obliv is an end-to-end encrypted messaging application. this policy explains what data we process and — more importantly — what data we deliberately do not.
when you first open obliv, the app generates a cryptographic identity locally on your device. your public keys are published to our directory so other users can find you; your private keys never leave your device and are encrypted at rest using a key derived from your pin.
your identity is referenced by a short random identifier derived from your public key. this identifier is not linked to any personal information.
we do not process: message content, message metadata beyond what is strictly required to deliver an envelope, contact lists, conversation history, call logs, media files after delivery, or any behavioural analytics.
messages are encrypted on your device before they leave it. only the recipient's device can decrypt them. this includes one-to-one messages, group messages, media attachments, and call signalling. we have no technical ability to read your communications.
voice and video calls use webrtc. signalling is end-to-end encrypted through the same channel as messages. the actual media stream is peer-to-peer between devices whenever possible; when a direct connection is not possible (strict nat), media is relayed through a neutral network relay. the relay sees only encrypted media packets — it cannot observe call content.
photos, videos, voice notes, and files attached to messages are encrypted on your device before upload, stored briefly as opaque ciphertext, and deleted after the recipient downloads them. media is automatically purged after 24 hours even if undelivered.
when you receive a new message or call, a push is delivered to your device through apple's push notification service. the push payload contains no sender identity and no message content — only a generic banner (for messages) or a call id (for call wakeups). apple may log the fact that your device received a push; this is inherent to ios push and outside our control.
all on-device data (identity keys, conversations, contacts, groups, media cache) is encrypted with a key derived from your pin using a slow key-derivation function designed to resist brute-force attacks. several consecutive wrong pin attempts trigger a full wipe of the encrypted store; the identity is irrecoverable after wipe. we do not provide, and cannot provide, any pin recovery mechanism.
because we do not store personal data beyond transient encrypted envelopes and opaque push tokens, most gdpr rights do not meaningfully apply. if you wish to:
obliv is rated suitable for all ages on the app store (4+). the app collects no personal information from anyone — child or adult — so coppa and equivalent international child-privacy regulations do not apply in a substantive way. there is no account registration, no profile, no contact sync, no analytics, no advertising, and no behavioural tracking. parents and guardians who still wish to review the app's behaviour can verify this by reading the rest of this policy and by inspecting the app itself — all data lives locally on the device.
if the policy materially changes, the app will display an update notice the next time you open it. continued use after the effective date constitutes acceptance.
operator: okidooki ag. reach out via support.