Optimize SVGs

Signed-off-by: redoomed1 <redoomed1@privacyguides.org>

.vscode/ltex.dictionary.en-US.txt

@@ -562,10 +562,3 @@ unlinkability
 Kagi
 Secureblue
 pseudonymity
-TrueNAS
-Arti
-Tailscale
-allowlisted
-MyMonero
-Monero-LWS
-OkCupid

blog/.authors.yml

@@ -56,13 +56,6 @@ authors:
       instance: neat.computer
     twitter: jonaharagon
     bluesky: jonaharagon.com
-  justin:
-    name: Justin Ehrenhofer
-    description: Guest Contributor
-    avatar: https://github.com/SamsungGalaxyPlayer.png
-    mastodon:
-      username: sgp
-      instance: neat.computer
   kaitebay:
     name: Kai Tebay
     description: Former Team Member

blog/posts/monero-server-using-truenas.md

@@ -1,362 +0,0 @@
----
-date:
-    created: 2025-06-12T18:15:00Z
-categories:
-    - Tutorials
-tags:
-    - Self-Hosting
-    - Cryptocurrency
-    - TrueNAS
-authors:
-    - justin
-description: In this guide, we will walk you through setting up a very powerful Monero server on TrueNAS.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/monero-server-using-truenas/cover.webp
----
-# Creating a Tricked-Out Monero Server with TrueNAS
-
-![A cover image for this post showing an illustration of a NAS and stacks of coins imprinted with the Monero logo](../assets/images/monero-server-using-truenas/cover.webp)
-
-<small aria-hidden="true">Illustration: Jonah Aragon / Privacy Guides</small>
-
-In this guide, we will walk you through setting up a very powerful [Monero](https://www.privacyguides.org/en/cryptocurrency/#monero) server on TrueNAS. By completing these steps, you will be able to connect to your own self-hosted Monero node with the official Monero wallet and Cake Wallet, and you will be able to connect to your own self-hosted Monero LWS server with Edge Wallet and MyMonero.<!-- more -->
-
-<div class="admonition note" markdown>
-<p class="admonition-title">Guest Contributor</p>
-
-Please welcome Justin Ehrenhofer as a first-time guest contributor! Justin is the president of MAGIC Grants, a nonprofit which supports public cryptocurrency infrastructure and promotes privacy, and operates as Privacy Guides' [fiscal host](privacy-guides-partners-with-magic-grants-501-c-3.md). Privacy Guides does not publish guest posts in exchange for compensation, and this tutorial was independently reviewed by our editorial team prior to publication.
-
-</div>
-
-This guide assumes that you are using TrueNAS for the first time. TrueNAS is an open-source operating system that is meant to function primarily as a NAS, and it supports running arbitrary Docker apps. [MAGIC Grants](https://magicgrants.org) spent the last few months making dedicated apps on the TrueNAS store to make this setup process simpler than starting from scratch.
-
-## Advantages of Running Your Own Node
-
-Monero is a cryptocurrency with strong privacy properties by default, and it is the only cryptocurrency currently [recommended](https://www.privacyguides.org/en/cryptocurrency/) by Privacy Guides.
-
-Despite Monero's privacy protections, your wallet needs to communicate with the rest of the Monero network. There are two main options:
-
-1. Connecting to someone else's node; or
-2. Connecting to your own node.
-
-By connecting to your own node, you do not need to reveal when you are using your wallet and what transactions you send to the node operator.
-
-By following this guide, your transaction broadcasts will be protected with the Tor and/or I2P [networks](https://www.privacyguides.org/en/alternative-networks/).
-
-In short, if you *can* run your own node, you *should* run your own node.
-
-## Hardware/Software Recommendations
-
-* A spare machine (e.g., an old desktop computer) with:
-    * One or more SSDs with >100 GB of free space
-    * 4+ CPU cores
-    * 4GB+ of RAM
-    * TrueNAS already installed
-* A domain name (optional, for encrypted clearnet connections)
-
-It's possible to undercut these recommendations, but please don't do that to yourself.
-
-## What We Will Set Up
-
-All of these applications are optional. You can set up nearly any combination of these. For example, you can skip just the I2P app if you don't plan to use I2P.
-
-| Software | Description | Purpose |
-| -------- | -------- | -------- |
-| Arti | A [Tor](https://www.privacyguides.org/en/advanced/tor-overview) client written in Rust. | Connect to Tor nodes, broadcast transactions over Tor, and connect to TrueNAS apps over Tor. |
-| Java I2P | The officially distributed app to connect to the [I2P network](https://www.privacyguides.org/en/alternative-networks/#i2p-the-invisible-internet-project). | Connect to I2P nodes, broadcast transactions over I2P, and connect to TrueNAS apps over I2P. |
-| Monero Node | The officially distributed app for communicating with the Monero network. | The app provides the necessary information to send and receive Monero transactions. Most wallets (including the official Monero wallets and Cake Wallet) connect to Monero nodes. |
-| Monero-LWS | A "**L**ight**w**eight **S**erver" that allows "lightweight" wallets to send and receive Monero transactions. | Lightweight Monero wallet apps (including Edge Wallet and MyMonero) can connect to this server so that the wallet itself does not need to scan/sync Monero history; the server handles this scanning/syncing. |
-
-## Configure TrueNAS Storage
-
-We will configure storage for the Monero blockchain, and we will use default storage settings for other purposes. If you are an advanced user, you can configure the storage yourself.
-
-### Create a Monero Pool
-
-In TrueNAS, a pool is a collection of hard drives for a specific use-case. For simplicity, we will configure the entirety of a single SSD for Monero's use.
-
-1. Click **Storage**.
-2. Click **Create Pool**.
-3. Type `monero-pool` for the name. Leave encryption disabled (this will only store public blockchain data). Click **Next**.
-4. Choose the layout that you will be using. We will pick **Stripe** in this guide.
-5. Select the entire storage space for the SSD. Click **Next**.
-6. Skip all the remaining options for metadata, log, cache, spare, and dedup. Keep clicking **Next**.
-7. Finish creating the pool by clicking **Create Pool**.
-
-### Create a Monero Dataset
-
-A dataset is effectively a folder inside a pool. We will make one folder for the Monero blockchain data:
-
-1. Click **Datasets**.
-2. Click on the `monero-pool` pool.
-3. Click **Add Dataset**.
-4. Set the name to `monero-blockchain`
-5. Set the dataset preset to **Apps**.
-6. Click **Save**.
-
-![Screenshot showing the Datasets list in TrueNAS](../assets/images/monero-server-using-truenas/01-datasets.webp)
-
-Next, we will assign the ownership of that folder to the `apps` user:
-
-1. While the `monero-blockchain` dataset is selected, click **Edit** under Permissions.
-2. At the top, change the **Owner** and **Owner Group** from `root` to `apps`.
-3. Check the boxes for **Apply Owner** and **Apply Group**.
-4. Check **Apply permissions recursively**.
-5. Click **Save Access Control List**.
-
-![Screenshot showing the ACL settings for monero-blockchain](../assets/images/monero-server-using-truenas/02-edit-acl.webp)
-
-## Configure Arti (Tor)
-
-<div class="admonition example" markdown>
-<p class="admonition-title">Experimental software</p>
-
-Arti is experimental software. At the time of writing, Arti should not be used for privacy-critical applications. Connecting to your own Monero node is "low risk" in most circumstances. However, if you have very sensitive requirements you should not use Arti until it has been tested further by the community. By using Arti today, you are helping to make Arti better!
-
-</div>
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Arti`. Click on the **Arti** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Hidden Services**, click **Add**. For each of the functions below that you want to support, create a new hidden service:
-    1. Monero Node (for incoming P2P connections)
-        1. Name: `monerodp2p`
-        2. App Port: `18084`
-        3. Hidden Service Port: `18084`
-    2. Monero Node (for incoming RPC (wallet) connections)
-        1. Name: `monerodrpc`
-        2. App Port: `18089`
-        3. Hidden Service Port: `18089`
-    3. Monero LWS
-        1. Name: `monerolws`
-        2. App Port: `18090`
-        3. Hidden Service Port: `18090`
-6. Leave the other settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, click on the shell icon under Workloads and to the right of `arti – Running` (not `config` or `perms`).
-
-![Screenshot showing how to click the Arti shell icon](../assets/images/monero-server-using-truenas/03-arti-shell.webp)
-
-In the shell, type the command `arti hss --nickname monerodp2p onion-address`. This will return a string that ends in `.onion`. In notepad, Excel, or another app, save the `.onion` address and the service it is associated with (`monerodp2p`). You might need to copy from the shell with ++ctrl+ins++.
-
-![Screenshot showing the command and response to get the onion address](../assets/images/monero-server-using-truenas/04-arti-shell.webp)
-
-Do this again for the following two commands as well:
-
-```console
-arti hss --nickname monerodrpc onion-address
-arti hss --nickname monerolws onion-address
-```
-
-You should have three saved and unique `.onion` addresses.
-
-## Configure I2P
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `I2P`. Click on the **I2P** app.
-4. Click **Install**. This will pull up a form.
-5. Change the **Port Bind Mode** for **I2P HTTP Proxy Port** to `None`.
-6. Change the **Port Bind Mode** for **I2P HTTPS Proxy Port** to `None`.
-7. To the right of **Additional Ports**, click **Add**.
-8. In the newly exposed fields, set the Port Number as `4447`.
-9. In the same newly exposed fields, set the Container Port as `4447`.
-10. Leave the other settings as default. Click **Install**.
-
-![Screenshot showing the I2P installation settings](../assets/images/monero-server-using-truenas/05-i2p-install.webp)
-
-You will see the Applications screen after it installs. After the Arti app shows the status as **Running**, open a browser and direct it to the I2P configuration wizard. This is available at `<hostname>:7657`, for example `192.168.1.100:7657`.
-
-Complete the initial I2P wizard using the default settings.
-
-### Create I2P SOCKS Proxy
-
-1. Click **Local Tunnels**.
-2. Click on the I2P HTTP Proxy.
-3. Uncheck **Automatically start tunnel when router starts**.
-4. Click **Save**.
-5. To the right of the I2P HTTP Proxy, click **Stop**.
-6. Click on the I2P HTTPS Proxy.
-7. Uncheck **Automatically start tunnel when router starts**.
-8. Click **Save**.
-9. To the right of the I2P HTTP Proxy, click **Stop**.
