Privacy Policy

Privacy & Security Statement:


iosprivacy.com uses the highest standards of known privacy and security safeguards to ensure that your data remains your data, without leaking any of it to any sites you may visit after visiting us. These include the strictest http security & privacy headers in use for your protection and ours. Our Mozilla Observatory rating may be seen at any time on our main page as well as directly at https://observatory.mozilla.org. For example, the header X-DNS-Prefetch is set with a value of off to prevent the leaking of information through DNS prefetching of third-party resources linked to on our domain and its subdomains. The header Clear-Site-Data is set with the value of *, a wildcard which instructs your browser to delete any data it may have gathered such as within its cache, cookies, & storage immediately upon closing your connection with us, thus ensuring no other sites receive any information regarding your visit to this site.

We have a cookie header set in addition to the one set our webhost, Cloudflare. By setting our own, in addition to the Set-Cookie values of HttpOnly & Secure set by Cloudflare, we have suffixed it with the value of SameSite=Strict & prefixed it with the value of __Secure-, which helps to combat Cross-Site-Request-Forgery and effectively stops it from being used as a tool for tracking you across the web. Our Referrer header is set to no-referrer guaranteeing that any site you may visit after leaving here will be not be given the information that this was the site is where you were prior to going to any other site, helping to further guarantee your privacy. Our Content-Security-Policy is one of the strongest in place among the small minority of sites use this powerful tool. Its benefits are too detailed to enter into here, though you may learn about it on Mozilla's Web Developer Network.

We use no analytics, no javascript, and require no cookies to function. Our .css is secured using Subresource Integrity (SRI), through the application of a base64-encoded sha384 hash & a base64-encoded sha512 hash, allowing it to be used only if authenticated against the strongest hashing function supported by the UserAgent - if not sha512 then sha384, essentially. It effectively stops the injection of any rogue code into our stylesheet.

The email address we use for anyone who may want to reach us is a ProtonMail account and we request all who do contact us use a PGP key or use ProtonMail to ensure everyting transmitted is done so encrypted. The only information we would ever receive from you is information you voluntarily tell us, and we would very much appreciate it if you use a pseudonym and did not divulge any personal information whatsoever as privacy is sacred to the site owner, for everyone. Invasion of your privacy is a business; leave that sort of thing to Google, Amazon, Facebook, and all other Big Brother tech.