Take a look at the wording here in the platform: private messages / PM are called "conversation" consequently. That points into the right meaning of their overall function.
The platform I'm administrating moved from vbulletin to XenForo 1.5 years ago and besides the clear wording difference we also encountered another XenForo specific concept for conversations which you might want to know early enough...
Beginning a conversation, a person can define if it is allowed to add more participants by every participant any time during the conversation. Additionally, being a "conversation moderator" you may have this "add participant" right even in conversations you aren't the starter and the starter didn't allow initially.
Every participant being added somewhere later during the conversation instantly gets access to the complete conversation thread right back to the beginning of it.
For us, this behavior was really special and we thoroughly discussed the possible effects reducing the "private" character of a message (that time, being vbulletin users, still calling and "feeling" it being a PM).
In the end we actively decided to keep the original "conversation" wording also in our main platform language (de-de) and not to try to keep calling it a PM for user convenience and "wording backward compatibility".
As effect, there were several user questions and discussions to be supported why the h... private message needed to be renamed to conversation but that didn't take too long. Now, the positive effect of everybody being able to realize that a conversation isn't worded or defined "private" because in the end there are several technical possibilities to break the privacy weighs up our initial support effort.
.features: Disabling IP logging in the entire forum for all users (action logging remains, only the IP field will be empty) Disabling IP logging by user in privacy settings Deleting conversation messages some time after sending Conversation by...
Odds are a forum isn't going to bother reading your private messages unless there is a problem that needs to be resolved. With that said there is nothing that would prevent them from doing so. I mean if you have access to the database you can even reverse the passwords used, so don't reuse any passwords