Privacy Policy

Private by design, not by marketing.

This page explains what mknoon handles, what it does not collect, and how the app is built to keep your messages and identity under your control.

Effective date: March 20, 2026 Developer: Saleh Elsayed

MKnoon is a peer-to-peer messaging application developed by Saleh Elsayed. This policy explains what data the app handles, how it is protected, and your rights.

Our core principle: MKnoon is designed so that your messages stay private. All messages are end-to-end encrypted, no one, including the developer, can read them. We collect no personal information, run no analytics that track individuals, and display no ads.

1. Data We Do Not Collect

  • No account registration. MKnoon does not require a phone number, email address, or any personal information to use the app.
  • No individual tracking or profiling. We do not track individual users, build behavioral profiles, or use analytics SDKs that identify individuals.
  • No ads. MKnoon does not display advertisements and does not share data with advertisers.
  • No contact list upload. MKnoon does not access or upload your phone contacts.
  • No message content access. All messages are end-to-end encrypted. The relay server may temporarily hold encrypted messages for offline delivery but cannot read their content.

2. Data Stored on Your Device

All user data is stored locally on your device and encrypted:

  • Identity keys. A cryptographic key pair is generated on your device during setup. Your private key never leaves your device.
  • Recovery phrase. A 12-word mnemonic is generated for account recovery. It is stored in your device's secure storage (iOS Keychain / Android EncryptedSharedPreferences).
  • Messages and contacts. Stored in an encrypted local database (SQLCipher with a random 256-bit key held in secure storage).
  • Media files. Images are stripped of EXIF metadata, including location data, before sending.

3. End-to-End Encryption

MKnoon uses post-quantum end-to-end encryption (ML-KEM-768 with AES-256-GCM) for messages. This means:

  • Messages are encrypted on your device before transmission.
  • Only the intended recipient can decrypt them.
  • No one else, including the developer, can read your messages.
  • Encryption is always on and cannot be disabled.

4. Relay Server and Data in Transit

MKnoon uses libp2p for peer-to-peer communication. When both you and the person you are messaging are online, your messages travel directly between your devices, the relay server never sees them, not even in encrypted form. The relay server is only involved when the recipient is offline.

When the relay is involved, it:

  • Cannot read your messages. All message content is end-to-end encrypted before reaching the relay.
  • Temporarily stores encrypted messages only when the recipient is offline. Messages are deleted from the server once retrieved by the recipient, or automatically after 7 days, whichever comes first.
  • Temporarily stores encrypted media (images, files) for delivery. Media is deleted after download or after 7 days.
  • Stores your profile picture if you choose to set one. Your profile picture is not encrypted and can be downloaded by your contacts. You can delete your profile picture at any time through the app.
  • May temporarily see IP addresses of connected devices as part of normal network operation. IP addresses are not logged or stored.

5. Push Notifications

MKnoon uses Firebase Cloud Messaging (FCM) to deliver push notifications when you receive a message while the app is closed. This involves:

  • A device token generated by Google (Android) or Apple (iOS) to route notifications to your device.
  • This device token is stored on the relay server so notifications can be delivered when you are offline. The token is associated with your device's pseudonymous peer ID, not with any personal information.
  • Notification content is minimal (a generic "new message" alert) and does not contain message text.
  • You can opt out of push notifications at any time through your device settings. Unregistering removes your token from the relay server.
  • Firebase is operated by Google. Their privacy policy applies to the FCM service: Google Privacy Policy.

6. Aggregate Service Metrics

To understand overall service health and usage levels, the relay server collects aggregate, non-identifying metrics such as:

  • Estimated number of daily, weekly, and monthly active users using a probabilistic counting method called HyperLogLog that cannot identify or recover individual user identities.
  • Total number of messages and media transfers processed, as simple counts not associated with any user.
  • Server resource usage, including CPU, memory, and disk.

These metrics contain no personal data, no user identifiers, and no behavioral information about any individual. They are used solely to monitor service reliability and plan capacity.

7. Device Permissions

MKnoon may request the following permissions, which you can grant or deny at any time:

  • Camera for scanning QR codes for adding contacts and capturing photos for sharing.
  • Microphone for recording voice messages.
  • Photo library for sharing images and videos.
  • Location for local peer discovery on the same network. Location data is never transmitted to any server.
  • Notifications for incoming message alerts.

8. Data Sharing

We do not sell, rent, trade, or share your personal data with any third parties. The only third-party service used is Firebase Cloud Messaging for push notification delivery.

9. Data Retention and Deletion

  • On your device: All local data is stored on your device. Uninstalling MKnoon removes all local data.
  • On the relay server: The following data may be temporarily stored on the relay server and is automatically cleaned up:
    • Pending messages: deleted on retrieval, or after 7 days.
    • Media files: deleted after download, or after 7 days.
    • Profile picture: persists until you delete it through the app or upload a new one.
    • Push notification token: persists until you unregister or it becomes invalid.
    • Peer discovery registrations: expire automatically after 2 hours.
  • You can clear your data at any time through the app's settings.

10. Children's Privacy

MKnoon is intended for users aged 17 and older. We do not knowingly collect any data from children under 17. If you believe a child under 17 is using MKnoon, please contact us.

11. Your Rights

Depending on your location, you may have rights under applicable data protection laws, such as GDPR in the EU/EEA or CCPA in California. Because MKnoon does not collect personal data and uses only pseudonymous identifiers, most data rights are inherently satisfied because your data is already under your control.

You have the right to:

  • Access your data because it is on your device.
  • Delete your data by uninstalling the app or clearing data in settings. Server-side data such as profile pictures and pending messages is automatically cleaned up or can be deleted through the app.
  • Port your data by exporting your recovery phrase to move to another device.
  • Opt out of push notifications through your device settings.

12. Security

MKnoon employs multiple layers of security:

  • Post-quantum end-to-end encryption for all messages.
  • Encrypted local database (SQLCipher).
  • Sensitive keys stored in platform secure storage (iOS Keychain / Android EncryptedSharedPreferences).
  • EXIF metadata stripped from images before sending.
  • Relay server access restricted and not publicly exposed.
  • No personal identifiers stored on any server.

13. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated effective date. Continued use of MKnoon after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy, contact us at:

saleh.m.elsayed@proton.me

Developer: Saleh Elsayed