TRANSPARENCY REPORT · DSA ART. 24

Transparency Report

This report documents all government authority requests, abuse reports, account suspensions and data disclosures for the reference period. Published in compliance with Article 24 of the Digital Services Act (EU Reg. 2022/2065).

Period: Q1 2026 (Jan 1 – Mar 31) Published: 2026-04-29 Next report: 2026-07-15

HEADLINE FIGURES

Government requests

No requests received in this period

Abuse reports

Received via abuse@deltafoxxx.eu

Account suspensions

For Terms of Service violations

Data disclosed

Records provided to third-party authorities

GOVERNMENT REQUESTS BREAKDOWN

Country	Type	Received	Granted	Rejected
Italy	Standard	0	0	0
Italy	Emergency	0	0	0
Other EU	All types	0	0	0
Non-EU (MLAT)	All types	0	0	0
Counter-terrorism (TCO)	EU Reg. 2021/784	0	0	0

ABUSE REPORTS BREAKDOWN

Category	Received	Actioned	Forwarded to authorities
Harassment / threats	0	0	0
Fraud / scam	0	0	0
CSAM (child sexual abuse)	0	0	0
Terrorist content	0	0	0
Spam / platform abuse	0	0	0
Other	0	0	0

WHAT WE CAN AND CANNOT DISCLOSE

Data we can provide with a valid legal order

Upon receipt of a legally valid request, DeltaFox can provide the following metadata for a specific account:

Username and display name
Registration date and time
Registration IP address (if still in logs)
Last connection timestamp and recent login timestamps
Account status (active, suspended, deleted)

Data we CANNOT provide

By architectural design, the following data is not accessible to the service provider and cannot be disclosed even with a court order:

Text message content (end-to-end encrypted with Double Ratchet)
File, photo, video, audio content exchanged in chats
Audio of WebRTC peer-to-peer calls
GPS location shared in messages (E2E encrypted)
Users' private encryption keys (stored only on devices)
Deleted message history (overwritten irrecoverably)

Architectural note: DeltaFox uses the Double Ratchet protocol (DFXM3/DFXM2) based on X3DH and NaCl, with private keys generated and held exclusively on user devices. The server holds no copy of such keys. Even with full access to the server infrastructure, message content remains undecipherable.

METHODOLOGY & NOTES

How we compile this report

Data is collected from internal system logs and the legal mailbox (lawenforcement@deltafoxxx.eu). Every received request is logged with: receipt date, requesting authority, proceeding reference, outcome, reason for any refusal. Abuse reports are collected from abuse@deltafoxxx.eu and from in-app report mechanisms (when available).

When a non-disclosure obligation is imposed by an authority (gag order), the number of the request is still included in the aggregate count, without specific details.

Publication schedule

The report is published quarterly, within 30 days of the end of the quarter. Historical data remains publicly available for auditing and accountability purposes.

Questions about this report: legal@deltafoxxx.eu