-10. At the bottom and to the right of **New client tunnel:**, change the type in the dropdown from `Standard` to `SOCKS 4/4a/5` and click **Create**.
-    1. Set the name as `monerod`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the Access Point **Port** to `4447`.
-    4. Set **Reachable by** to `0.0.0.0`.
-    5. Click **Save**.
-
-### Create I2P Hidden Services
-
-There is an optional step below to reduce the hidden service tunnel length from the default of 3 to 1. This will substantially increase the reliability of the server at the cost of anonymity.
-
-However, the server's connection to the I2P network for connecting to Monero wallets and the rest of the Monero network is typically not sensitive, unless you want to completely conceal that you are running a Monero node. Thus, most users will prefer the higher performance of the shorter tunnel length.
-
-We do not recommend shortening the tunnel lengths for the I2P SOCKS Proxy (in the previous section above) on the other hand, since transaction broadcasts tend to be sensitive.
-
-1. Under **I2P Hidden Services** and to the right of **New hidden service:**, change the type in the dropdown from `HTTP` to `Standard` and click **Create**.
-    1. Set the name as `monerodp2p`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18085`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-2. Create another `Standard` hidden service.
-    1. Set the name as `monerodrpc`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18089`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-3. Create another `Standard` hidden service.
-    1. Set the name as `monerolws`.
-    2. Check **Automatically start tunnel when router starts**.
-    3. Set the target host as the server's hostname, for example `192.168.1.100`.
-    4. Set the target port as `18090`.
-    5. *Optional:* Set the Tunnel Length Option to **1 hop tunnel (low anonymity)** for better performance.
-    6. Click **Save**.
-
-You will see the three I2P Hidden Services that you configured. Under each, you will see a `.b32.i2p` address after **Destination:**. You will need to use the destination `.b32.i2p` addresses in later steps (just like the `.onion` addresses), so keep them handy.
-
-![Screenshot showing I2P Hidden Services settings](../assets/images/monero-server-using-truenas/06-i2p-settings.webp)
-
-## Configure Monero Node
-
-### Initial Setup
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero Node`. Click on the **Monero Node** app.
-4. Click **Install**. This will pull up a form.
-5. *Optional:* Uncheck **Prune the blockchain**. This will use significantly more storage.
-6. Under **Storage Configuration** and **Blockchain storage location**, change the **Type** from `ixVolume` to `Host Path`.
-7. Under **Host Path**, use the folder picker to select the `monero-blockchain` dataset. This should usually be `/mnt/monero-pool/monero-blockchain`.
-8. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the node sync faster.
-9. Leave the other settings as default. Click **Install**.
-
-#### Why not configure Tor and I2P settings to begin with?
-
-Some users may be sensitive to a privacy risk where your Tor and I2P addresses could be matched with your public IPV4 address while it is syncing. By waiting to configure these settings until after your node is already fully synced, we minimize this risk.
-
-### Check on the Sync Status
-
-It will take a day or more for most systems to fully sync the Monero blockchain from scratch.
-
-To check the status, go to the app page and click on the `monerod` app. Under Workloads and to the right of `monerod – Running`, click on the shell icon.
-
-![Screenshot showing how to click the Monero Node shell icon](../assets/images/monero-server-using-truenas/07-monero-shell.webp)
-
-Type `monerod status` and press enter.
-
-If the status reports `Height: ####/#### (100.0%) on mainnet`, then your node is fully synced. You can proceed to the next step.
-
-![Screenshot showing the Monero Node sync status command](../assets/images/monero-server-using-truenas/08-monero-shell.webp)
-
-### Add Tor and I2P
-
-After your Monero node is fully synced, click on the `monerod` app and then click **Edit**. This will bring up the same form that you configured when installing the app.
-
-1. Check **Enable Tor connections**.
-2. Set the **Tor IP** as your hostname, for example `192.168.1.100`.
-3. Set the **Tor port** as `9150`.
-4. Check **Enable inbound Tor connections**.
-5. Set the **Inbound onion address** as the `.onion` address for `monerodp2p` that you observed earlier.
-6. Check **Enable inbound I2P connections**.
-7. Set the **I2P IP** as your hostname, for example `192.168.1.100`.
-8. Set the **I2P Port** as `4447`.
-9. Check **Enable inbound I2P connections**.
-10. Set the **Inbound I2P base32 address** as the `.b32.i2p` address for `monerodp2p` that you observed earlier.
-11. If you wish to enable Monero LWS, under **ZMQ RPC Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-12. If you wish to enable Monero LWS, under **ZMQ Pub Port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-13. Under **Tor inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-14. Under **I2P inbound port**, change the **Port Bind Mode** from `None` to `Publish port on the host for external access`.
-15. Click **Update**.
-
-![Screenshot showing the Monero Node install settings](../assets/images/monero-server-using-truenas/09-monero-install.webp)
-
-## Configure Monero LWS
-
-For security reasons, the Monero LWS app only accepts requests from allowlisted Monero addresses. Requests from other users will be rejected.
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Monero LWS`. Click on the **Monero LWS** app.
-4. Click **Install**. This will pull up a form.
-5. Under **Accounts**, you can add sets of allowlisted Monero wallets that will be supported by this server. Click **Add** to add a wallet. For each wallet, include the `Address`, `View Key`, and `Restore Height`. If a restore height is not provided, it will scan the entire blockchain (which is thorough but inefficient).
-6. *Optional:* Under **Resources Configuration**, increase the CPU resource limits to as high of a value as possible for your system. This will help the server scan multiple wallets faster.
-7. After you have added all the wallets, click **Install**.
-
-You can add new Monero wallets in the future by adding them to the list of accounts.
-
-## Configure Secure Clearnet Connections
-
-It is insecure to connect your wallet to your server over an unencrypted connection.
-
-If you only configure your wallet to connect to your server over its I2P or Tor addresses, then you're all set. The connection is already encrypted.
-
-There are different ways to connect to your node over an encrypted clearnet connection, each with their pros and cons:
-
-| Method | Pros | Cons |
-| --- | --- | --- |
-| Tor | No additional configuration necessary. Private. Secure. Reliable. | Slow for non-LWS wallets. |
-| I2P | No additional configuration necessary. Private. Secure. | Slow. Unreliable. |
-| Nginx Proxy Manager | High degree of user control. Secure. Reliable. Fast. | Requires a domain. Requires configuration. |
-| Cloudflare Tunnels | Secure. Reliable. Fast. Easy to set up. Extra security settings. | Requires a domain. Decrypted traffic is shared with Cloudflare. |
-
-### Nginx Proxy Manager (Recommended)
-
-1. Click **Apps**.
-2. Click **Discover Apps**.
-3. Search for `Nginx Proxy Manager`. Click on the **Nginx Proxy Manager** app.
-4. Click **Install**. This will pull up a form.
-5. Leave the settings as default. Click **Install**.
-
-You will see the Applications screen after it installs. After the Nginx Proxy Manager app shows the status as **Running**, open a browser to `<hostname>:30020`, for example `192.168.1.100:30020`.
-
-#### Configure Your Domain and Router
-
-You will need to create A and (optionally) AAAA records with your DNS provider that point to your public IPV4 and IPV6 IP addresses, respectively. You will then need to forward the ports in your router to your TrueNAS hostname. These steps are out of scope for this guide.
-
-#### Add Proxy Hosts to Nginx Proxy Manager
-
-From the Nginx Proxy Manager browser interface, click **Hosts**, **Proxy Hosts**, then **Add Proxy Host**. We recommend creating proxy hosts as follows:
-
-| Domain Name | Scheme | Forward Hostname / IP | Forward Port |
-| --- | --- | --- | --- |
-| `monerod-rpc.<domain>` | `http` | `<hostname>` | `18089` |
-| `monero-lws.<domain>` | `http` | `<hostname>` | `18090` |
-
-For each entry, enable **Block common exploits**.  Configure the SSL settings with **Request a new SSL Certificate**, **Force SSL** enabled, and **HTTP/2 Support** enabled.
-
-Optionally assign an access list.
-
-You should now be able to access these services using your domain!
-
-## A Note About Clearnet Networking
-
-Making clearnet connections without encryption (without SSL/TLS) is insecure. This guide uses the Nginx Proxy Manager app to configure these secure connections, but you can alternatively use another approach such as Cloudflare Tunnels, Tailscale, or WireGuard.
-
-## What About Bitcoin?
-
-Bitcoin is not recommended by Privacy Guides due to its very weak privacy properties by default. Nevertheless, MAGIC Grants has made several Bitcoin oriented applications in the TrueNAS store that you may benefit from if you need to use Bitcoin.
-
-## Test Connections
-
-We will test connections to our node over Tor using [Cake Wallet](https://cakewallet.com), [Edge Wallet](https://edge.app), and [Orbot](https://orbot.app). Make sure you have these apps installed and already have Monero wallets set up.
-
-Use **Full Device VPN** mode with Orbot for this guide.
-
-### Test with Cake Wallet
-
-Cake Wallet will connect to your Monero node. Follow [these steps](https://docs.cakewallet.com/features/advanced/tor-with-orbot/#switch-back-to-cake-wallet) to change the Monero node that Cake Wallet uses. Provide your `monerodrpc` onion address for the Monero Node app as the node address, `18089` as the port, no username, no password, and **Use SSL** unchecked.
-
-You should see a green dot next to this newly added node, and you should notice that your wallet is able to sync. Syncing performance to a Monero node over Tor is slow.
-
-### Test with Edge Wallet
-
-Edge Wallet will connect to your Monero-LWS server. In Edge Wallet, click on the upper right hamburger menu, then **Settings**, then **Asset Settings**, then **Monero**. Select **Custom Light Wallet Server** and provide your `monerolws` onion address with the port. For example, `http://monerolws.onion:18090`, replacing `monerolws.onion` with your correct onion address.
-
-Back in the main wallet overview, you should see that your Monero wallet is fully synced.

