripe — we don't store your card details.

NostrKeep uses zero-knowledge encryption. Your data is encrypted on your device before it ever reaches our infrastructure. We store only encrypted blobs — we can't read your content, and neither can anyone who gains access to our servers. Infrastructure runs on Cloudflare's edge network.

Cookies

We use only essential cookies required for Ghost to function — session management and subscription status. No advertising cookies. No cross-site tracking. No cookie consent popups because there's nothing optional to consent to.

Your Rights & Data Retention

Unsubscribe from the newsletter anytime using the link in any email. For paid products, you can export and delete your data at any time through your account. NostrKeep provides a 90-day grace period after cancellation to export your encrypted data. If you want everything deleted, email us and we'll comply within 30 days.

Third-Party Services

We rely on Ghost for content hosting, Cloudflare for infrastructure and CDN, Stripe for payment processing, and GitHub for open-source code. Each has their own privacy policy. We do not sell, rent, or share your personal data with any third party for marketing or advertising purposes. Ever.

Open Source & Transparency

NostrKey is fully open source. You don't have to take our word for any of the privacy claims above — read the code. Our approach to privacy is the same as our approach to everything else: build things that respect the people using them.

Cryptocurrency Disclaimer

Humanjava Enterprises does not operate, issue, or participate in any cryptocurrency token, coin, or token sale. Our products use cryptographic protocols for identity and security — not for financial instruments. If anyone claims otherwise, they are not affiliated with us.

Contact

Questions about this policy or your data? Reach us at vergel@humanjava.com.