Yes, it can be โ and we'd rather tell you that plainly than promise a level of shielding that doesn't actually exist. This is a normal property of how WebRTC establishes a direct connection, not a Chatzyo-specific gap, and there's a real, simple way to reduce it if it matters to you.
For two devices to connect directly โ which is what makes a peer-to-peer call possible in the first place โ each one needs to know how to reach the other across the internet. WebRTC handles this through a process that exchanges "ICE candidates," which include IP address information. It's not an optional step or a bug; it's a structural requirement of establishing the connection at all. Removing it would mean removing direct peer-to-peer connections entirely.
It's worth being precise about which part of this is actually mitigated and which isn't, since it's easy to blur the two together.
Modern browsers โ Chrome and most others, since around 2019 โ automatically hide your private local IP (the kind that looks like 192.168.x.x) using a technique called mDNS during connection setup. This happens at the browser level for any WebRTC site, not something Chatzyo added specifically, but it does genuinely apply while you're using Chatzyo.
The address visible to the outside internet โ the one that could be used to approximate your general location โ is still exchanged as a normal part of the handshake. Nothing about Chatzyo's interface conceals this from a technically capable person on the other side of the call.
There's no button or panel in Chatzyo's own interface that displays the other person's IP address to you โ we don't surface it as a feature. But "not surfaced in our UI" and "technically inaccessible" aren't the same claim, and we don't want to overstate this. Someone with basic technical knowledge and the right tools could potentially observe IP information during a WebRTC session, the same way they could on other platforms that establish direct peer-to-peer connections. This isn't a Chatzyo-specific vulnerability; it's an inherent property of how this category of technology works.
The actual, reliable fix is a VPN. It replaces your real IP address with the VPN provider's address before your connection ever reaches the WebRTC handshake โ so what gets exchanged with the other person is the VPN's address, not yours. This is the one mitigation that genuinely addresses the root issue, rather than working around it.
Incognito or private browsing mode, by contrast, doesn't change IP visibility at all โ it's a different kind of privacy entirely, covered in our incognito mode guide. It's worth using both for different reasons, but neither one is a substitute for the other.
It's a fair question: if direct connections mean IP exchange, why not route everything through a central server instead, the way some other video platforms do? The honest tradeoff is this โ routing video through a central server would mean that server could see, and potentially log, every call that passes through it. We've made the opposite choice: keep video off our servers entirely, which means we genuinely can't access your conversations, at the cost of IP addresses being visible between the two people on a call instead of hidden by an intermediary.
Neither approach is purely better โ they're different tradeoffs between two different kinds of privacy. We think keeping conversations off our servers is the more meaningful protection for what Chatzyo is, but we'd rather you understand the actual tradeoff than assume you're getting both kinds of privacy at once for free.