🔏 CNIL recommendations on mobile applications


🧵 The CNIL has published its 2025 recommendations on mobile applications to better protect privacy.

With Olvid, these principles are not just variables to be adjusted; they are at the very heart of the application.

Let’s take a look at them together to understand how Olvid mathematically guarantees your privacy.

🌐 Minimize data

✅ With Olvid, there’s nothing to minimize, because Olvid doesn’t ask you for anything: no phone number, no email address, no access to your contact list, nothing!

🥷 Privacy by Design

✅ Privacy has been part of Olvid’s specifications from the beginning, a true “Privacy by Default”. No centralized directory acting as an authority, just a server to distribute your end-to-end encrypted messages without metadata.

🚹 Limit permissions

✅Olvid does not require any special permissions to function. Users can grant permissions to unlock additional features, such as the microphone for secure calls.

👀 No spy SDKs

✅ Olvid minimizes the use of third-party SDKs. No analytics trackers, no ads, and no personal data sent to Olvid’s servers. The business model is clear: with Olvid, everything that’s free is truly free, and everything that’s paid has a clearly displayed price. For once, you’re not the product.

📍 Processing must remain local

✅ The only server used by Olvid is the one that distributes messages. It is merely a relay with no access to content, thanks to systematic end-to-end encryption. All data is processed locally on your devices.

❤️ Secure lifecycle

✅ As the saying goes: “Don’t trust, verify”. The source codes for mobile applications are available in Open Source. The cryptographic engine is regularly audited by experts in the field.

🇪🇺 GDPR and privacy

✅ For Olvid, compliance with the General Data Protection Regulation (GDPR) is not a constraint but a natural consequence of our architecture. Olvid goes well beyond the GDPR.

No access to data = guaranteed compliance! 🚀