blog/posts/queer-dating-apps-beware-who-you-trust.md

@@ -1,572 +0,0 @@
----
-date:
-    created: 2025-06-24T21:00:00Z
-categories:
-    - News
-tags:
-    - Pride Month
-authors:
-    - em
-description: At the intersection of data privacy and LGBTQ+ experiences, it's inevitable to talk about queer dating apps. Unfortunately, most are horrible for data privacy.
-schema_type: AnalysisNewsArticle
-preview:
-  cover: blog/assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp
----
-
-# Queer Dating Apps: Beware Who You Trust With Your Intimate Data
-
-![Photo of a hand holding a phone with a rainbow gradient and a white heart on it. The hand holds the phone in front of a vertical rainbow background with an open eye displayed transparently over it, symbolizing surveillance.](../assets/images/queer-dating-apps-beware-who-you-trust/dating-cover.webp)
-
-<small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Surasak Ch / Unsplash</small>
-
-When discussing the intersection of data privacy and LGBTQ+ experiences, it's inevitable to also talk about queer dating apps. Due to a smaller percentage of the population and a number of factors complicating in-person dating, people part of the queer community are more likely to seek online platforms to meet lovers and friends. Unfortunately, using queer dating apps can be very dangerous for privacy, and even for safety.<!-- more -->
-
-Dating apps are generally horrible for everyone's privacy, but the queer population is at an even higher risk of harm due to discrimination, and even [criminalization in certain regions](https://www.humandignitytrust.org/lgbt-the-law/map-of-criminalisation/).
-
-Despite the risks, LGBTQ+ people still need to fulfill their social and romantic needs like anyone else.
-
-This isn't an easy task outside the online realm either. Discrimination can be much worse in physical environments that aren't specifically catering to the queer community. In some regions, this can even mean a greater risk of physical aggression.
-
-LGBTQ+ people aren't necessarily safe to date in the same ways cisgender heterosexual people are, increasing the need for safe spaces.
-
-Another important factor is that a smaller percentage of the population necessarily creates a smaller dating pool. Even if someone were to avoid entirely online services, if they aren't located in a town large enough to host LGBTQ+ venues and events, or if they live in an environment where revealing their queer identity could be unsafe to them, online spaces might be their only viable option to [find connections](stay-safe-but-stay-connected.md).
-
-Sadly, this isn't ideal. In today's world, it seems very few services (if any) are considering the importance of data privacy for dating apps seriously enough.
-
-For this reason, it is crucial to acknowledge the dangers, and learn about ways to minimize the risks, and to stay safe while looking for romantic or sexual partners online.
-
-## Dating apps are horrible for data privacy
-
-Unfortunately, whether it's dating apps catering to everyone or to a narrower segment of the population, they are pretty much *all horrible for data privacy*.
-
-Some apps might be worse than others, but at this time, there are no good, largely used, *and* privacy-respectful dating apps.
-
-Due to the nature of dating apps, a major problem is that any dating app will unavoidably collect at least some of very sensitive personal data. This can include photos, intimate photos, sexual preferences, intimate conversations, detailed physical descriptions, and likely much more.
-
-Because of this, a good privacy-respectful dating app would need to implement considerably stronger protections for this data, and obviously not share it with any third party. Regrettably, this isn't what is happening *at all*.
-
-### They collect very sensitive information, legally and illegally
-
-Necessarily, most dating apps will collect *at minimum* a nickname, email, photo, and descriptions of your personality and physical appearance. But, the majority of apps do not stop there.
-
-Most dating apps also collect your location, IP address, and phone number (a strong quasi-static identifier that can be linked to your other accounts and legal identity).
-
-Then, you might upload additional sensitive information, such as a detailed physical description, detailed personality description, health condition, religion, political views, sexual preferences, and even intimate photos in private chats. All this information is collected and stored by the dating app, and maybe even shared with third parties.
-
-According to a [report from Mozilla](https://www.mozillafoundation.org/en/privacynotincluded/articles/data-hungry-dating-apps-are-worse-than-ever-for-your-privacy/), about 25% of apps also collect metadata on uploaded content. This means that if you do not [remove metadata](https://www.privacyguides.org/en/data-redaction/) from your photos and videos (or other file types) before uploading them, the dating app could collect it. This can include very precise information on where and when a photo or video was taken, for example.
-
-Additionally, dating apps can collect a scandalous amount of information from your social media accounts if you use them to sign up with the app. Already in 2017 (this is likely much worse 8 years later into surveillance capitalism), The Guardian journalist Judith Duportail [reported](https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-sold) on her experience with Tinder after requesting a copy of her account data. Tinder had kept 800 pages of information on her, including Facebook likes, number of Facebook friends, Instagram photo links, ages of men she was interested in, and so on. From her experience she wrote:
-
-> What will happen if this treasure trove of data gets hacked, is made public or simply bought by another company? I can almost feel the shame I would experience.
-
-She is not alone in this. Every dating-app user is at risk of having their intimate data exposed if their account or the app's servers gets hacked, or if the company otherwise leaks or shares their data.
-
-Tragically, data breaches and companies acquisitions aren't rare occurrences. It's more a matter of "when" than "if".
-
-#### Identity verification
-
-Moreover, many apps now require to "verify identity" by requesting users to submit a video selfie, official ID, or other means of verification.
-
-This practice is intrusive at best, and straight out *dangerous* at worst. Any verification practice requiring a piece of official ID or a facial scan has the potential of endangering this data, and increases the risk of a data leak exposing your intimate dating information while being strongly linked to your legal identity.
-
-No dating app should be requiring such sensitive information. Fighting bots and fake accounts isn't worth the risk this represents to users.
-
-#### Biometric data
-
-Even for users who might be careful to choose more privacy-respectful apps, or feel protected by stronger local legislation, trust can be broken.
-
-In 2024, Bumble and Badoo settled a [class action lawsuit](https://www.the-sun.com/money/12327292/bumble-settlement-badoo-payment/) for allegedly infringing the privacy rights of users residing in Illinois US, by violating the [Biometric Information Privacy Act](https://en.wikipedia.org/wiki/Biometric_Information_Privacy_Act) (BIPA). The complainants alleged the apps, both owned by Bumble Inc, were capturing and storing users' facial scan biometrics it extracted from profile's content without the users' consent.
-
-While users located in Illinois were entitled to financial compensation from the [settlement](https://topclassactions.com/lawsuit-settlements/closed-settlements/40m-bumble-badoo-bipa-class-action-settlement/), others located in regions with weaker local regulation didn't receive any compensation for this violation of their consent.
-
-#### Artificial intelligence features
-
-Finally, most dating services have now [integrated AI features in their platforms](https://www.platformer.news/grindr-ai-boyfriend-wingman-monetization-paid-taps/). This is dreadful for privacy.
-
-The problem with current AI features is that most will not just generate data but will also *collect* data. Once data is integrated into a model, it's incredibly difficult (if not impossible) to delete it later.
-
-Grindr's terms of service include a section specifying that, when using the platform, [you grant an irrevocable right to Grindr](https://www.grindr.com/terms-of-service) to "exploit Your User Content" to train "AI Technologies". **Your content is up for AI-grabs on Grindr.**
-
-Horrifyingly, most other dating apps aren't better.
-
-While other apps might be careful not to directly name "AI" or "training" in their terms of service, risking scaring users away, OkCupid, Hinge, and Plenty of Fish (all part of the Texas-based dating service conglomerate Match Group), describe a similar clause in their terms of service that could potentially include AI technologies training on users' content (if not already).
-
-For example, OkCupid specifies in clause 7 of their [Terms & Conditions](https://okcupid-app.zendesk.com/hc/en-us/articles/23941864418203-Terms-Conditions) (emphasis added for clarity):
-
-> By creating an account, **you grant to OkCupid a worldwide, perpetual, transferable**, sub-licensable, royalty-free **right and license to** host, store, use, copy, display, reproduce, adapt, edit, publish, translate, modify, reformat, **incorporate into other works, advertise, distribute and otherwise make available to the general public Your Content**, including any information you authorize us to access from Facebook or other third- party sources (if applicable), in whole or in part, and **in any way and in any format or medium currently known or developed in the future.** OkCupid's license to Your Content shall be non-exclusive, except that OkCupid's license shall be exclusive with respect to derivative works created through use of our Services. For example, **OkCupid would have an exclusive license to screenshots of our Services that include Your Content.**
-
-Of course "any medium developed in the future" could include AI technologies, and/or anything else.
-
-OkCupid has already integrated AI features in users' dating experience using OpenAI's ChatGPT for its services. Michael Kaye, OkCupid's head of communications, excitedly [told Mashable](https://mashable.com/article/okcupid-chatgpt-questions) that "daters who think ChatGPT is a lifesaver get almost 40 percent more Matches on OkCupid than those who think it's too big brother".
-
-Well, perhaps users who accurately think "it's too big brother" have simply already left the app...
-
-### They can expose legal identities
-
-Besides the data privacy dangers created by integrating AI features in dating apps, [identity and age verification is another growing problem](age-verification-wants-your-face.md).
-
-Unfortunately, it seems dating apps are more concerned with fighting fake accounts than protecting users' data, and are willing to sacrifice the latter for the former.
-
-Of course, this security measure is only theatrical. Criminals will easily go around identity verification systems, while the inevitable data breaches will endanger and harm all trustworthy users at once.
-
-#### Identity verification endangers the most vulnerable
-
-Each time a dating application asks for a video selfie or an official piece of ID to prove identity or age, this data risks getting leaked and stolen later.
-
-Moreover, requiring official IDs and face scans severely harm the most vulnerable users who need [protective practices to stay safe online](stay-safe-but-stay-connected.md/#practices-and-tools-that-help-in-various-contexts), for example by using a pseudonym. This is true for victims of domestic violence, victims of online stalking, as well as for the LGBTQ+ community.
-
-Exposed legal identities, particularly in conjunction with dating data, can lead to identity theft, online harassment, doxxing, non-consensual outing, extortion, loss of employment, arrest, and even sexual and physical violence.
-
-Pseudonymity can save lives online. Fighting pseudonymity isn't fighting crime, it's [fighting against the safety](https://journals.sagepub.com/doi/full/10.1177/17416590221111827) of the most vulnerable in our society.
-
-#### Biometric data and dystopian third party
-
-Continuing this horrifying trend, Match Group has announced this spring they are partnering with the [dystopian World App](sam-altman-wants-your-eyeball.md) to start testing age verification for Tinder in Japan. The World App generates unique identifiers based on biometric iris scan.
-
-If having to scan your official ID to continue using Tinder is *bad*, having to scan your eyeball from a questionable third party app is even *worse*.
-
-This practice will start for Tinder in Japan, but it's likely the verification process could be expanded to all users of Match Group apps in the near future.  Soon, the only way to avoid having to share biometric data with the World App to continue using your favorite dating app could be to leave the app entirely.
-
-#### Payment information
-
-Finally, payment information can also create a link between your dating account and your legal identity.
-
-If you provide a credit card under your legal name to use a dating app, then this profile is inevitably linked to your legal identity.
-
-It's possible that some application *might* use third-party software to manage payments, and that this data *might* not leak associated with your dating profile. However, this depends on which payment services the dating app works with, and what the company's security practices are.
-
-### They sell users' data to data brokers
-
-Sadly, not only most dating apps collect *way too much data* they don't secure properly, but they also willingly share this data with data brokers.
-
-If you are not familiar with the [data broker industry](https://www.eff.org/deeplinks/2021/07/data-brokers-are-problem), data brokers are usually private for-profit companies that specialize in collecting personal information on everyone, using and scraping public records, social media accounts, various websites, other online sources, and any applications willing to work with them.
-
-They then make this information [available to anyone](https://gizmodo.com/alleged-minnesota-shooter-used-data-brokers-to-find-lawmakers-addresses-2000616975) for sale. They do not care about your consent nor your safety, at all.
-
-**Data brokers are the archenemy of privacy rights.**
-
-And yes, dating apps share your dating data with them. California's Privacy Protection Agency even uses dating apps in its [example](https://cppa.ca.gov/data_broker_registry/) for the Data Broker Registry it keeps:
-
-> For example, if a person signs up for a dating app, a data broker may buy all recent sign ups of that dating app from the app developer and sell the information to a gym that is looking to target potential new customers.
-
-The chosen example of a data broker selling dating app data to a gym is quite mild. As explained in the next section, [what actually happens](#hateful-groups-tracking-users) with this data if often much more grim.
-
-One type of data often [bought by data brokers](https://www.eff.org/issues/location-data-brokers) is location data. Location data can easily be used to precisely identify a user, a user's home address, a user's work address, a user's favorite venues, and a user's connections with others. **Many dating apps share location data.**
-
-In 2022, The Markup [published](https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker) the results of an investigation from a 2018-2019 sample dataset they obtained from the data broker X-Mode. The dataset compiled location data collected from 107 different apps, including the dating app Bro "for bi, gay, and open-minded men".
-
-While conducting research on apps from the Google app store in 2020, the Yale Privacy Lab uncovered several other queer dating apps selling data to X-Mode. At that time, the dating apps Wapo, Wapa, MEET MARKET, and FEM were all sharing users' location data with the same data broker.
-
-Replying to journalists, Bro App's founder confirmed that the company no longer shares users' location with X-Mode.
-
-But what other data and which other data brokers dating apps might be working with? How many other dating apps similarly share location data?
-
-Seven years after this dataset was examined, and in a world where data is being collected from users exponentially more, how many dating apps have simply normalized this practice entirely?
-
-This isn't a new problem, and this [isn't just about location data](https://www.vice.com/en/article/shady-data-brokers-are-selling-online-dating-profiles-by-the-millions/). But this problem is getting increasingly worse, and users must be properly informed on how their intimate data is used and shared.
-
-With the advancements in computer performance over the years, collecting and storing data is cheaper than ever. Corporations and governments alike are eager to access this data for advertising and surveillance purposes. The same is true for special interest and criminal groups of all kinds.
-
-**The data broker industry is thriving on exploiting our data without consent**, even in our most intimate activities.
-
-### They monetize data for advertising
-
-Data brokers and ad-tech companies are working together in similar ways to extract values from every data point they can find about you online. They feed each other in some sort of twisted exploitative synergy.
-
-Dating apps are working with them as well.
-
-In 2021, [Grindr was fined](https://www.bbc.com/news/technology-59651703) €6.5m by the Norwegian Data Protection Authority for sharing users' data without prior explicit consent. The data shared with advertisers included age, gender, advertising ID, IP address, GPS location, and the fact that someone used Grindr. This makes the data even more sensitive, potentially revealing a user's sexual orientation (which is a special category under the [GDPR Article 9](https://gdpr-info.eu/art-9-gdpr/)).
