No SDKs. No credit card

Security & Privacy

Built for Routing. Designed for Privacy.

ZipQuantum is engineered to respect platform rules, user expectations, and modern privacy standards.

No SDKs · No fingerprinting · No background tracking · No hidden data layers · Only compliant, native link routing.

Our Security Model

ZipQuantum is a server-side routing layer.

Your mobile application receives only standard:

  • Apple Universal Links
  • Android App Links

There is:

  • No runtime interception
  • No code injection
  • No client-side behavioral logic
  • No embedded SDK

All routing decisions occur on our infrastructure before the app opens.

Your app remains untouched.

What We Do Not Do

We do not:

  • Track users across apps
  • Perform device fingerprinting
  • Build attribution graphs
  • Inject runtime code
  • Intercept application logic
  • Resell behavioral data
  • Store unnecessary personal data

ZipQuantum routes links.

It does not track people.

Data Handling Principles

ZipQuantum follows strict data minimization:

  • Only routing-related metadata is processed
  • No persistent cross-app identifiers
  • No probabilistic device matching
  • No third-party tracking pixels
  • No advertising SDK dependencies

If analytics are enabled, they are:

If analytics are enabled, they are:

  • Event-based
  • Aggregated
  • Privacy-safe
  • Designed for operational insight, not user profiling

Infrastructure & Architecture

  • Stateless redirect infrastructure
  • Subdomain-based isolation ({code}.zq.tn)
  • Dedicated verification files per subdomain
  • Standard HTTPS with modern TLS
  • Scalable server-side routing

Each app uses its own dedicated subdomain.

Each subdomain serves its own platform verification file.

There is no shared runtime layer across client apps.

Platform Compliance

ZipQuantum is designed to align with:

  • Apple Universal Links requirements
  • Android App Links requirements
  • App Store Review Guidelines
  • Google Play Developer Policies

The system works with platform mechanisms, not around them.

No bypass techniques. No store-policy circumvention. No undocumented OS behavior reliance.

GDPR & Privacy-First Design

ZipQuantum is:

  • GDPR-ready
  • Privacy-by-design
  • Data-minimization focused
  • Free from hidden tracking mechanisms

We do not monetize user data.

We do not operate advertising networks.

We do not perform cross-site behavioral tracking.

Security Practices

ZipQuantum is:

  • Encrypted transport (HTTPS)
  • Strict input validation
  • Rate limiting on public endpoints
  • Subdomain validation rules
  • Reserved namespace protection
  • Controlled expiration and click limits

Public link creation is governed by validation constraints and limits, as documented in the API specification

For Developers & Legal Reviewers

ZipQuantum is intentionally simple to audit:

  • One-time platform domain association
  • No SDK audit required
  • No mobile binary inspection risk
  • No background services
  • No hidden client behavior

What runs where is explicit.

Closing Section

Security is not a feature. It is the default architecture.

ZipQuantum was designed for a modern mobile privacy constraints.

Built for:

  • Predictability
  • Compliance clarity
  • Platform-aligned implementation
  • Minimal integration surface

Routing without tracking. Architecture without ambiguity.