hehe, sure. Have you run a server? I did. 

The protocol requests that servers MUST NOT do many things but that doesn't mean they CAN'T do them. If servers WANT to track, they CAN track. It's on you to TRUST the servers.  The fact that SimpleX servers don't have your profile information doesn't mean they don't know who you are. 

For instance, the protocol requests servers to not log client commands and transport connections and to NOT use a persistent DB in the production environment. That is just a request. There is nothing blocking server operators from doing so. 

Queue IDs are generated by the server. The protocol requests a strong pseudo number generation. But who knows if they are actually using one for your account. They can just generate sequential numbers to more easily identify you out there and you won't even notice. 

The default servers from SimpleX do not use Tor and do not create a new TCP/IP connection for each new Queue/contact, which is against they own procotol recommendations. Their terms describe that they don't associate IP with Queue IDs now, but it's clearly possible. With IPs, you can get rough locations with enough precision to try to identify you with the rest of the data set they have. 

And I am not saying anything new or hidden somewhere. SimpleX is very upfront about the need to trust the server you are using. 

Don't get me wrong. SimpleX is better than many other platforms for privacy and security, but it still assumes a trusted model with their servers.