All chat messages are simultaneously encrypted and protected in two ways. The high encryption of the chats makes decryption impossible for non-authorized users (as well as for the app operators).
-
Client to server encryption:
Every connection between your smartphone and the Flunx servers is highly encrpyted with Transport Layer Security (previously Secure Sockets Layer, SSL). This way, it is impossible for third parties to read transmitted data.
-
End to end encrpytion:
Every one of your chat messages is encrypted through an asynchronous cyptographic algorithm (private and public key). Your private key is necessary for decrypting the chat messages. It is generated on your smartphone and remains (only) there.
Only the following information is saved:
- User name (freely selectable)
- Public name (freely selectable nickname or real name)
- Email address
- Password
- Flunx (text with hashtags)
- Photo (optional)
- Location data (optional)
The Flunx servers transmit your encrypted chat message to the recipient's smartphone. After the transmission your chat messages will be deleted from the servers. Your chat messages are completely unreadable for the operators.
With Flunx you have a public and a private key. The QR code contains the public key.
If two users scan each others' QR codes with their Flunx app they can be sure that the saved key on their smartphone has not been manipulated. Therefore an extremely high safety standard is presented and confirmed by the app through a symbol in the menu item Favorites.
Are my log-in data for Twitter and LinkedIn visible for the operator if I decide to permanently share individual flunx? |
No. Your log-in data will not be saved on the Flunx server or otherwise retrieved. The Flunx operator has no access to the data.
Your log-in data for Twitter and LinkedIn are directly entered into the appropriate pages of the social networks via an internal browser window in the Flunx app. LinkedIn or Twitter provide an OAuth token that is used for posting the flunx within your account.
The Flunx servers are located in Germany. Therefore the data that you exchange via Flunx falls within the ambit of all applicable (and strict) German data privacy laws, such as the German Federal Data Protection Act (BDSG) or the German Telecommunications Act (TKG). These in turn adhere to the data protection directives of the European Union. These laws, in combination with the Flunx technology, enable very high data protection standards.