No data collection
When you log in to a website, the website will provide you with all the information they keep on their database. When you log out of the website, it ceases to provide that information. In Coinomi there are no accounts. No information about you is kept on our databases. Wallets aren't linked to an email address, phone number, username or any kind of user information. You are not logged in anywhere because we don't have your data. Likewise, you also don't log out from anywhere. All of your data exists only on your device, which is why it's essential that you back up your recovery phrase safely. Furthermore we are based on the British Virgin Islands (BVI), where your privacy has extra protection even in case of legal action compelling disclosure of data. Read more here.
On mobile, if you want to remove all wallet information from your device, simply uninstall the app. Your operating system will take care of wiping all files related to Coinomi and there will be no trace of it left (with the exception of non-critical data like address book or transaction history that you may have backed up separately). On desktop, each user in the OS who has used the wallet has their own appdata folder where wallet data is kept. Before uninstalling, each user can go to Coinomi's "Settings - Manage wallets" and delete their wallets there. Alternatively each user can delete the folder "AppData/Local/Coinomi" inside ther user folder.
The app is connected directly to our servers. When you make transactions, the app sends the signed transaction to our servers, which then broadcast it to the rest of the network. This means that network analysis will pinpoint the origin of the transaction to us, not to you. Your physical location is always hidden. Coupled with the fact that we don't keep logs of transactions nor track IPs, you can be sure that you have the greatest amount of anonymity.
On our mobile versions you can enable the "Screen lock" privacy option. This way a PIN, pattern or fingerprint will be requested every time the app is opened. Without the password, the most an unauthorized person can do is see your balances. With a screen lock, an unauthorized person cannot even do that.
This option is independent of your device's built-in lockscreen. Your device itself should already have its own system lock activated so that no apps can be accessed without some sort of pattern / pin / biometric. Please stop to consider that if you don't have one set, anyone can access your emails, browser history, downloaded files, pictures, YouTube history, social media accounts, location history, contact list, SMS and so much more. Someone being able to take a peek at your crypto balances could be the least of your problems.
Don't make your Coinomi pin/pattern lock the same as your device's.
On our mobile versions you can enable the "Hide balances" privacy option. This replaces all balances with "..." so you can manage your wallet safe from prying and curious eyes. You can show off Coinomi to your friends, use it on the bus, in the line to pay for your coffee, at the supermarket in view of a security camera.
On by default on our Android version, the "Increased privacy" option disables screenshots and screen captures from every app. If you have malware on your device transmitting your screen somewhere else, it will see nothing but a black screen. It won't be able to see passwords, phrases, balances, addresses, nothing. When multitasking on your device, it will also make the screen preview blank, so that no one can peek over your shoulder as you switch from one app to another.
If you want to share your QR code, press the dedicated "share" button and choose "Share QR Code". If for any other reason you must take a screenshot of the app, disable the privacy option, take the screenshot, then re-enable it.
Connect to your own trusted node
You can connect your Bitcoin wallets to your own ElectrumX server to have the absolute most privacy. On the Advanced Settings menu of the Android version you can set the IP of a trusted node so you can choose from where all address lookups and blockchain information are fetched; and from where transactions are broadcast. The connection is encrypted with SSL, but please note that self signed certificates aren't supported. The node can use a free certificate from Let's Encrypt.
Change address control
Coinomi fully supports SegWit. For faster confirmations and lower fees, by default the app sends your change back to a native SegWit address. When sending to a P2PKH or P2SH address (addresses starting with a "1" or a "3") it is obvious which value was sent to the destination and which is your change. For greater privacy against blockchain analysis, you can disable "Force SegWit change address" on the Advanced Options menu of the mobile versions. With the option disabled, your change will be sent to an address of the same type as the destination.
The order of the outputs is always randomized to counter wallet fingerprinting and further blockchain analysis.
Protection from dusting attacks
In the Android and desktop versions, on the balance screen of any wallet, select "... / Show unspent outputs". You can mark specific UTXOs as "do not spend" to completely foil dusting attacks against your wallets, and quarantine any suspicious deposits. You can label UTXOs so you don't forget why they are marked as such. While marked as do-not-spend, those UTXOs will not count toward your total coin balance. More details here.
Full coin control when sending will come on a future update.
No address reuse
Every time you receive funds into your "receive" address, Coinomi automatically shows a fresh new address for you. Every time you send coins out, any leftover change is sent to an address never used before. Not reusing addresses makes it much harder for your steps to be traced by blockchain analysis. Of course, addresses never expire and can always be used more than once and are still backed up by your recovery phrase. Read more here.