Messages that leave no trace.
A device you control completely.
Messages are encrypted on your device before they leave it. Our servers process ciphertext they cannot decode. Signal Protocol. True E2EE.
One tap. Four seconds. Permanently and irrecoverably.
Separate contacts into independent encrypted boxes. Each box is its own communication channel — siloed, private, no cross-contamination.
Set conversations to auto-delete after 24 hours, 7 days, or 30 days. Per-chat overrides. Messages destroy themselves on both ends.
No phone number. No email. No name. You activate with a one-time code from your administrator. There is no account to trace you back to.
Each access code binds permanently to one physical device via hardware fingerprint. No cloning. No sharing. One code, one machine, always.
Echo operates on a closed network. Access is reviewed and granted — not purchased or self-registered.
Fill in the form below. Tell us who you are and how you intend to use Echo.
If approved, you'll receive a one-time activation code delivered through a secure channel.
Download Echo, enter your code, and your device is live. No accounts. No setup. Instant.
Complete the form and we'll review your request. All submissions are handled privately.
We've received your application. If your request is approved, you'll be contacted through the channel you provided. This may take a few days.
Available on Android and iOS. You'll need an administrator-issued access code to activate.
Echo is built on Swiss infrastructure and governed by Swiss law — one of the strongest privacy jurisdictions in the world.
Echo's entire server infrastructure is hosted exclusively in Switzerland. Switzerland operates outside EU and US jurisdiction, is not a member of the Five Eyes, Nine Eyes, or Fourteen Eyes intelligence-sharing alliances, and enforces some of the most stringent data protection laws in the world under the Swiss Federal Act on Data Protection (nDSG). No foreign government authority can compel Echo to hand over user data through standard international channels.
Echo servers are deployed on dedicated hardware within Swiss data centres operating under ISO 27001 certification. All data at rest is encrypted using AES-256. All data in transit is protected by TLS 1.3 with forward secrecy. Our infrastructure uses zero-knowledge relay architecture — messages pass through our servers in encrypted form that we cannot decrypt under any circumstance, including legal requests.
Message encryption is handled entirely on the user's device using the Signal Protocol — the same cryptographic foundation trusted by security researchers worldwide. Public keys are exchanged directly between devices. Our servers never hold private keys, never participate in the key exchange, and have no mechanism to decrypt message content. Even in the event of a full server compromise, message content remains protected.
Echo implements a multi-layer device security model. Each device is assigned a permanent public Echo ID and a hidden hardware fingerprint bound at activation. Authentication uses rotating access codes rather than passwords — there are no credentials to steal, phish, or brute-force. Biometric authentication and PIN enforcement add a physical access layer independent of network security. Failed authentication attempts trigger automatic lockout with configurable escalation to full wipe.
Echo's killswitch is engineered for total, irreversible data destruction. Upon activation, the application immediately terminates all active connections, purges all local message stores, destroys local encryption keys, and sends a signed destruction command to our Swiss servers. Server-side, all records, session tokens, queued messages, and device entries associated with the device are permanently deleted within four seconds. No backup exists. No recovery is possible. This is intentional by design — not a limitation.
Beyond what is strictly required for message routing — the encrypted payload and destination device ID — Echo collects nothing. We do not log connection timestamps, message frequency, contact graphs, or usage patterns. Our servers are architecturally incapable of building a metadata profile of any user, because we do not store the data required to construct one.
Echo's security architecture is under continuous development. Planned enhancements include sealed sender messaging (concealing sender identity even from routing infrastructure), post-quantum cryptographic primitives as they reach production maturity, decentralised key verification to eliminate any remaining trust in our servers, and optional self-hosted server deployment for organisations requiring full infrastructure sovereignty.
Echo is a private encrypted messaging service operated by Echo Technologies, headquartered in Switzerland. References to "Echo", "we", "us", or "our" refer to this entity. For data protection inquiries: privacy@echo.app
Echo is architected around a single principle: we do not collect personal data. We do not ask for, store, or process your name, email address, phone number, date of birth, postal address, IP address logs, or any other conventional personal identifier.
When you activate Echo, your device generates a hardware-bound fingerprint. This fingerprint is stored exclusively on your device and is used solely to bind your access code to that physical machine. It never leaves your device and is never transmitted to our servers.
Message content is encrypted on your device before transmission using end-to-end encryption. Our servers relay and temporarily buffer encrypted payloads that we cannot read, decipher, or access under any circumstance. No message content is stored in plaintext at any point.
