π Privacy Disclaimers
Written by Russo Β· Updated: July 2025
π No Data Collection
Locanox is privacy-native by design. The app does not collect, log, or transmit any user data under normal operation. All activity, AI prompts, vault files, and wallet keys are stored locally and encrypted on-device using AES-256 and biometric/PIN authentication.
π When Using Online Mode
When you choose to activate online tools (such as relay-based AI chat, syncing, or decentralized file storage), Locanox ensures your privacy through:
π Encrypted Relay Protocol
- All traffic is routed through shielded relays with end-to-end AES + TLS encryption
- IP addresses and device identifiers are stripped automatically
- Timing and headers are randomized to resist metadata fingerprinting
- No relay ever logs or stores session information
ποΈ Decentralized Storage (IPFS)
- Files are encrypted before upload to IPFS
- No filenames, timestamps, or metadata are exposed
- Locanox does not track, index, or link your uploads
- File sharing is manual and based only on content hashes
π‘οΈ Built for Minimal Trust
- No telemetry or analytics
- No cloud fallback or central server dependency
- No automatic sync or background processes
- All features are opt-in and work fully offline by default
π· Image Placeholder
[Insert graphic here: A shield with privacy icons, encrypted data flows, and βzero data collectionβ messaging. Include Locanox branding with transparency indicators.]
π What We Never Collect
Personal Information
- Names, emails, or contact details - not required for any functionality
- Location data - no GPS tracking or IP-based location detection
- Device fingerprinting - no unique device identification beyond local storage
- Biometric data - biometric authentication stays on your device
Usage Analytics
- App usage patterns - no tracking of feature usage or session duration
- Error reporting - no automatic crash reports or diagnostic data transmission
- Performance metrics - no monitoring of app performance or resource usage
- User behavior - no analysis of how you interact with the app
Financial Data
- Transaction history - all wallet activity remains local
- Token balances - no external balance tracking or reporting
- Trading patterns - no analysis of your DeFi activities
- Wallet addresses - no linking of addresses to your identity
π Online Mode Privacy Safeguards
Relay Network Protection
- Multi-hop routing - traffic passes through multiple encrypted relays
- No single point of observation - no relay can see both source and destination
- Ephemeral sessions - relay connections are temporary and disposable
- Zero-knowledge relay operators - relays cannot decrypt your traffic
Data Minimization
- Only necessary data transmitted - minimal information required for functionality
- Encrypted payloads - all data encrypted before leaving your device
- No persistent identifiers - no tracking tokens or session cookies
- Automatic cleanup - session data deleted after use
Metadata Protection
- Header stripping - identifying headers removed from all requests
- Timing obfuscation - request timing patterns randomized
- Size padding - request sizes normalized to prevent analysis
- Protocol mixing - various communication protocols used
π± Device-Level Privacy
Local Storage
- Encrypted vault - all data encrypted with your password/biometrics
- Secure key derivation - cryptographic keys derived from your authentication
- No plaintext storage - sensitive data never stored unencrypted
- Isolation from other apps - data sandboxed from other applications
Network Isolation
- Airplane mode compatibility - full functionality without network access
- Firewall friendly - no unexpected network connections
- VPN compatibility - works with privacy-focused VPNs
- DNS leak prevention - no DNS queries that could reveal usage
β οΈ Important Disclaimers
Your Responsibility
- Backup security - you are responsible for securing your vault backups
- Recovery phrase protection - keep recovery phrases secure and private
- Device security - maintain device-level security (PIN, biometrics, etc.)
- Network security - use secure networks when in online mode
Limitations
- No data recovery - we cannot recover lost vaults or passwords
- No account restoration - no central account system to restore access
- No password reset - vault passwords cannot be reset or recovered
- No support access - we cannot access your data to provide support
Third-Party Risks
- Relay operators - while encrypted, relay operators could theoretically log traffic
- IPFS network - decentralized storage is as secure as the network itself
- Blockchain networks - transaction privacy depends on the blockchain used
- Device manufacturers - device-level security depends on manufacturer implementations
π Cryptographic Standards
Encryption Algorithms
- AES-256 - Advanced Encryption Standard with 256-bit keys
- ChaCha20-Poly1305 - Modern authenticated encryption
- Curve25519 - Elliptic curve cryptography for key exchange
- Argon2 - Password-based key derivation function
Security Protocols
- TLS 1.3 - Latest Transport Layer Security for network communications
- Perfect Forward Secrecy - Session keys cannot be compromised retroactively
- Zero-knowledge proofs - Cryptographic proofs without revealing secrets
- Secure multi-party computation - Collaborative computation without data sharing
π Compliance and Standards
Privacy Standards
- GDPR principles - Built with European privacy regulation principles
- CCPA compliance - California privacy law considerations
- Privacy by design - Privacy considerations built into architecture
- Minimal data principle - Only collect whatβs absolutely necessary
Security Standards
- OWASP guidelines - Following web application security best practices
- NIST cybersecurity framework - Industry-standard security practices
- SOC 2 principles - Security, availability, and confidentiality controls
- ISO 27001 alignment - Information security management best practices
π― Future Privacy Commitments
Ongoing Development
- Regular security audits - Continuous evaluation of privacy protections
- Community feedback - User input on privacy features and concerns
- Transparency reports - Regular updates on privacy practices and policies
- Open source components - Making security-critical code available for review
Privacy Evolution
- Enhanced anonymity - Developing stronger privacy-preserving technologies
- Decentralized identity - Exploring self-sovereign identity solutions
- Post-quantum cryptography - Preparing for quantum-resistant encryption
- Advanced privacy protocols - Implementing cutting-edge privacy research
Remember: Your privacy is our priority. Locanox is designed to work without compromising your personal information, financial data, or digital privacy.