This Privacy Policy explains how PENA (“we”, “the application”, or “the service”) collects, uses, and protects information related to the use of the PENA (Secure Messenger) application, as well as its websites, features, and supporting services (collectively referred to as the “Platform”).
PENA is designed to provide a secure, private, and fully encrypted communication experience, ensuring that your conversations remain entirely your own.
By installing or using PENA, you are deemed to have read and agreed to this Policy.
Privacy is not just a feature for PENA. Privacy is a fundamental right of every individual and is the fundamental foundation of the entire system we build.
PENA is built on the core principle of privacy. PENA also does not collect user data in any form. The entire system is designed with the highest level of security standards and next-generation encryption technology, including protection against threats that do not exist today
We cannot view, store, or access your messages, and do not have the ability to read or record any communications that occur within PENA. All data and activities are completely under the control of the user.
All messages, communications, and data can only be viewed and stored by you. PENA does not own, does not store, and does not control any information from user activities within this application.
From the beginning, PENA was designed to ensure that full control of communications was in the hands of users, not in the hands of any company, server, or third party.
PENA can be used without:
We believe that secure communication should not depend on identity. Therefore, PENA never asks for data that is not needed.
We are committed to:
We don't know who you are, who you're talking to, or what you're talking about — and we don't want to know.
PENA uses a peer-to-peer (P2P) architecture, which means:
With this approach, the risk of mass surveillance and data leakage can be significantly minimized.
All communications in PENA are protected by:
Only the sender and receiver can read the content of the message. Even we as developers don't have access.
The PENA system is built on the principle of zero-knowledge:
If we don't have your data, then it can't be misused.
When you delete something, the data is permanently lost, without any copies.
To protect your device:
Privacy must not come at the expense of freedom.
We give you complete freedom of communication.
However, we also believe that true freedom always comes with personal responsibility.
PENA does not monitor conversations, but users remain responsible for their actions in accordance with applicable law.
Privacy is not a momentary trend. We are committed to:
We strive to always be transparent about:
Trust is not demanded. Trust is built.
PENA is designed with the principle of data minimization, which is to process only information that is really technically necessary, without compromising user privacy.
PENA is designed with the principle of data minimization, which is to process only information that is really technically necessary, without compromising user privacy.
In general:
PENA does not collect, store or process the following information:
All messages and files are end-to-end encrypted.
Content of communication:
Due to the peer-to-peer architecture, data moves directly between the user's devices.
To ensure that the application can function properly, PENA may process limited technical information, which is non-identifiable, including:
This information:
For Premium services, payments are processed by third-party providers.
PENA:
Payment information is fully subject to the privacy policy of the relevant payment provider.
User-accepted files can be scanned by anti-malware systems.
The scan is performed to:
This process:
All communication data is stored locally on the user's device.
PENA does not provide:
Users can delete data at any time.
Once removed:
PENA does not have a copy of the data to restore.
Because PENA does not collect or store the content of communications, PENA cannot provide user communication data to any party.
Legal compliance is carried out without compromising the principles of privacy and anonymity.
In the event of a change in the type of technical information processed, PENA will:
Changes are effective from the date they are announced.
Messages and calls in PENA are built on one simple principle: only the sender and receiver can know the contents.
PENA does not act as an intermediary that can read, store, or control user communications.
All text messages, voice messages, and files:
Each communication session:
PENA:
Voice calls in PENA are carried out:
All calls are:
PENA does not store:
Messages and calls are delivered directly from the sender’s device to the recipient’s device.
No server:
The risk of mass-scale data exposure is minimized because:
PENA is designed to withstand future computational threats.
The encryption system considers:
Communication keys:
PENA does not:
Temporary technical information is only used to:
This information is temporary and not stored.
Messages may be deleted manually or automatically.
Once deleted:
The Auto-Delete feature ensures messages do not leave a digital trace.
The quality of messages and calls may be affected by:
PENA does not guarantee that:
However, security remains the top priority.
Users are responsible for the content of their messages and calls.
PENA does not moderate, record, or intervene in user communications.
PENA uses data for one primary purpose: to ensure the application operates safely, stably, and functionally — without compromising user privacy.
We do not use data for:
PENA only uses non-identifying technical data necessary to:
This data is:
The content of messages, calls, and files:
End-to-end encryption ensures:
All communications occur directly between user devices.
PENA uses an anti-malware system to:
This process:
Scan results are used locally only to protect the user’s device.
Anonymous technical data may be used to:
Such use is performed without:
Because PENA does not store communication content or user identity, our ability to provide user data is extremely limited.
Legal compliance is carried out only to the extent possible without violating privacy and anonymity principles.
Data related to Premium subscriptions is used only to:
Payment information is handled by third-party providers and is not used by PENA for any other purpose.
PENA:
Our business is not built on your data.
Users have full control over:
Once deleted, data:
In PENA, data fully belongs to the user.
PENA does not claim ownership of:
We only provide the technology — we do not control the data.
All communication data is stored locally on the user’s device.
There is no:
Users are free to:
Users may delete:
Once deleted:
Deletion is instant and final.
PENA provides an Auto-Delete feature.
Users may determine:
This feature helps to:
PENA does not have:
Even under certain conditions:
Every received file:
The anti-malware feature:
PENA does not use:
There is no centralized account that must be closed.
Deleting the application means:
Because PENA does not store user data, requests for:
are technically unavailable.
