Skip to Content

Best Practices for Complete Privacy

Implement strong mobile privacy practices to ensure you stay in control of your digital footprint.

 

Privacy Setup Checklist

Device Setup
  • Strong lock screen password/PIN set  
  • Automatic screen lock configured (≤30 seconds)  
  • Fingerprint unlock enabled as secondary  
  • Full disk encryption verified  
  • Developer options secured/disabled
Apps and Permissions
  • F-Droid, Aurora Store installed for open-source apps  
  • Privacy-focused browser installed  
  • App permissions reviewed and minimized  
  • Location services configured properly  
  • Unnecessary pre-installed apps disabled
Network and Communications 
  • VPN service configured and active  
  • Secured messaging installed and configured  
  • Secure email service set up  
  • Automatic WiFi connection disabled  
  • Bluetooth disabled when not in use
Data and Backup
  • Backup solution configured  
  • Cloud storage replaced with privacy alternative  
  • Sensitive files encrypted locally  
  • Regular data cleanup scheduled  
  • Recovery process tested

 

Quick Start: First 24 Hours with Your Privacy Phone

Initial Setup
  • Enable strong lock screen (PIN + fingerprint)
  • Set auto-lock timeout (30 seconds max)
  • Disable location history
  • Review all privacy settings
Essential Apps
  • Install secured FOSS messgaing Apps 
  • Set up Tor Browser or Vanadium
  • Install F-Droid app store
  • Configure Aurora Store (if needed)
Network Security
  • Connect to trusted networks only
  • Enable VPN (built-in or install Mullvad/ProtonVPN)
  • Disable automatic WiFi connection
  • Turn off Bluetooth when not needed
Data Backup
  • Set up local backup solution (preferably an encrypted drive)
  • Configure cloud backup (privacy-respecting)
  • Test restore process
  • Document your setup process

 

Device Security Fundamentals 

Strong Authentication

Your lock screen is the first line of defense against unauthorized access to your personal data.

  • Use a complex PIN (6+ digits) or passphrase
  • Enable fingerprint unlock as secondary method
  • Set screen timeout to 30 seconds or less
  • Enable "Lock instantly with power button"
Encryption and Storage

Enable Storage Scopes to limit app access to specific folders and files.

  • Verify full-disk encryption is enabled
  • Use secure file managers (like Material Files)
  • Encrypt sensitive files with additional layers
  • Avoid cloud storage for sensitive data
Physical Security

Faraday bags for complete signal isolation when maximum privacy is needed in special circumstances.

  • Use a privacy screen protector in public
  • Enable remote wipe capability
  • Set up device tracking (if acceptable to you)
  • Use a case that covers cameras when not in use


App Permissions Management

Camera Access

Grant only when: Actively taking photos/videos

Tip: Revoke access immediately after use for maximum privacy

Microphone Access

Grant only to: Communication apps and voice recorders

Tip: Check which apps have microphone access regularly

Location Access

Grant only when: Navigation or location-based services are needed

Tip: Use "While using app" instead of "Always" when possible

Contact Access

Grant only to: Communication and calendar apps you trust

 Tip: Use Contact Scopes to limit which contacts apps can see


Network Privacy and Security 

VPN Best Practices

Recommended VPN Services
  • Mullvad VPN Anonymous payment, no logs
  • ProtonVPN Switzerland-based, audited
  • IVPN Privacy-focused, minimal data collection
  • CalyxVPN Free with CalyxOS, based on Riseup VPN
VPN Configuration Tips 
  • Always connect before browsing
  • Use WireGuard protocol when available
  • Enable kill switch functionality
  • Choose servers in privacy-friendly jurisdictions


Wi-Fi Security

Safe Wi-Fi Practices 
  • Avoid public Wi-Fi for sensitive activities
  • Use mobile hotspot instead of public networks
  • Disable "Connect to open networks automatically"
  • Forget networks after use
  • Use randomized MAC addresses (enabled by default on privacy ROMs
Home Network Security  
  • Change default router passwords
  • Use WPA3 encryption (or WPA2 minimum)
  • Set up guest network for IoT devices
  • Regularly update router firmware


Sharing Dongles and Charging Cables

Safe Practices
  • Never use anyone else's charger
  • Never plug your phone to any public charging stations
  • Never plug anyone else's dongle to your phone


Privacy-Conscious Data Management  

Best Solution

Encrypted Backup Dongle

Use our AES 256 standards encrypted backup drives that are easy to use, and cannot the accessed by anyone except for your and the paired phone. You data is safe always.


Secured Cloud Alternatives

Nextcloud

Self-hosted or trusted provider. Full control over your data.

Excellent Privacy

Tresorit

Self-hosted or trusted provider. Full control over your data.

Good Privacy

pCloud Crypto

Optional client-side encryption for enhanced privacy.

Good Privacy


Secured Backup Strategies

Local Backups
  • Use Seedvault (built into GrapheneOS/CalyxOS)
  • Regular ADB backups to computer
  • Export important data manually
Cloud Backups
  • Encrypt before uploading
  • Use privacy-focused providers
  • Test restoration regularly