-
-Last year, Grindr was sued for allegations of [sharing users' HIV status](https://www.bbc.com/news/articles/cj7mxnvz42no) with advertisers, in violation of UK's data privacy laws. Two years before, Grindr was [reprimanded](https://ico.org.uk/media2/migrated/4023128/grindr-reprimand.pdf) by the UK's Information Commissioner's Office (ICO) for its data protection (mal)practices.
-
-In 2020, the CPO Magazine [reported](https://www.cpomagazine.com/data-privacy/many-of-the-major-dating-apps-are-leaking-personal-data-to-advertisers/) about tests conducted by the Norwegian Consumer Council that found some of the most popular dating apps sharing sensitive personal information with advertisers. Tinder, Grindr (again), and OkCupid were all found to share age, gender, device information, IP address, and GPS location with advertising and analytics platforms owned by Google, Facebook, Twitter (X), Amazon, and more.
-
-Worse, it was also found that some of these apps sometime shared users' data related to their sexual orientation and dating interests. OkCupid even shared users data related to drug use and political views.
-
-The same year, Tinder announced a partnership with the app Noonlight to implement a "panic button" feature to connect users with help in case of emergency. This seems great at first, but the problem is, it is yet another app that hasn't done its privacy homework properly to protect users. Gizmodo [found](https://gizmodo.com/tinders-new-panic-button-is-sharing-your-data-with-ad-t-1841184919) the partnering app was sharing users' data with major ad-tech businesses *every minute*, including with Facebook and Google.
-
-Even your safety is being monetized and shared with Facebook.
-
-### They don't safeguard data properly
-
-In addition to collecting and monetizing a *large* amount of very sensitive data on every user, many dating apps have the unfortunate tendency to not take securing this data seriously enough.
-
-Data breaches and leaks of all sorts are rampant with dating apps. Assume all data you upload there might become public, sooner than later. If you are not out publicly, be aware **a dating app data breach could out you against your will**.
-
-Here are a few examples of past incidents:
-
-- 2025: [Grindr, Tinder data breach](https://techcrunch.com/2025/01/13/gravy-analytics-data-broker-breach-trove-of-location-data-threatens-privacy-millions/?guccounter=1)
-
-- 2025: [Translove, Pink, Brish data leak](https://cybernews.com/security/ios-dating-apps-leak-private-photos/)
-
-- 2025: [Gay Daddy data leak](https://cybernews.com/security/gay-daddy-ios-app-exposes-users/)
-
-- 2025: [Raw data leak](https://techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information/)
-
-- 2025: [Headero data leak](https://beyondmachines.net/event_details/headero-dating-app-leaks-data-exposing-4-million-user-records-5-n-4-z-a/gD2P6Ple2L)
-
-- 2023: [Coffee Meets Bagel data breach](https://www.bleepingcomputer.com/news/security/coffee-meets-bagel-says-recent-outage-caused-by-destructive-cyberattack/)
-
-- 2023: [419 Dating, Meet You, Speed Dating App For American data leak](https://ciso.economictimes.indiatimes.com/news/data-breaches/dating-app-that-claims-50-million-users-suffer-data-breach/101910331)
-
-- 2021: [MeetMindful data breach](https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/)
-
-- 2019: [Coffee Meets Bagel data breach](https://www.independent.co.uk/tech/coffee-meets-bagel-dating-app-hack-a8781176.html)
-
-- 2019: [Heyyo data leak](https://www.zdnet.com/article/heyyo-dating-app-leaked-users-personal-data-photos-location-data-more/)
-
-- 2019: [MobiFriends data breach](https://www.infosecurity-magazine.com/news/data-breach-exposes-four-million/)
-
-These are only a few examples, and from all the examples of data exposure out there, it's important to remember these are likely only *a fraction* of the data breaches truly happening. The small fraction that actually gets detected and reported.
-
-While nothing is ever 100% secure, **application developers must do much more** to protect users data adequately.
-
-The constant news about data breaches and leaks is demonstrating how better security and better privacy is urgently needed, especially for such sensitive information.
-
-### They can make deleting data difficult
-
-One excellent practice every dating app should adopt is data minimization. Applications should only require users to *provide the absolute minimum* information necessary to run the service.
-
-Then, as soon as this data is no longer required, data should be *thoroughly and permanently deleted*. For example, data should be *thoroughly deleted* when a user deletes it on their end, officially requests to have their data or their account deleted, or when an account becomes inactive after a certain period of time.
-
-This practices greatly reduces the risk of data breaches and leaks, and releases the company from this legal responsibility. **You cannot endanger the data you do not have.**
-
-Every organization and software developer *should* follow the [wise advice](https://www.schneier.com/blog/archives/2016/03/data_is_a_toxic.html) from renown cryptographer Bruce Schneier, and treat data like it's a toxic asset.
-
-#### Data retention practices
-
-It's difficult to know for sure for how long certain dating apps retain data behind the scene. Many lack transparency about their data retention practices.
-
-Data retention periods should always be the shortest possible to provide the service. Sadly, many businesses might be tempted to retain it for much longer, especially in the age of AI-training datasets.
-
-#### Data deletion practices
-
-Additionally, not all dating apps have adopted proper data deletion practices.
-
-The ideal practice is to empower users to be able to delete the data they wish to delete from within their account (e.g. being able to delete one message or one conversation). But also, companies should provide an option to request a *complete* and *permanent* account and data deletion from within the account, *without requiring additional information* from a user, and without requiring to email the company.
-
-Many applications have implemented data deletion processes similar to the model described above to manage user's requests, but not all of them (yet).
-
-Of course, organizations *must* also follow through, and *properly* delete this data in the *backend* as well as in the frontend.
-
-This has important legal implications, because even for organizations lacking transparency and honesty, users could soon find out the truth in the next data breach. If the data was not fully deleted after a deletion request was made, this could have *severe* legal and financial consequences.
-
-#### Investigating an app's data deletion process *before* creating an account
-
-Unfortunately, some dating apps seem to have neglected this important process in their relationship with users.
-
-Some applications and services are requiring *more* data to submit a data deletion request than what was even required to create the account in the first place. **This is bad.**
-
-Despite being rated the best (or perhaps the "least bad") on [Mozilla's Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/), the queer dating app Lex seems to require users to fill a *Google Form* that mandates providing first and last name, date of birth, email, phone number, and even a *home address*. One of the form seems to imply an official piece of ID might also be required. This is *extremely* intrusive.
-
-Moreover, this practice would be directly sharing this personal information *with Google,* outing that this person (with this legal name, and at this home address) is queer and uses or used Lex.
-
-Google Forms aren't a private way to share sensitive data. This isn't a great data privacy practice, to say the least.
-
-It's also [unclear](https://help.lex.lgbt/article/69-how-can-i-delete-my-data) if Lex respond to data deletion requests from users located outside the protection of the GDPR (Europe) or the CCPA (California US) at all. Despite a number of regions worldwide benefiting from privacy laws granting rights similar to the [GDPR's Article 17](https://gdpr-info.eu/art-17-gdpr/).
-
-Even if you have been careful to provide only minimal information when creating your account, it seems a simple data deletion request once you are done using the app would require you to share all this *extremely sensitive and identifying information* with Lex (and Google!).
-
-At the time of this article's publication, Lex's current [privacy policy](https://help.lex.lgbt/article/51-privacy-policy) links to these two forms required from users to fill for [GDPR's Right to Erasure requests](https://docs.google.com/forms/d/e/1FAIpQLSdhK2fkBounO1PeN75s7OU0Ey1tmMpGEQYd9lD8EQWAH8DPKA/viewform) and [CCPA's Right to Delete requests](https://docs.google.com/forms/d/e/1FAIpQLScz7bDrVbjvB4uSiWjJky0JeePyv4Q-g3Cejz6pCCHiXlUEVw/viewform).
-
-It goes without saying that you shouldn't email a copy of your passport to anyone, and you should never have to provide *more* information than the app already has on you to get your data deleted. This is especially true if all the data mentioned above gets shared with a third-party advertising company like Google, through the use of Google Forms.
-
-Privacy Guides has reached out to Lex for clarification on its data deletion practices, but has not received any response at the time of this publication.
-
-Before creating an account with a dating app (or any other app for that matter), it's important to find information on what will be the process to delete your data and account once you are done with the app.
-
-That way, you can choose to only use applications that will thoroughly respect your privacy rights, and your rights to delete your own data.
-
-## Queer dating apps can be targeted
-
-At this time, almost all popular dating apps are *horrible* for data privacy. But queer dating apps (or queer people using any dating app) are especially vulnerable targets for malicious actors.
-
-Unfortunately, hateful groups, criminals, and even governments have been weaponizing dating apps to harass, exploit, arrest, or even attack queer people.
-
-Dating app companies are partly responsible for facilitating this harm by selling users' data to data brokers and advertisers, and by repeatedly missing opportunities for improvements to secure their users' data.
-
-Additionally, each time there is a new dating app data leak, whether from negligence, incompetence, greed, or malice, this leak risks [outing people against their will](importance-of-privacy-for-the-queer-community.md/#being-outed-against-ones-will). This alone can have devastating consequences, from feeling violated to getting arrested, or even killed.
-
-In Morocco, where being gay is still illegal, a social media influencer [asked](https://www.levantx.com/series-source/violence-in-lockdown-sofia-talouni-and-gay-male-outings-in-morocco-under-covid) people in 2020 to join dating apps to out gay men around them. This resulted in a violent online harassment campaign with many gay men being outed against their will, chased from their homes, shunned by their family, and horrifyingly even led to some suicides.
-
-Regrettably, even in countries where being queer is legal and generally accepted, [targeted harassment](privacy-means-safety.md/#trans-and-queer-activists) and attacks can happen.
-
-For people who aren't out publicly, data revealed about their dating life could potentially out them immediately. But even for people who are out publicly, making details about their dating life public could trigger online hate, targeted harassment, and endanger them in many ways.
-
-Queer dating apps have an even greater responsibility to protect their users' data.
-
-Data related to one's sexual orientation is categorized as especially sensitive information by many privacy laws, generally requiring additional protections. For example, GDPR's [Article 9](https://gdpr-info.eu/art-9-gdpr/) specifies special conditions for handling data related to a "person's sex life or sexual orientation".
-
-Companies and software developers must take this responsibility much more seriously.
-
-### Hateful groups tracking users
-
-In 2023, the Washington Post [revealed](https://www.pcmag.com/news/a-catholic-group-spent-millions-on-dating-app-data-to-out-gay-priests) that an American Catholic group based in Colorado had bought data brokers datasets from queer dating apps.
-
-The religious group spent millions of dollars to access data from Grindr, Scruff, Growlr, Jack'd, and OkCupid in an attempt to out gay and bisexual priests. The group used these datasets to cross-reference locations with church residences. This level of hate and insidious spying seems quite ungodly.
-
-Tragically, dating apps selling users' data to brokers and advertisers makes this type of targeting by hateful groups easily accessible to anyone willing to pay.
-
-### Governments and authorities prosecuting users
-
-In countries where homosexuality and transgender people are criminalized, even governments are guilty of these cruel practices.
-
-In 2017, Human Rights Watch [reported](https://www.hrw.org/news/2017/05/01/south-koreas-military-sodomy-law-should-go) allegations of the South Korean army cracking down on gay service members using published screenshots from dating app chats. Although homosexuality isn't illegal for civilians in South Korea, same-sex intercourse is illegal in the military. This oppressive rule is aggravated by the fact that South Korean men are [obligated to enroll](https://en.wikipedia.org/wiki/LGBTQ_rights_in_South_Korea) for a mandatory period of service under the conscript system.
-
-In 2018, organization Article 19 [completed](https://www.article19.org/resources/apps-arrests-abuse-egypt-lebanon-iran/) an investigation on the risk of dating apps usage by the LGBTQ+ community in Egypt, Lebanon, and Iran. The report demonstrates how authorities in Egypt used the geolocation feature of dating apps to entrap and arrest gay and transgender users.
-
-In 2022, Article 19 supported another report [focusing](https://www.article19.org/wp-content/uploads/2022/03/Digital-Crime-Scenes-Report-3.pdf) on the persecution of queer people in Egypt, Lebanon, and Tunisia. The report explains how authorities in these regions used dating apps to set up trap meetings with users, and to collect digital "evidences" to charge queer users.
-
-In 2025, Human Rights Watch [published](https://www.hrw.org/news/2025/05/26/uganda-anti-lgbt-law-unleashed-abuse-0) a report documenting the actions of authorities in Uganda following the 2023 enactment of the Anti-Homosexuality Act. In addition to spreading misinformation and hatred against LGBTQ+ people, leading to harassment and attacks, authorities have started to use dating apps to extort, entrap, and arrest queer people.
-
-Sadly, if LGBTQ+ rights continue to regress like we have observed in the past months, this sort of government-sanctioned persecution might even become normalized in the UK and the US as well.
-
-### Criminals blackmailing and attacking users
-
-Along with hateful groups and authoritarian regimes, criminals are also targeting the queer community on dating apps. This type of crime is exponentially worse for users located in regions where being queer is criminalized, but it is still a danger for anyone worldwide.
-
-Criminals have been [targeting](https://www.bleepingcomputer.com/news/security/lgbtq-plus-community-warned-of-extortionists-abusing-dating-apps/) users on queer dating apps for extortion scams. According to a report from the US Federal Trade Commission, criminals pose as potential dates sending explicit photos, then request users to reciprocate. If they get a reply, they blackmail the victim under threat of revealing this information. This type of extortion can have devastating consequences.
-
-Dating apps are worsening this problem when requesting users to provide legal identification such as facial scans, official IDs, or home addresses. If this information leaks in the future, criminals will have an even easier time to extort and attack their victims, regardless of if they're still on the app or not.
-
-## Reducing the risks when using dating apps
-
-Despite how bad dating apps are for your privacy (and maybe also your safety), your social, sexual, and romantic needs are important to consider as well.
-
-The best alternative for your data privacy is probably to favor in-person meetups and venues, whenever possible.
-
-However, if this isn't accessible to you, and you decide using a dating app is worth the risks, here are a few things to keep in mind that can help to improve your privacy and to reduce the dangers when using a dating app.
-
-### Investigating before creating an account
-
-Before creating an account on a dating app (or any other apps), it's a good idea to take a look at its privacy policy (or privacy notice) and terms of service.
-
-#### Researching privacy policy and terms of service
-
-Most people *hate* doing this, but it can really help to discern which apps are better than others.
-
-You don't have to read it all, but make sure to at least check the sections on what data they collect, with whom they share it, and how they use it.
-
-Important pro-tip: Using your browser, search the page for an "@" sign to verify if the privacy policy includes a contact email address. It *should* have one. Sometimes, it will be a link to a contact page instead. If you cannot find any way to contact anyone at this organization by email, be suspicious.
-
-If you decide to use this dating app, keep a local copy of its privacy policy and terms of service using the "Save to PDF" function from your browser. This *can* help legally by keeping a proof in time of what were the terms when you signed up (of course, they might change later, but that's a start).
-
-#### Investigating usage of AI systems
-
-Look in the privacy policy and terms of service for any mention of AI systems. Sometimes, it's not named directly and might be called something else like "automated system" or other expressions.
-
-Be especially vigilant to check if the company **might use your content data to train these systems**. Make sure you have a way to at least opt out, or deactivate of any such training. AI systems training on your data is *atrocious* for your privacy.
-
-#### Confirming data deletion processes and retention periods
-
-Again usually through the app's policies, look at what the process will be when you'll want to get your data and account with this app fully deleted.
-
-This is important because deleting your data once you are done using the app will greatly improve your data privacy and security, by protecting it from potential data breaches and undisclosed usage in the future (if the deletion is done thoroughly).
-
-Additionally, deleting your data and account once you no longer need it minimizes the risk of an abandoned-account takeover by a criminal.
-
-When you abandon an account without closing it and deleting its data properly, criminals might break in and start using your account and data without your knowledge. The longer the account sits there, the greater the risk.
-
-Make sure the app describes a clear process you can manage yourself *from within* the account to fully delete your data and account, and that **it doesn't require more information** to delete your account than you had to provide to create it in the first place.
-
-#### Evaluating reputation from history of data breaches
-
-Finally, conduct a short research on the history of security practices for this dating app.
-
-Look for trustworthy third-party reviews and information about the app. Always assume information and promises from the company itself are biased.
-
-Check the news for reports of data breaches and leaks. Checks what security researchers and privacy professionals have to say about this app. Make sure to find trustworthy sources, and remain vigilant about AI-generated articles and review articles that are advertising in disguise.
-
-### Choosing a dating app
-
-As stated at length in this article, there aren't any *good* dating apps for your privacy, sadly. There are only "slightly less horrible" dating apps.
-
-For more details on each, you can take a look at Mozilla's [Privacy Not Included chart](https://www.mozillafoundation.org/en/privacynotincluded/categories/dating-apps/) for dating apps. Check the details for each app you are interested in, not just the rating. However, keep in mind that even Lex, the first app listed there, doesn't seem to have great practices in regard to [data deletion](#investigating-an-apps-data-deletion-process-before-creating-an-account), and you might be unable to delete your account data fully if you decide to use this app. This might also be the case for some other apps listed there.
-
-Alternatively, there are a few free dating apps that might offer a different approach with open source code. Applications that are open-source have the benefit of full transparency to examine its code, and potentially detecting any undisclosed data collection.
-
-That being said, open-source applications aren't magically secure, and don't necessarily grant better privacy either. But code transparency helps to audit the application, and to detect any false claim related to privacy and security. The German dating app Alovoa is an example of this. You can take a look at its [code](https://github.com/Alovoa/Alovoa/) on GitHub.
-
-However, the downside of any dating app that isn't massively popular is it will have fewer users, possibly making finding matches more difficult.
-
-Nevertheless, using a niche dating app that fits better your values *could* potentially increase the chances of finding a match that also fit better your values.
-
-Specifically to data privacy however, privacy-conscious people looking for a date online might have to wait for a truly privacy-respectful app to be developed, and to get more popular in the future.
-
-### Minimizing the data shared
-
-When using any dating app, you should always be careful with the information you share, not just for data privacy, but also for your physical safety.
-
-Using a dating app still means talking with a lot of strangers online, and these strangers might have different intentions and goals than yours.
-
-Of course, to find genuine matches, you also do need to share at least some information about yourself, and you shouldn't lie to potential partners.
-
-The idea isn't to use fake information, the idea is simply to *minimize* the information you share, to increase your data privacy with the app, and your safety when interacting with strangers.
-
-Once you have developed a certain level of trust with a dating app match, then you can [move to safer channels](stay-safe-but-stay-connected.md/#private-messaging-one-on-one-and-group-chats) to share more with them (if you wish) in a more secure and more private environment. You could share your Signal username with them to chat in an end-to-end encrypted environment, for example.
-
-<div class="admonition warning" markdown>
-<p class="admonition-title">Warning: Only share when you fully trust!</p>
-
-Remember that there will be no content moderation in this end-to-end encrypted environment, because it is *truly private*. You should **never share any intimate details with someone you do not trust fully**, even on Signal (or any other end-to-end encrypted apps).
-
-</div>
-
-#### Sign up credentials
-
-When signing up for a dating app, **never use a social media account**. Many applications now gives the option to sign up or sign in using your Google, Facebook, or Instagram account.
-
-While this might seem convenient at first, it allows the applications to exchange data, and this is *incredibly bad for your privacy*.
-
-Instead, always sign up for a dating service using new credential information that you have not used anywhere else before (new username, new email, new password). This will reduce the risk of your other accounts being linked with your dating app data, and vice versa.
-
-#### Email address
-
-To use a unique email address, you might want to create a proxy address known as an alias.
-
-Email aliasing is a great technique to improve your privacy online. It allows you to register for services using a unique email address for each. You can also use these unique email addresses to give to your dating prospects to communicate with them. For email aliasing, SimpleLogin is a great service that we [recommend](https://www.privacyguides.org/en/email-aliasing/).
-
-#### Phone number
-
-Using a unique phone number is much more complicated, unfortunately.
-
-From some countries, you might be able to find a trustworthy phone number proxy service, but those aren't always accepted to sign up for new accounts.
-
-Generally, it's much harder to use proxy for a phone number, and account requiring phone numbers to sign up aren't the best for privacy.
-
-A phone number is an identifier that most people rarely change, and that is strongly attached to your legal identity. If this data leaks in the future, your dating data could be linked to your legal identity, and to your other accounts in all sorts of ways.
-
-Additionally, using a phone number or a verification code sent to your phone through SMS to log in makes your account vulnerable to [SIM swap attacks](https://en.wikipedia.org/wiki/SIM_swap_scam). Avoid apps that are requiring a phone number to sign up if you can.
-
-If you absolutely cannot avoid it, then consider getting a secondary phone number on a spare phone that you only use for dating.
-
-#### IP address
-
-Your IP address is an identifier attached to the internet service you use, and can reveal your location (more or less accurately). Additionally, an IP address can potentially reveal your legal identity, and be linked to your other internet activities.
-
-Any online services and websites you use and visit will know your IP address, including dating apps.
-
-To protect from this, you would need to use a [trustworthy Virtual Private Network (VPN)](https://www.privacyguides.org/en/vpn/) provider. However, know that using a VPN is only a transfer of trust, from your Internet Service Provider (ISP) to your VPN provider.
-
-If using a queer dating app could be dangerous in your country, keep in mind that your VPN provider would know you have visited one. You would need additional protections to go around this, such as using a service like [Tor](https://www.privacyguides.org/en/advanced/tor-overview/) (which might not be possible with some services).
-
-Moreover, some dating services might not allow connection from a VPN server at all, or could trigger additional security checks and requirements to log in.
-
-#### Mobile app permissions
-
-After installing a dating app on a mobile device, make sure to go through your phone's settings to disable all the permissions you can.
-
-Keep it at the absolute *minimum* required for you to use the app. **Don't give permissions for the app to access your contacts or photos.**
-
-If enabled by default, disable accesses. Also disable accesses to your location, if you do not use this feature with the app. Ideally, enter your broad location instead (e.g. city only), and never allow precise geolocation from your phone.
-
-#### Privacy settings and opting out
-
-Before adding any information to your dating profile, go through the app's settings to select the strongest options available to protect your privacy.
-
-Sometimes, apps make it hard to find where to opt out data sharing and AI training, but *be persistent* and look everywhere you can. This is worth the effort!
-
-#### Account security
-
-Securing your account is also important to protect your privacy. If you do not use a [strong and unique password](https://www.privacyguides.org/en/basics/passwords-overview/), a criminal could easily snoop in or even takeover your account.
-
-In addition to choosing a long, complex, and unique password, make sure to enable multifactor authentication. Ideally, use an [authenticator app](https://www.privacyguides.org/en/multi-factor-authentication/) or [security key](https://www.privacyguides.org/en/security-keys/) for this.
-
-If the only option you have is to enable multifactor authentication with a phone number, *and you have already signed up for the app using a phone number*, then this is better than nothing. If you have *not* signed up with the app using a phone number, then it might be better to not use this at all. It's preferable to not give your phone number to the app, if you can avoid it.
-
-#### Name, nickname, and full name
-
-Be careful with the name you choose to publish. Avoid sharing your last name with anyone until you have met them, trust them, and are discussing on safer channels with them.
-
-Perhaps only use a nickname on the app, your fist name only, or a shortened version of your name if you can. **Do not lie, but avoid providing your complete legal identity from the app.**
-
-#### Photos and videos
-
-For photos, try to keep an awareness of whom will be able to see them. Some apps make your main profile picture visible to the entire internet!
-
-If this is true for the app you use, perhaps choose a photo hiding your features a little as your main photo. Then, add more detailed photos inside your profile, if photos have more restricted visibility there.
-
-No matter which photos you upload in a dating app, **do not ever use the same photos you have used on social media!**
-
-This could allow *anyone* to cross-reference your dating profile with your social media accounts using this photo (or other accounts and websites where you used the same photo). Depending on your situation, this can be incredibly dangerous.
-
-Ideally, only upload photos on the dating app that are new, or that you have only used with dating services.
-
-Additionally, be extremely careful about which *other* information is visible in the photos you share.
-
-Remain mindful of anything that could identify your home or work location, such as street signs, bus stops, street addresses, city landscapes, etc. Pay special attention to reflections in glasses, windows, mirrors, and other reflective surfaces.
-
-#### Photo metadata
-
-Furthermore, make sure to **[remove the metadata](https://www.privacyguides.org/en/data-redaction/)** from the photos and videos you want to upload, *before* you uploaded them in the dating app.
-
-Photo metadata can reveal a lot about you. This includes device models as well as the precise date, time, and geolocation where a photo was taken, or a video was filmed. Any metadata attached to images and videos uploaded to the app, is likely to be collected by the app.
-
-#### Intimate photos
-
-Finally, if you trust a match enough to start sharing more intimate pictures, consider the dating app might not be the safest space for this.
-
-Dating apps do not use end-to-end encryption, and *all* the data you upload there can be accessed by the company, and could be stolen in a data breach. Some dating apps were already [called out](https://www.techradar.com/pro/security/major-dating-app-data-breach-may-have-exposed-1-5-million-private-user-images-online) for this earlier this year.
-
-Moreover, keep in mind that criminals are regularly hunting for victims on dating apps, requesting intimate pictures for [nefarious purposes](https://www.bbc.co.uk/news/articles/cyvjy0871dqo). Students and younger people are a growing target for extortion, [sextortion](https://www.tandfonline.com/doi/full/10.1080/01639625.2024.2317904), and even [sex trafficking](https://www.investigatewest.org/investigatewest-reports/a-washington-teen-was-trafficked-by-a-man-she-met-on-tinder-she-says-two-years-later-shes-still-waiting-for-justice-17706687) on dating apps.
-
-*Always* keep in mind this risk when sharing intimate photos and videos with someone, *even on end-to-end encrypted platforms*.
-
-#### Private conversations
-
-When chatting in private with matches, remember that this conversation might not be as private as it feels.
-
-As explained above, the company can technically still **read and collect all of your private conversations**, and this data could also leak in a data breach.
-
-Additionally, nothing prevents anyone you are talking with from taking screenshots and publishing this information online. Unfortunately, this despicable practice isn't that uncommon.
-
-Make sure you trust the person you are chatting with enough before sharing any details that strongly identifies you, your location, or your work location. Consider moving to safer encrypted channels when the conversation becomes more personal.
-
-<div class="admonition info" markdown>
-<p class="admonition-title">A note on anonymity</p>
-
-Keep in mind that all these measures will *not* make you completely anonymous on a dating app.
-
-It will only *reduce* the data you expose to the company and its advertisers, to potential data breaches and leaks, as well as to criminal and governmental non-consensual accesses.
-
-Achieving total anonymity online is very difficult. But following these privacy-enhancing practices will effectively help to reduce the risks, and keep you safer online.
-
-</div>
-
-## Let's hope for better dating apps in the future
-
-It's disheartening to discuss a topic such as dating apps when the reality is there **aren't any good alternatives** to propose.
-
-Dating *offline* is the best data privacy-preserving solution so far, but dating apps, moreover queer dating apps, exist for a reason: It's hard to find occasions to meet people to date in-person these days.
-
-Many opportunities for this have slowly disappeared from our society in the past years. Online dating does provide a solution to meet people looking to date as well.
-
-The even sadder truth is, technically, we *could* have great privacy-respectful dating apps.
-
-However, the for-profit business model of most applications (not just dating apps) has incentive everyone to share and monetize users' data in horribly intrusive and abusive ways. This isn't a problem limited to dating apps.
-
-Nonetheless, dating apps should be built with much greater protections for users' privacy. The unavoidable sensitive data they collect warrants exemplary security and privacy measures.
-
-Let's hope that one day we will see a trustworthy dating-app developer come with a *truly* privacy-respectful dating app. One that uses serious security measures, data minimization practices, proper data deletion processes, code transparency, honest and complete policies, fully end-to-end encrypted private chat, and that doesn't sell nor share users' data with anyone.
-
-Until then, stay safe out there. And keep in mind your privacy and safety when using queer dating apps.
-
-## Additional resources
-
-### Helplines
-
-If you are feeling isolated, depressed, or suicidal, do not hesitate to reach out for help. These helplines are here to listen:
-
-- [Mindline Trans+ (UK)](https://www.mindinsomerset.org.uk/our-services/adult-one-to-one-support/mindline-trans/): Confidential support helpline for people who identify as trans, agender, gender-fluid or non-binary.
-
-- [Trans Lifeline Hotline (US and Canada)](https://translifeline.org/hotline/): Trans peer support (Phone number US: 877-565-8860 / Canada: 877-330-6366)
-
-- [Suicide & Crisis Helpline (US and Canada)](https://988lifeline.org/): General support 24/7 (Phone number: 988)
-
-- [Suicide & Crisis Helpline (International)](https://en.wikipedia.org/wiki/List_of_suicide_crisis_lines): List of suicide crisis lines around the world.
-
-### International advocacy
-
-- [Amnesty International](https://www.amnesty.org/en/what-we-do/discrimination/lgbti-rights/): Human rights organization running campaigns to protect and uphold the rights of LGBTI people globally.
-
-- [Human Rights Watch](https://www.hrw.org/topic/lgbt-rights): Human rights non-profit who documents and exposes abuses based on sexual orientation and gender identity worldwide, and advocate for better protective laws and policies.

blog/posts/you-can-say-no.md

@@ -1,149 +0,0 @@
----
-date:
-    created: 2025-06-17T18:00:00Z
-categories:
-    - Opinion
-authors:
-    - em
-description: |
-    Sometimes, it can feel like our data is collected completely outside of our control or consent. But we still have a powerful weapon to fight back: The power to say no.
-schema_type: Opinion
-preview:
-  cover: blog/assets/images/you-can-say-no/no-cover.webp
----
-
-# You Can Say NO
-
-![Black and white cutout photos of two hands over a blue background. One hand does an offering gesture and the other one a refusing gesture. The word "No!" is printed in the middle.](../assets/images/you-can-say-no/no-cover.webp)
-
-<small aria-hidden="true">Photo: Gabby K / Pexels</small>
-
-In the age of facial recognition and age verification, it might feel like our data is being harvested left and right, completely outside our control or consent. Yet, we still have a powerful weapon to fight back against surveillance: The power to say no.<!-- more -->
-
-The power to say no is one we severely underutilize. Of course, there are circumstances where it can be difficult (impossible even!) to refuse. Saying no can come at a cost, but this isn't true everywhere, and (more importantly) that cost might be worth paying.
-
-There are many occasions where we could indeed refuse to comply with privacy-invasive requests, but miss the opportunity.
-
-However, it is vital as a community and as individuals that we exercise this right every time we possibly can, if we want to stand a fighting chance against the normalization of mass surveillance.
-
-## Why people surrender
-
-Many people agree to privacy-invasive requests despite feeling uncomfortable about it. They might not necessarily agree as much as *not refuse*, but the result is the same. There are many factors responsible for this:
-
-### Time pressure
-
-Sometimes, when a new request is rushed, people do not have sufficient time to evaluate the consequences of saying yes or no.
-
-It's hard to make an informed decision when we get suddenly asked by a polite cashier "can I have your postal code?", or some airport worker instructing us to "just stand in line here to have your photo taken". We might get caught off guard and simply not process what is really happening.
-
-When we do not have enough time or energy to properly evaluate the consequences of data collection, our default response should always be no. It's much easier to add data later on if needed, than to delete it.
-
-### Default pressure
-
-Other times, we might not even know we have a right to object.
-
-There are so many instances in privacy where data collection is presented to us as just the normal way to proceed, without informing us properly about our other options. Of course, this is often by design, because people might never accept such intrusive practices otherwise.
-
-For privacy consent, like for any other types of consent, it's important to remember that lack of an explicit and informed yes should equal to a no.
-
-When we do not have sufficient information about why this data is collected and how it will be processed, our default response should always be to ask if there is an option to opt out or refuse.
-
-### Peer pressure
-
-Then, there's the peer pressure when everyone else is doing it.
-
-Everyone else is on this platform, it must be okay. Everyone else has agreed to being recorded during this meeting, it must be okay. Everyone else is sharing a photo of their face, it must be okay. Everyone else is scanning their irises, it must be okay.
-
-Do not get duped by popularity. Sometimes, the most popular things people are doing are the worst things to do. Even if it can be really hard to resist peer pressure and to swim against the tide, it's important to make informed decisions free from the influence of trends.
-
-When we know a service, platform, or product doesn't respect our privacy rights, we should feel proud to take a stand and refuse to use it ourselves, even if everyone else uses it (for now).
-
-Whether it's because we have been pressured in time, pressured by peers, or simply because we did not know we could say no, it is crucial we take the time to reflect on this preventively, in order to be prepared to say no the next time we have a chance to.
-
-## There are consequences for saying no, but worse ones for saying yes
-
-Unquestionably, saying no isn't free from consequences.
-
-When refusing to provide an official ID to recover an account, we might lose that account. When refusing to provide biometric data to register, we might lose the opportunity to use this service. When refusing to participate in a privacy-invasive social media, we might lose friends who don't want to contact us using privacy-respectful platforms instead.
-
-But what are the consequences for saying yes?
-
-If we say yes all the time, even when we clearly have an option to object, to report, or to refuse to participate, we will soon lose our right to say no.
-
-If everyone acquiesces to privacy-invasive requests and practices, companies and governments might soon think there is no point in keeping an opt-out option available at all, since most people are subserviently complying without making a fuss.
-
-At the individual level, of course this means our data will be collected, processed, compiled, shared, and monetized in ways we know little about. Each time we say yes, it's a new data point in our tracking history to observe, judge, categorize, and manipulate us.
-
-At the collective level, it's nothing less than the loss of our human rights and democracies.
-
-Collectively, we have the power to tilt the balance in favor of privacy rights when we stand firm for it by refusing to consent to intrusive requests every time we can.
-
-By refusing, we clearly express our rejection of this invasion and demand our right to privacy be respected. This sends a clear message to corporations and governments alike that the population does care about privacy rights.
-
-If we value the right to privacy, it's our collective duty to protect it.
-
-## How to say no?
-
-How can we individually and collectively work to push for privacy rights by saying no everywhere we can?
-
-Here are a few examples of practices you can adopt in your daily life that collectively will help to fight for privacy:
-
-### Stop
-
-Stop using the privacy-invasive platforms and services that you can. Move away and opt for [better social media, products, and services](https://www.privacyguides.org/en/tools/) that do respect your privacy and do not monetize your data.
-
-This will take some time of course. Be patient. Pick one change at the time. Maybe this week [delete your Facebook account](https://www.privacyguides.org/en/social-networks/), and next month [migrate your emails](https://www.privacyguides.org/en/email/) away from Gmail.
-
-Each time you stop using services from software companies that build their wealth on monetizing your data, you are saying no and taking a stand for privacy rights.
-
-### Refuse
-
-Refuse all cookies! It can be a real pain to browse the web with all these cookie banners. Of course, companies are hoping for [decision fatigue](https://en.wikipedia.org/wiki/Decision_fatigue) to manipulate you in clicking "yes, yes, yes, agree, continue, whatever!" But each time you comply in despair, you let them win against what you really want.
-
-Websites are not obligated to have cookie banners if they do not use any privacy-invasive cookies. This annoyance doesn't come from legislation, it comes from the greed and stubbornness of corporations to harvest your data. There would be no cookie banners at all if they simply stopped tracking you and collecting your data.
-
-Sabotage their plans by taking the time to find the "Reject All" button through their disingenuous button labyrinth.
-
-Similarly, many privacy-invasive features maliciously try to present as "ethical" because you can "opt out". But what good is this protection if no one uses it? Put a spoke in their wheel, look for the hidden *opt-out* option, and refuse to participate every single time.
-
-Beyond the digital realm, there are many in-person situations where you might have a right to refuse data collection as well.
-
-For example, you may have the right to refuse face scans in airports and demand a "traditional" human verification instead. Look into your local regulation to find out more about this. If everyone refused to scan their face at the airport every time they can, this practice would soon die.
-
-When you say yes to this, you are unfortunately contributing to the normalization of this invasive practice.
-
-Finally, refuse to be recorded. Depending on your local regulation, it's likely there is a legal requirement to inform you when a meeting or interview will be recorded. It's also likely that you have a right to refuse. Exercise this right every time you can. Additionally, depending on your local regulation, report instances where you couldn't and should have been able to refuse.
-
-### Report
-
-Each time you witness a practice that violates privacy laws, report it to the data protection authority for your location.
-
-Stay aware of which privacy law(s) are applicable in your region, and which official entity is responsible for enforcing the law. Your privacy protections are related to your *own* location, regardless of where the organization is based.
-
-In Europe, this entity is often called a Data Protection Authority (DPA), but outside of Europe it's often called something else. It might be a Privacy Commissioner or a Supervisory Authority, for example (but not always either). Read the law (or summary of) for your region, it will include a description of whom this entity is and how to report non-compliance.
-
-Report every infraction you see when you have the time. Sometimes, it's really as simple as sending a short email to the enforcing entity. One single complaint can trigger a full investigation sometimes. This can make an enormous difference.
-
-If you can, reporting can also mean reporting to the media.
-
-When you experience an invasive practice or witness a serious data protection violation, report it to the media if you are comfortable sharing. Personal accounts of such experience are important for collective awareness. The more people know, the more people talk, the more we stand a chance to keep our privacy rights alive. Make noise!
-
-### Advocate
-
-Talk to your friends, family, co-workers, and acquaintances about their options to opt out data collection, and their right to refuse and to say no.
-
-Tell them about how important this is with the social media, software, and services they use. Tell them about the importance of looking for the rejection options on cookie banners, finding information on how to object to face scans at the airport, and refusing the use of AI note-takers during their medical consultations.
-
-Talk about this topic on social media! Share news about privacy-invasive practices. Inform people on how they can opt out, refuse, and say no in your specific region.
-
-## Saying no is a collective and individual responsibility
-
-**Refusal is a powerful way to protest.** But like any protest, it must gather in numbers to have an impact at the collective level. The larger the number of people opting out and saying no, the stronger the message sent.
-
-That being said, do not minimize the impact your individual actions have. **Every single action matters, even the smallest one.** Movements always start at the individual level. If nobody starts, then nobody follows.
-
-By saying no each time, by stopping, refusing, reporting, and advocating, you are starting a movement. When advocating for the right to refuse privacy-invasive practices, you are growing a movement. Each of these contributions matters.
-
-The consequences for not saying no would be leaving the next generations without any protections for their privacy. It would be disastrous for their individual rights, but also disastrous for democracy, freedom of speech, and so many rights we currently take for granted.
-
-We cannot let our society slip into authoritarian mass surveillance. For ourselves and for the next generations, we must fight by saying no, every time we possibly can.

docs/dns.md

@@ -1,5 +1,5 @@
 ---
-title: "DNS Resolvers"
+title: DNS Resolvers
 icon: material/dns
 description: We recommend choosing these encrypted DNS providers to replace your ISP's default configuration.
 cover: dns.webp
@@ -10,7 +10,7 @@ global:
 
 - [:material-account-cash: Surveillance Capitalism](basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
 
-Encrypted DNS with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
+Encrypted **DNS** with third-party servers should only be used to get around basic [DNS blocking](https://en.wikipedia.org/wiki/DNS_blocking) when you can be sure there won't be any consequences. Encrypted DNS will not help you hide any of your browsing activity.
 
 [Learn more about DNS :material-arrow-right-drop-circle:](advanced/dns-overview.md){ .md-button }
 
@@ -54,52 +54,9 @@ These are our favorite public DNS resolvers based on their privacy and security
 
     Quad9: [*Data and Privacy Policy*](https://quad9.net/privacy/policy)
 
-## Self-Hosted DNS Filtering
-
-A self-hosted DNS solution is useful for providing filtering on controlled platforms, such as Smart TVs and other IoT devices, as no client-side software is needed.
-
-### Pi-hole
-
-<div class="admonition recommendation" markdown>
-
-![Pi-hole logo](assets/img/dns/pi-hole.svg){ align=right }
-
-**Pi-hole** is an open-source [DNS-sinkhole](https://en.wikipedia.org/wiki/DNS_sinkhole) which uses [DNS filtering](https://cloudflare.com/learning/access-management/what-is-dns-filtering) to block unwanted web content, such as advertisements.
-
-Pi-hole is designed to be hosted on a Raspberry Pi, but it is not limited to such hardware. The software features a friendly web interface to view insights and manage blocked content.
-
-[:octicons-home-16: Homepage](https://pi-hole.net){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://pi-hole.net/privacy){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://docs.pi-hole.net){ .card-link title=Documentation}
-[:octicons-code-16:](https://github.com/pi-hole/pi-hole){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://pi-hole.net/donate){ .card-link title=Contribute }
-
-</details>
-
-</div>
-
-### AdGuard Home
-
-<div class="admonition recommendation" markdown>
-
-![AdGuard Home logo](assets/img/dns/adguard-home.svg){ align=right }
-
-**AdGuard Home** is an open-source [DNS-sinkhole](https://en.wikipedia.org/wiki/DNS_sinkhole) which uses [DNS filtering](https://cloudflare.com/learning/access-management/what-is-dns-filtering) to block unwanted web content, such as advertisements.
-
-AdGuard Home features a polished web interface to view insights and manage blocked content.
-
-[:octicons-home-16: Homepage](https://adguard.com/adguard-home/overview.html){ .md-button .md-button--primary }
-[:octicons-eye-16:](https://adguard.com/privacy/home.html){ .card-link title="Privacy Policy" }
-[:octicons-info-16:](https://github.com/AdguardTeam/AdGuardHome/wiki){ .card-link title=Documentation}
-[:octicons-code-16:](https://github.com/AdguardTeam/AdGuardHome){ .card-link title="Source Code" }
-
-</details>
-
-</div>
-
 ## Cloud-Based DNS Filtering
 
-These DNS filtering solutions offer a web dashboard where you can customize the block lists to your exact needs, similarly to a Pi-hole. These services are usually easier to set up and configure than self-hosted services like the ones above, and can be used more easily across multiple networks (self-hosted solutions are typically restricted to your home/local network unless you set up a more advanced configuration).
+These DNS filtering solutions offer a web dashboard where you can customize the block lists to your exact needs. These services can be used easily across multiple networks.
 
 ### Control D
 
@@ -107,7 +64,9 @@ These DNS filtering solutions offer a web dashboard where you can customize the
 
 ![Control D logo](assets/img/dns/control-d.svg){ align=right }
 
-**Control D** is a customizable DNS service which lets you block security threats, unwanted content, and advertisements on a DNS level. In addition to their paid plans, they offer a number of preconfigured DNS resolvers you can use for free.
+**Control D** is a customizable DNS service which lets you block security threats, unwanted content, and advertisements on a DNS level.
+
+In addition to their paid plans, they offer a number of preconfigured DNS resolvers you can use for free.
 
 [:octicons-home-16: Homepage](https://controld.com){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://controld.com/privacy){ .card-link title="Privacy Policy" }
@@ -134,7 +93,9 @@ These DNS filtering solutions offer a web dashboard where you can customize the
 
 ![NextDNS logo](assets/img/dns/nextdns.svg){ align=right }
 
-**NextDNS** is a customizable DNS service which lets you block security threats, unwanted content, and advertisements on a DNS level. They offer a fully functional free plan for limited use.
+**NextDNS** is a customizable DNS service which lets you block security threats, unwanted content, and advertisements on a DNS level.
+
+They offer a fully functional free plan for limited use.
 
 [:octicons-home-16: Homepage](https://nextdns.io){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://nextdns.io/privacy){ .card-link title="Privacy Policy" }

docs/maps.md

@@ -1,6 +1,6 @@
 ---
 meta_title: "Recommended Maps and Navigation Apps - Privacy Guides"
-title: Maps and Navigation
+title: "Maps and Navigation"
 icon: material/map
 description: Privacy-respecting map providers and navigation apps which don't build an advertising profile based on your searches and locations.
 cover: maps.webp
@@ -11,7 +11,7 @@ cover: maps.webp
 
 Use a **map and navigation app** that doesn't build an advertising profile based on your searches and location history. Instead of using Google Maps, Apple Maps, or Waze, we recommend these privacy-respecting alternatives.
 
-The recommendations here do not collect personally identifying information (PII) based on each application's privacy policy. There is **no guarantee** that these privacy policies are honored.
+The recommendations here either do not collect any user data or at least do not collect personally identifying information (PII) based on each service's privacy policy. There is **no guarantee** that these privacy policies are honored.
 
 ## Organic Maps
 
@@ -47,7 +47,7 @@ Please note that Organic Maps is a simple, basic app that lacks certain features
 
 ![OsmAnd logo](assets/img/maps/osmand.svg){ align=right }
 
-**OsmAnd** is an open-source, offline map and navigation application based on OpenStreetMap that offers turn-by-turn navigation for walking, cycling, driving, as well as public transport. You can find a detailed overview of OsmAnd's supported [features](https://wiki.openstreetmap.org/wiki/OsmAnd#Features) on the OpenStreet Map Wiki.
+**OsmAnd** is an offline map and navigation application based on OpenStreetMap that offers turn-by-turn navigation for walking, cycling, driving, as well as public transport. It is open source and does not collect any user data.
 
 [:octicons-home-16: Homepage](https://osmand.net){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://osmand.net/docs/legal/privacy-policy){ .card-link title="Privacy Policy" }
@@ -58,30 +58,17 @@ Please note that Organic Maps is a simple, basic app that lacks certain features
 <summary>Downloads</summary>
 
 - [:simple-googleplay: Google Play](https://play.google.com/store/apps/details?id=net.osmand)
-- [:simple-appstore: App Store](https://apps.apple.com/us/app/id934850257)
 - [:simple-android: Android](https://osmand.net/docs/versions/free-versions)
+- [:simple-appstore: App Store](https://apps.apple.com/us/app/id934850257)
 
 </details>
 
 </div>
 
-<div class="admonition warning" markdown>
-<p class="admonition-title">Unique User Identifier</p>
-
-OsmAnd generates a [unique user identifier (UUID)](https://osmand.net/docs/legal/terms-of-use/#6-unique-user-indentifier) for each app install that rotates every three months and is used for internal reports and statistics. The UUID is also sent to OsmAnd's servers when downloading maps. On Android, there is a setting that controls whether the UUID is sent with each download request. From the home screen, go to :material-menu: → :gear: **Settings** → :gear: **OsmAnd settings** → :material-web: **Identifiers**.
-
-- [ ] Uncheck **Send Unique User Identifier (UUID)**
-
-This setting is not available on the iOS app.
-
-</div>
-
-The app also includes a setting for sharing anonymous data about your downloaded maps and the features you use. This setting is disabled by default on Android, but enabled by default on iOS. To disable it in the iOS app, tap the :material-menu: on the home screen to find the :gear: **Settings** menu. Select that, then select :gear: **OsmAnd settings**.
-
-- [ ] Uncheck **Send anonymous data**
-
 OsmAnd allows you to overlay or underlay external map data, such as satellite images from Microsoft or [traffic data](https://themm.net/public/osmand_traffic) from Google, although the latter is ignored by the automatic route planning. OsmAnd also has an optional integration of street view images provided by [Mapillary](https://mapillary.com).
 
+You can find a detailed overview of OsmAnd's supported [features](https://wiki.openstreetmap.org/wiki/OsmAnd#Features) on the OpenStreet Map Wiki.
+
 ## Criteria
 
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.

docs/passwords.md

@@ -1,6 +1,6 @@
 ---
 meta_title: "The Best Password Managers to Protect Your Privacy and Security - Privacy Guides"
-title: "Password Managers"
+title: Password Managers
 icon: material/form-textbox-password
 description: Password managers allow you to securely store and manage passwords and other credentials.
 cover: passwords.webp
@@ -176,17 +176,10 @@ These password managers sync your passwords to a cloud server for easy accessibi
 
 Bitwarden uses [PBKDF2](https://bitwarden.com/help/kdf-algorithms/#pbkdf2) as its key derivation function (KDF) algorithm by default. It also offers [Argon2](https://bitwarden.com/help/kdf-algorithms/#argon2id), which is more secure, as an alternative. You can change your account's KDF algorithm in the web vault:
 
-- [x] Select **Settings > Security > Keys > KDF algorithm > Argon2id**
+- [x] Select **Settings → Security → Keys → KDF algorithm → Argon2id**
 
 Bitwarden's server-side code is [open source](https://github.com/bitwarden/server), so if you don't want to use the Bitwarden cloud, you can easily host your own Bitwarden sync server.
 
-**Vaultwarden** is an alternative implementation of Bitwarden's sync server written in Rust and compatible with official Bitwarden clients, perfect for self-hosted deployment where running the resource-heavy official service might not be ideal. If you are looking to self-host Bitwarden on your own server, you almost certainly want to use Vaultwarden over Bitwarden's official server code.
-
-[:octicons-repo-16: Vaultwarden Repository](https://github.com/dani-garcia/vaultwarden){ .md-button }
-[:octicons-info-16:](https://github.com/dani-garcia/vaultwarden/wiki){ .card-link title="Documentation" }
-[:octicons-code-16:](https://github.com/dani-garcia/vaultwarden){ .card-link title="Source Code" }
-[:octicons-heart-16:](https://github.com/sponsors/dani-garcia){ .card-link title="Contribute" }
-
 ### Proton Pass
 
 <div class="admonition recommendation" markdown>

docs/self-hosting/dns-filtering.md

@@ -0,0 +1,48 @@
+---
+title: DNS Filtering
+meta_title: "Self-Hosting DNS Solutions - Privacy Guides"
+icon: material/dns
+description: For our more technical readers, self-hosting a DNS solution can provide filtering for devices not covered by cloud-based DNS solutions.
+cover: dns.webp
+---
+<small>Protects against the following threat(s):</small>
+
+- [:material-server-network: Service Providers](../basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
+- [:material-account-cash: Surveillance Capitalism](../basics/common-threats.md#surveillance-as-a-business-model){ .pg-brown }
+
+**Self-hosting DNS** is useful for providing [DNS filtering](https://cloudflare.com/learning/access-management/what-is-dns-filtering) on controlled platforms, such as smart TVs and other IoT devices, as no client-side software is needed. Keep in mind that the DNS solutions below are typically restricted to your home or local network unless you set up a more advanced configuration.
+
+## DNS Sinkholes
+
+[**DNS sinkholes**](https://en.wikipedia.org/wiki/DNS_sinkhole) use DNS filtering to block unwanted web content such as advertisements.
+
+### Pi-Hole
+
+<div class="admonition recommendation" markdown>
+
+![Pi-hole logo](../assets/img/self-hosting/pi-hole.svg){ align=right }
+
+**Pi-hole** is an open-source DNS sinkhole which features a friendly web interface to view insights and manage blocked content. Pi-hole is designed to be hosted on a Raspberry Pi, but it is not limited to such hardware.
+
+[:octicons-home-16: Homepage](https://pi-hole.net){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://pi-hole.net/privacy){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://docs.pi-hole.net){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/pi-hole/pi-hole){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://pi-hole.net/donate){ .card-link title="Contribute" }
+
+</div>
+
+### AdGuard Home
+
+<div class="admonition recommendation" markdown>
+
+![AdGuard Home logo](../assets/img/self-hosting/adguard-home.svg){ align=right }
+
+**AdGuard Home** is an open-source DNS sinkhole which features a polished web interface to view insights and manage blocked content.
+
+[:octicons-home-16: Homepage](https://adguard.com/adguard-home/overview.html){ .md-button .md-button--primary }
+[:octicons-eye-16:](https://adguard.com/privacy/home.html){ .card-link title="Privacy Policy" }
+[:octicons-info-16:](https://github.com/AdguardTeam/AdGuardHome/wiki){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/AdguardTeam/AdGuardHome){ .card-link title="Source Code" }
+
+</div>

docs/self-hosting/email-servers.md

@@ -1,6 +1,6 @@
 ---
 title: Email Servers
-meta_title: "Self-Hosted Email - Privacy Guides"
+meta_title: "Self-Hosting Email - Privacy Guides"
 icon: material/email
 description: For our more technical readers, self-hosting your own email can provide additional privacy assurances by having maximum control over your data.
 cover: email.webp
@@ -9,7 +9,7 @@ cover: email.webp
 
 - [:material-server-network: Service Providers](../basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
 
-Advanced system administrators may consider setting up their own email server. Mail servers require attention and continuous maintenance in order to keep things secure and mail delivery reliable. In addition to the "all-in-one" solutions below, we've picked out a few articles that cover a more manual approach:
+Advanced system administrators may consider setting up their own **email server**. Mail servers require attention and continuous maintenance in order to keep things secure and mail delivery reliable. In addition to the "all-in-one" solutions below, we've picked out a few articles that cover a more manual approach:
 
 - [Setting up a mail server with OpenSMTPD, Dovecot and Rspamd](https://poolp.org/posts/2019-09-14/setting-up-a-mail-server-with-opensmtpd-dovecot-and-rspamd) (2019)
 - [How To Run Your Own Mail Server](https://www.c0ffee.net/blog/mail-server-guide) (August 2017)

docs/self-hosting/index.md

@@ -1,14 +1,14 @@
 ---
 title: Self-Hosting
-meta_title: "Self-Hosted Software and Services - Privacy Guides"
-description: For our more technical readers, self-hosted software and services can provide additional privacy assurances since you have maximum control over your data.
+meta_title: "Self-Hosting Software and Services - Privacy Guides"
+description: For our more technical readers, self-hosting software and services can provide additional privacy assurances since you have maximum control over your data.
 cover: router.webp
 ---
 <small>Protects against the following threat(s):</small>
 
 - [:material-server-network: Service Providers](../basics/common-threats.md#privacy-from-service-providers){ .pg-teal }
 
-Using **self-hosted software and services** can be a way to achieve a higher level of privacy through digital sovereignty, particularly independence from cloud servers controlled by product developers or vendors. By self-hosting, we mean hosting applications and data on your own hardware.
+**Self-hosting** software and services can be a way to achieve a higher level of privacy through digital sovereignty, particularly independence from cloud servers controlled by product developers or vendors. By self-hosting, we mean hosting applications and data on your own hardware.
 
 Self-hosting your own solutions requires advanced technical knowledge and a deep understanding of the associated risks. By becoming the host for yourself and possibly others, you take on responsibilities you might not otherwise have. Self-hosting privacy software improperly can leave you worse off than using e.g. an end-to-end encrypted service provider, so it is best avoided if you are not already comfortable doing so.
 
@@ -24,6 +24,35 @@ Self-hosting your own solutions requires advanced technical knowledge and a deep
 
 [Learn more :material-arrow-right-drop-circle:](email-servers.md)
 
+## :material-dns: DNS Filtering
+
+<div class="grid cards" markdown>
+
+- ![AdGuard Home logo](../assets/img/self-hosting/adguard-home.svg){ .twemoji loading=lazy } [AdGuard Home](dns-filtering.md#adguard-home)
+- ![Pi-Hole logo](../assets/img/self-hosting/pi-hole.svg){ .twemoji loading=lazy } [Pi-Hole](dns-filtering.md#pi-hole)
+
+</div>
+
+[Learn more :material-arrow-right-drop-circle:](dns-filtering.md)
+
+## :material-form-textbox-password: Password Management
+
+### Vaultwarden
+
+<div class="admonition recommendation" markdown>
+
+![Vaultwarden logo](../assets/img/self-hosting/vaultwarden.svg#only-light){ align=right }
+![Vaultwarden logo](../assets/img/self-hosting/vaultwarden-dark.svg#only-dark){ align=right }
+
+**Vaultwarden** is an alternative implementation of [Bitwarden](../passwords.md#bitwarden)'s sync server written in Rust and compatible with official Bitwarden clients, perfect for self-hosted deployment where running the resource-heavy, [official service](https://github.com/bitwarden/server) might not be ideal.
+
+[:octicons-repo-16: Repository](https://github.com/dani-garcia/vaultwarden#readme){ .md-button .md-button--primary }
+[:octicons-info-16:](https://github.com/dani-garcia/vaultwarden/wiki){ .card-link title="Documentation" }
+[:octicons-code-16:](https://github.com/dani-garcia/vaultwarden){ .card-link title="Source Code" }
+[:octicons-heart-16:](https://github.com/sponsors/dani-garcia){ .card-link title="Contribute" }
+
+</div>
+
 ## :material-account-supervisor-circle-outline: Social Networks
 
 Self-hosting your own instance of a social network software can help circumvent potential [censorship on a server level](../social-networks.md#censorship-resistance) by a public server's administrator or admin team.

docs/tools.md

@@ -299,17 +299,6 @@ We [recommend](dns.md#recommended-providers) a number of encrypted DNS servers b
 
 [Learn more :material-arrow-right-drop-circle:](dns.md#encrypted-dns-proxies)
 
-#### Self-hosted Solutions
-
-<div class="grid cards" markdown>
-
-- ![AdGuard Home logo](assets/img/dns/adguard-home.svg){ .twemoji loading=lazy } [AdGuard Home](dns.md#adguard-home)
-- ![Pi-hole logo](assets/img/dns/pi-hole.svg){ .twemoji loading=lazy } [Pi-hole](dns.md#pi-hole)
-
-</div>
-
-[Learn more :material-arrow-right-drop-circle:](dns.md#self-hosted-dns-filtering)
-
 ### Financial Services
 
 #### Payment Masking Services

mkdocs.blog.yml

@@ -134,7 +134,6 @@ plugins:
     post_readtime: false
     authors_profiles: true
     authors_profiles_toc: true
-    pagination_per_page: 20
     categories_allowed:
       - Announcements
       - Opinion

mkdocs.yml

@@ -396,6 +396,7 @@ nav:
       - !ENV [NAV_SELF_HOSTING, "Self-Hosting"]:
           - "self-hosting/index.md"
           - "self-hosting/email-servers.md"
+          - "self-hosting/dns-filtering.md"
       - !ENV [NAV_INTERNET_BROWSING, "Internet Browsing"]:
           - "tor.md"
           - "desktop-browsers.md"

theme/assets/img/self-hosting/adguard-home.svg

@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 33.867 33.867"><g fill="none"><path fill="#68bc71" d="M16.933 0C11.703 0 5.393 1.214.2 3.887c0 5.773-.071 20.154 16.734 29.98C33.74 24.041 33.668 9.66 33.668 3.887 28.474 1.214 22.164 0 16.933 0z"/><path fill="#67b279" d="M16.916 33.857C.128 24.031.199 9.658.199 3.887 5.388 1.217 11.69.003 16.916 0z"/><path fill="#fff" d="m16.323 22.597 10.12-13.465c-.742-.586-1.393-.172-1.75.148l-.014.001-8.437 8.666-3.18-3.777c-1.516-1.73-3.577-.41-4.06-.062l7.32 8.49"/></g></svg>
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 33.867 33.867"><g fill="none"><path fill="#68bc71" d="M16.933 0C11.703 0 5.393 1.214.2 3.887c0 5.773-.071 20.154 16.734 29.98C33.74 24.041 33.668 9.66 33.668 3.887 28.474 1.214 22.164 0 16.933 0z"/><path fill="#67b279" d="M16.916 33.857C.128 24.031.199 9.658.199 3.887 5.388 1.217 11.69.003 16.916 0z"/><path fill="#fff" d="m16.323 22.597 10.12-13.465c-.742-.586-1.393-.172-1.75.148l-.014.001-8.437 8.666-3.18-3.777c-1.516-1.73-3.577-.41-4.06-.062l7.32 8.49"/></g></svg>

theme/assets/img/self-hosting/pi-hole.svg

@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 89 130"><defs><linearGradient id="a" x1="0%" x2="100%" y1="49.975%" y2="49.975%"><stop offset="0%" stop-color="#12B212"/><stop offset="100%" stop-color="#0F0"/></linearGradient></defs><g fill="none" fill-rule="nonzero"><path fill="url(#a)" d="M36.56 39.93C20.34 38.2 4 25.94 2.71 0c25.17 0 38.63 14.9 39.93 38.51 4.76-28.32 27.07-25 27.07-25 1.06 16.05-12.12 25.78-27.07 26.59-4.2-8.85-29.36-30.56-29.36-30.56a.07.07 0 0 0-.11.08s24.28 21.15 23.39 30.31"/><path fill="#980200" d="M44.16 129.93c-1.57-.09-16.22-.65-17.11-17.11-.72-10 7.18-17.37 7.18-27.08C32.44 61.53 0 64.53 0 85.74a19.94 19.94 0 0 0 5.83 14.14L30 124.06a19.94 19.94 0 0 0 14.14 5.83"/><path fill="red" d="M88.32 85.75c-.09 1.57-.65 16.22-17.11 17.11-10 .72-17.38-7.18-27.08-7.18-24.21 1.79-21.21 34.22 0 34.22a19.94 19.94 0 0 0 14.14-5.83L82.46 99.9a19.94 19.94 0 0 0 5.83-14.14"/><path fill="#980200" d="M44.16 41.59c1.57.09 16.22.65 17.11 17.11.72 10-7.18 17.37-7.18 27.08 1.79 24.21 34.22 21.21 34.22 0a19.94 19.94 0 0 0-5.83-14.14L58.3 47.45a19.94 19.94 0 0 0-14.14-5.83"/><path fill="red" d="M.08 85.75c.09-1.57.65-16.22 17.11-17.11 10-.72 17.38 7.18 27.08 7.18 24.21-1.82 21.21-34.22 0-34.22a19.94 19.94 0 0 0-14.14 5.83L5.94 71.61A19.94 19.94 0 0 0 .11 85.75"/></g></svg>
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 89 130"><defs><linearGradient id="a" x1="0%" x2="100%" y1="49.975%" y2="49.975%"><stop offset="0%" stop-color="#12B212"/><stop offset="100%" stop-color="#0F0"/></linearGradient></defs><g fill="none" fill-rule="nonzero"><path fill="url(#a)" d="M36.56 39.93C20.34 38.2 4 25.94 2.71 0c25.17 0 38.63 14.9 39.93 38.51 4.76-28.32 27.07-25 27.07-25 1.06 16.05-12.12 25.78-27.07 26.59-4.2-8.85-29.36-30.56-29.36-30.56a.07.07 0 0 0-.11.08s24.28 21.15 23.39 30.31"/><path fill="#980200" d="M44.16 129.93c-1.57-.09-16.22-.65-17.11-17.11-.72-10 7.18-17.37 7.18-27.08C32.44 61.53 0 64.53 0 85.74a19.94 19.94 0 0 0 5.83 14.14L30 124.06a19.94 19.94 0 0 0 14.14 5.83"/><path fill="red" d="M88.32 85.75c-.09 1.57-.65 16.22-17.11 17.11-10 .72-17.38-7.18-27.08-7.18-24.21 1.79-21.21 34.22 0 34.22a19.94 19.94 0 0 0 14.14-5.83L82.46 99.9a19.94 19.94 0 0 0 5.83-14.14"/><path fill="#980200" d="M44.16 41.59c1.57.09 16.22.65 17.11 17.11.72 10-7.18 17.37-7.18 27.08 1.79 24.21 34.22 21.21 34.22 0a19.94 19.94 0 0 0-5.83-14.14L58.3 47.45a19.94 19.94 0 0 0-14.14-5.83"/><path fill="red" d="M.08 85.75c.09-1.57.65-16.22 17.11-17.11 10-.72 17.38 7.18 27.08 7.18 24.21-1.82 21.21-34.22 0-34.22a19.94 19.94 0 0 0-14.14 5.83L5.94 71.61A19.94 19.94 0 0 0 .11 85.75"/></g></svg>

theme/assets/img/self-hosting/vaultwarden-dark.svg

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><mask id="holes"><rect x="-60" y="-60" width="120" height="120" fill="#fff"/><circle id="hole" cy="-40" r="3"/><use transform="rotate(72)" xlink:href="#hole"/><use transform="rotate(144)" xlink:href="#hole"/><use transform="rotate(216)" xlink:href="#hole"/><use transform="rotate(-72)" xlink:href="#hole"/></mask></defs><g id="logo" transform="matrix(.32254 0 0 .32254 16.933 16.933)"><g id="gear" mask="url(#holes)" stroke="#fff"><path d="m-31.172-33.813 26.496 74.189h9.3515l26.496-74.189h-9.7672l-16.729 47.589q-1.6625 4.5719-2.8055 8.6242-1.143 3.9484-1.8703 7.5851-0.72734-3.6367-1.8703-7.689-1.143-4.0523-2.8055-8.7281l-16.625-47.381z" fill="#fff" stroke-width="4.5117"/><circle transform="scale(-1,1)" r="43" fill="none" stroke-width="9"/><g id="cogs" transform="scale(-1,1)"><polygon id="cog" points="46 3 51 0 46 -3" fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="3"/><g fill="#fff" stroke="#fff"><use transform="rotate(11.25)" xlink:href="#cog"/><use transform="rotate(22.5)" xlink:href="#cog"/><use transform="rotate(33.75)" xlink:href="#cog"/><use transform="rotate(45)" xlink:href="#cog"/><use transform="rotate(56.25)" xlink:href="#cog"/><use transform="rotate(67.5)" xlink:href="#cog"/><use transform="rotate(78.75)" xlink:href="#cog"/><use transform="rotate(90)" xlink:href="#cog"/><use transform="rotate(101.25)" xlink:href="#cog"/><use transform="rotate(112.5)" xlink:href="#cog"/><use transform="rotate(123.75)" xlink:href="#cog"/><use transform="rotate(135)" xlink:href="#cog"/><use transform="rotate(146.25)" xlink:href="#cog"/><use transform="rotate(157.5)" xlink:href="#cog"/><use transform="rotate(168.75)" xlink:href="#cog"/><use transform="scale(-1)" xlink:href="#cog"/><use transform="rotate(191.25)" xlink:href="#cog"/><use transform="rotate(202.5)" xlink:href="#cog"/><use transform="rotate(213.75)" xlink:href="#cog"/><use transform="rotate(225)" xlink:href="#cog"/><use transform="rotate(236.25)" xlink:href="#cog"/><use transform="rotate(247.5)" xlink:href="#cog"/><use transform="rotate(258.75)" xlink:href="#cog"/><use transform="rotate(-90)" xlink:href="#cog"/><use transform="rotate(-78.75)" xlink:href="#cog"/><use transform="rotate(-67.5)" xlink:href="#cog"/><use transform="rotate(-56.25)" xlink:href="#cog"/><use transform="rotate(-45)" xlink:href="#cog"/><use transform="rotate(-33.75)" xlink:href="#cog"/><use transform="rotate(-22.5)" xlink:href="#cog"/><use transform="rotate(-11.25)" xlink:href="#cog"/></g></g><g id="mounts" transform="scale(-1,1)"><polygon id="mount" points="-7 -42 0 -35 7 -42" fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="6"/><g fill="#fff" stroke="#fff"><use transform="rotate(72)" xlink:href="#mount"/><use transform="rotate(144)" xlink:href="#mount"/><use transform="rotate(216)" xlink:href="#mount"/><use transform="rotate(-72)" xlink:href="#mount"/></g></g></g><mask><rect x="-60" y="-60" width="120" height="120" fill="#fff"/><circle cy="-40" r="3"/><use transform="rotate(72)" xlink:href="#hole"/><use transform="rotate(144)" xlink:href="#hole"/><use transform="rotate(216)" xlink:href="#hole"/><use transform="rotate(-72)" xlink:href="#hole"/></mask></g></svg>

theme/assets/img/self-hosting/vaultwarden.svg

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg width="128" height="128" version="1.1" viewBox="0 0 33.867 33.867" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><mask id="holes"><rect x="-60" y="-60" width="120" height="120" fill="#fff"/><circle id="hole" cy="-40" r="3"/><use transform="rotate(72)" xlink:href="#hole"/><use transform="rotate(144)" xlink:href="#hole"/><use transform="rotate(216)" xlink:href="#hole"/><use transform="rotate(-72)" xlink:href="#hole"/></mask></defs><g id="logo" transform="matrix(.32254 0 0 .32254 16.933 16.933)"><g id="gear" mask="url(#holes)"><path d="m-31.172-33.813 26.496 74.189h9.3515l26.496-74.189h-9.7672l-16.729 47.589q-1.6625 4.5719-2.8055 8.6242-1.143 3.9484-1.8703 7.5851-0.72734-3.6367-1.8703-7.689-1.143-4.0523-2.8055-8.7281l-16.625-47.381z" stroke="#000" stroke-width="4.5117"/><circle transform="scale(-1,1)" r="43" fill="none" stroke="#000" stroke-width="9"/><g id="cogs" transform="scale(-1,1)"><polygon id="cog" points="46 -3 46 3 51 0" stroke="#000" stroke-linejoin="round" stroke-width="3"/><use transform="rotate(11.25)" xlink:href="#cog"/><use transform="rotate(22.5)" xlink:href="#cog"/><use transform="rotate(33.75)" xlink:href="#cog"/><use transform="rotate(45)" xlink:href="#cog"/><use transform="rotate(56.25)" xlink:href="#cog"/><use transform="rotate(67.5)" xlink:href="#cog"/><use transform="rotate(78.75)" xlink:href="#cog"/><use transform="rotate(90)" xlink:href="#cog"/><use transform="rotate(101.25)" xlink:href="#cog"/><use transform="rotate(112.5)" xlink:href="#cog"/><use transform="rotate(123.75)" xlink:href="#cog"/><use transform="rotate(135)" xlink:href="#cog"/><use transform="rotate(146.25)" xlink:href="#cog"/><use transform="rotate(157.5)" xlink:href="#cog"/><use transform="rotate(168.75)" xlink:href="#cog"/><use transform="scale(-1)" xlink:href="#cog"/><use transform="rotate(191.25)" xlink:href="#cog"/><use transform="rotate(202.5)" xlink:href="#cog"/><use transform="rotate(213.75)" xlink:href="#cog"/><use transform="rotate(225)" xlink:href="#cog"/><use transform="rotate(236.25)" xlink:href="#cog"/><use transform="rotate(247.5)" xlink:href="#cog"/><use transform="rotate(258.75)" xlink:href="#cog"/><use transform="rotate(-90)" xlink:href="#cog"/><use transform="rotate(-78.75)" xlink:href="#cog"/><use transform="rotate(-67.5)" xlink:href="#cog"/><use transform="rotate(-56.25)" xlink:href="#cog"/><use transform="rotate(-45)" xlink:href="#cog"/><use transform="rotate(-33.75)" xlink:href="#cog"/><use transform="rotate(-22.5)" xlink:href="#cog"/><use transform="rotate(-11.25)" xlink:href="#cog"/></g><g id="mounts" transform="scale(-1,1)"><polygon id="mount" points="7 -42 -7 -42 0 -35" stroke="#000" stroke-linejoin="round" stroke-width="6"/><use transform="rotate(72)" xlink:href="#mount"/><use transform="rotate(144)" xlink:href="#mount"/><use transform="rotate(216)" xlink:href="#mount"/><use transform="rotate(-72)" xlink:href="#mount"/></g></g><mask><rect x="-60" y="-60" width="120" height="120" fill="#fff"/><circle cy="-40" r="3"/><use transform="rotate(72)" xlink:href="#hole"/><use transform="rotate(144)" xlink:href="#hole"/><use transform="rotate(216)" xlink:href="#hole"/><use transform="rotate(-72)" xlink:href="#hole"/></mask></g></svg>