All control remains in the hands of the user.
Losing a device may result in:
Users are advised to:
We do not hold your data.
We do not control your data.
You are fully in control.
PENA uses a recovery phrase as an account recovery mechanism if a user forgets or loses their password.
The recovery phrase:
PENA does not have technical access to view, store, or recover a user’s recovery phrase. Therefore, PENA cannot assist with account recovery if the recovery phrase is lost or inaccessible.
The user is fully responsible for maintaining the security and confidentiality of their recovery phrase.
During the initial registration process, PENA uses CAPTCHA as a system security measure.
CAPTCHA is used to:
CAPTCHA is not used to identify users and is not intended to collect personal data. PENA does not store identity information generated by the CAPTCHA process.
PENA is committed to protecting the privacy and safety of children in the digital environment. We strictly limit the use of our services to ensure compliance with applicable child protection laws.
PENA is not intended for children under the age of 13, unless legally permitted under applicable laws in the user’s region.
By using PENA, users acknowledge and confirm that:
PENA does not knowingly collect personal data from children, including but not limited to:
Because PENA:
PENA has no technical mechanism to individually identify a user’s age.
PENA does not monitor or moderate user communications because:
Responsibility over a child’s use of the application lies with:
If PENA becomes aware of service use by a child in violation of applicable laws:
Due to PENA’s architecture which does not store data, any actions taken are technical and limited in scope.
Parents or guardians are responsible for:
PENA recommends the use of:
PENA strives to comply with generally recognized child protection principles under applicable laws and regulations, including but not limited to:
However, compliance is implemented without compromising user anonymity and encryption principles.
PENA is not designed to collect children’s data.
We do not build profiles of anyone — including children.
Safety and privacy begin with restriction, not surveillance.
PENA is a Super App built on privacy and high-level security that gives users full control over their communications and transactions. With this freedom, users are required to use PENA responsibly and in accordance with applicable laws.
Users are prohibited from using PENA — including PENA Chat and PENA Wallet — for unlawful purposes, including but not limited to:
PENA respects applicable laws. However, PENA is designed from the beginning with a privacy-by-design approach, which means our technical ability to access or disclose user data is extremely limited.
We cannot provide data that we do not have.
PENA does not store:
All communications:
Technically, PENA cannot read, access, or decrypt user communications — even upon request from any party.
PENA will only respond to law enforcement requests that:
However, our response remains limited by:
In limited situations, and only where technically available, PENA may provide:
PENA cannot and will not provide:
PENA does not provide:
Providing such access would conflict with:
Where legally permitted, PENA reserves the right to:
PENA will not modify the application’s technical design to enable data access.
Each request is evaluated based on:
Compliance is carried out without:
We respect the law.
But we do not store what should not be stored.
User privacy cannot be handed over — because we do not possess it.
PENA is provided “as is” and “as available”.
We do not guarantee that the service will:
PENA does not guarantee that:
Service performance may be affected by:
PENA implements advanced security technology, including:
However, no system is entirely risk-free.
Users understand and accept that:
Because PENA does not store data on servers:
may result in permanent loss of data.
PENA is not responsible for:
All communication content is the responsibility of the user.
PENA:
PENA is not responsible for:
The anti-malware feature is provided as an additional protection layer.
PENA does not guarantee that:
Users remain responsible for:
PENA may rely on:
PENA is not responsible for:
To the extent permitted by law, PENA is not liable for:
PENA does not provide:
Use of the service is entirely the responsibility of the user.
We build secure technology.
But how it is used is entirely up to you.
Use it wisely.
All intellectual property rights contained in or associated with the PENA application, including but not limited to:
Are owned by or legally licensed to PENA and are protected by copyright law, trademark law, and applicable regulations.
PENA grants users a limited, non-exclusive, non-transferable, and revocable license to:
This license is granted solely for lawful personal use, in accordance with these Terms.
Users are prohibited from:
All user-generated communication content (messages, files, media) remains the property of the user.
PENA:
No license to user content is granted to PENA, because PENA does not technically store such content.
If users provide feedback, suggestions, or ideas to PENA:
Feedback is not treated as confidential information unless otherwise stated in writing.
PENA reserves the right to take action against:
Such actions may include:
All rights not expressly granted to the user remain the property of PENA.
This technology is built with great care.
Use it respectfully.
Copyright exists not to restrict — but to protect.
The Terms of Use, Privacy Policy, and all legal relationships between the user and PENA are governed by and interpreted in accordance with the laws of the Republic of Indonesia, without regard to conflict-of-law principles.
This jurisdiction applies to:
These provisions apply regardless of the physical location of the user when accessing the service.
Any dispute, conflict, or claim arising from the use of PENA shall first be settled through deliberation or amicable resolution.
If no amicable settlement is reached, the dispute shall be resolved through a legally authorized forum within the Republic of Indonesia, in accordance with applicable laws and regulations.
Users understand and agree that:
Because PENA:
The execution of certain jurisdictional actions may be technically limited.
Users acknowledge that these limitations are a direct result of PENA’s privacy and security design.
The application of this jurisdiction does not waive or limit users’ rights that are protected under applicable law, as long as they do not conflict with these Terms.
The law remains respected.
But privacy is not compromised.
Jurisdiction operates in harmony with user protection principles.
For privacy inquiries, data requests, or other official matters, please contact: