Ieum Logo Ieum

Ieum
Security Philosophy & Privacy Policy

True Security Without Servers
(True P2P Architecture)

"Central servers do not store your data.
They simply facilitate the handshake and disappear."

1. True P2P Delivery and Zero Data Storage

Typical mega-messenger corporations store colossal amounts of chat logs on their main server databases to analyze users or comply with government requests.

Ieum is fundamentally different. Our servers act merely as a routing switch—locating your friend's device and opening an **Encrypted Relay Tunnel**. Messages, photos, and calls follow a 완전 구조 (P2P) architecture directly linking device to device. Reaching the destination, the routing data evaporates completely over the network.

2. Complete Isolation of AI Data (Local Processing Principle)

The greatest danger of modern AI is that your private questions (prompts) and sensitive documents are transmitted to corporate cloud servers. Ieum strictly adheres to the following principles:

  • Local AI Assistant: Translated chats or questions asked to the AI are never transmitted to external APIs like Google or OpenAI.
  • Secure Document Analysis (RAG): Uploaded PDFs and the chunked Vector Database created from them are strictly isolated and stored 100% on your smartphone's local memory.

3. The 12-Word Secret Key That Never Asks Who You Are

The moment you are asked for a phone number or email, you are at risk of being tracked. Ieum has eliminated the invasive practice of forcibly syncing your contacts to our servers.

Friend additions are exclusively conducted through anonymous QR codes or Ieum IDs. During signup, your device performs a lightweight mathematical computation (Proof-of-Work, PoW) to issue a purely anonymous ID. Account control is granted only to the user holding the unique 12-word recovery phrase (Mnemonic), which even the company cannot access or reproduce.

4. Double-Locked End-to-End Encryption (E2EE)

Any data transported via P2P is scrambled into meaningless noise, ensuring that hackers intercepting the traffic see nothing but gibberish. Whether it's a 1:1 message or a massive group chat, the strongest double-lock algorithms (X3DH and Double Ratchet) are enforced. The encryption "keyhole" constantly changes with every exchanged message, making it physically impossible to retrieve past conversations, even if a warrant demands it.

5. Device Access Permissions (Complying with App Store Guidelines)

Ieum requests device access solely to provide essential messenger functionalities. We unequivocally state that all data acquired through these permissions is NEVER collected on our servers nor shared with third parties.

  • Camera: Used strictly on-device for taking profile pictures, capturing media to send, and scanning QR codes.
  • Storage / Media: Accessed locally for parsing file attachments, using the gallery, and enabling Local AI (PDF) document offline analysis.
  • Microphone: Enabled locally for sending voice memos and establishing voice/video (WebRTC P2P) connections.

Content created using these permissions is encrypted via E2EE locally before being transmitted directly to the recipient and is in no way stored on Ieum servers.

6. Absolute User Control

Ieum supports Timer 'Boom' Messages, and grants users the absolute right to [Delete for Everyone] without time limits. With a single command, you can instantly and permanently eradicate a message from both your screen and the recipient’s smartphone memory. You, not the corporation, are the sole master of your data.