We do not use analytics, tracking pixels, advertising SDKs, or third-party data processors that receive your information.
Our servers are located in Switzerland and are operated under Swiss jurisdiction. We do not transfer personal data to third countries. In the limited technical sense that IP addresses may be processed at the network layer during connection routing, this data is not logged, stored, or associated with user accounts.
We may collect aggregate, anonymised telemetry — such as total message throughput or server load — that contains no individual-level data and cannot be reverse-engineered to identify any person.
Encrypted messages in transit are stored on our servers only until successfully delivered to the recipient's device. Following delivery, they are purged from our infrastructure. If a device is offline, messages are held in encrypted form for up to 30 days, then permanently deleted. Disappearing message timers set by users are honoured on both ends independently of server-side deletion.
When a user or administrator activates the killswitch, all server-side data associated with that device — including any queued encrypted messages, session keys, and device records — is immediately and permanently destroyed. This process is irreversible. Local device data is also wiped by the application. We retain no backup or recovery mechanism for destroyed data.
Under the Swiss nDSG and, where applicable, the GDPR (Articles 15–22), you have the right to:
Because we hold no personal data tied to your identity by design, many of these rights are inherently satisfied by our architecture. To exercise any right or submit a data inquiry, contact privacy@echo.app.
This website does not use cookies, tracking scripts, or any form of behavioural analytics. No data is collected during your visit to this page.
This Privacy Policy is governed by Swiss law. Any disputes shall be subject to the exclusive jurisdiction of the courts of Zurich, Switzerland.
We may update this Privacy Policy from time to time. Material changes will be communicated via the application or this page. Continued use of Echo following an update constitutes acceptance of the revised policy.
By installing, activating, or using the Echo application, you agree to be bound by these Terms of Service. If you do not agree to these terms, do not use Echo. These terms constitute a legally binding agreement between you and Echo Technologies.
Echo is a private, encrypted messaging platform accessible exclusively to individuals who have been issued a valid access code by an Echo administrator. Echo provides end-to-end encrypted messaging, group communication, and related privacy features as described in the application.
Access to Echo requires a one-time access code issued by an authorised administrator. The service is not publicly available. You must be at least 18 years of age to use Echo. By using the service, you represent that you meet this requirement.
Access codes are personal, non-transferable, and bound to a single physical device upon activation. Sharing, selling, or distributing access codes is strictly prohibited and will result in immediate termination of access.
You may use Echo solely for lawful private communications. You agree not to use Echo to:
Administrators who issue access codes are responsible for the conduct of the users to whom they issue codes. Administrators must not issue codes to minors or individuals they have reason to believe will use Echo for unlawful purposes. Echo Technologies reserves the right to hold administrators liable for foreseeable misuse within their administered network.
Echo Technologies reserves the right to terminate or suspend access to any device at any time, without notice, for any reason including but not limited to violation of these terms, suspected illegal activity, or abuse of the platform. Termination results in permanent destruction of all associated data. No refund or recovery is possible after termination.
You may terminate your own access at any time by activating the killswitch. This action is permanent and irreversible.
The Echo application, its interface, underlying technology, and all associated intellectual property are owned exclusively by Echo Technologies. You are granted a limited, non-exclusive, non-transferable licence to use the application subject to these terms. This licence does not transfer ownership of any intellectual property to you.
Echo is provided "as is" and "as available" without warranties of any kind, whether express or implied. We do not warrant that the service will be uninterrupted, error-free, or free from vulnerabilities. While we implement industry-leading security measures, no system is entirely immune to risk, and we make no guarantee of absolute security.
To the maximum extent permitted by applicable Swiss law, Echo Technologies shall not be liable for any indirect, incidental, special, consequential, or exemplary damages, including but not limited to loss of data, loss of revenue, or loss of business, arising from your use of or inability to use Echo, even if we have been advised of the possibility of such damages.
Our total aggregate liability to you for any claim arising under or in connection with these terms shall not exceed CHF 100.
We reserve the right to modify these Terms at any time. Where changes are material, we will provide reasonable notice via the application. Continued use after notice of changes constitutes acceptance.
These Terms of Service are governed exclusively by Swiss substantive law, excluding conflict-of-law provisions. Any dispute arising from or relating to these terms or your use of Echo shall be submitted to the exclusive jurisdiction of the courts of Zurich, Canton of Zurich, Switzerland.
For legal inquiries: legal@echo.app
Questions, technical support, or security disclosures — reach out directly.