Privacy Policy

1. Who we are

Kryptos ("the app", "we", "us") is published by Faizal Zain, an independent developer based in Kuala Lumpur, Malaysia. You can reach us at [email protected].

2. What data Kryptos handles

Kryptos handles two distinct categories of data:

2.1 Vault data (your documents)

Anything you store inside Kryptos — passport details, ID numbers, payment cards, notes, API keys, scanned images, OCR results — is your vault data. It includes:

• Document fields you enter or that OCR extracts on-device
• Photos or scans you choose to attach
• Data read from NFC chips on Android (ePassports, EMV payment cards)
• Any notes, API keys, or tax numbers you add

Vault data never leaves your device unencrypted. On Android, it is stored in a SQLCipher (AES-256) encrypted database whose key is held in the Android Keystore. In the upcoming iOS version, vault data will be encrypted with AES-GCM (256-bit) using Apple's CryptoKit, with the encryption key stored in the iOS Keychain using kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly. Access is gated behind Android biometrics today, with Face ID and Touch ID planned for iOS.

2.2 Account & diagnostic data

To make the app work, we may receive:

• Your signed-in account identifier, only because Sign in with Apple or Google Sign-In is used to enable cloud backup and scope the per-account encrypted vault.
• Anonymous crash & diagnostic reports from Google Play or Apple (you can disable this in your device settings) so we can fix bugs.
• Store purchase tokens or receipts from Google Play or Apple for verifying that you own Kryptos Pro.

We do not collect analytics events about your behaviour inside the vault. We do not log document contents, field values, or filenames.

3. What we do not do

• We do not run a backend server that stores your vault contents.
• We do not have a copy of your encryption key, biometrics, or password.
• We do not sell, rent, or share your data with third parties.
• We do not show ads, and we do not embed advertising SDKs.
• We do not perform server-side OCR. ML Kit on Android runs entirely on-device, and the upcoming iOS version will use on-device VisionKit / Live Text.
• We do not transmit camera frames, supported Android NFC chip reads, or scanned images off-device.

4. Cloud backup, iCloud & Google Drive

If you enable backup, Kryptos uploads your encrypted vault blob to the cloud provider you choose:

• iCloud: In the upcoming iOS version, the blob can be stored in your private CloudKit database.
• Google Drive Free: The blob is written to the hidden Drive AppData folder, which only Kryptos can see for your account.
• Google Drive Pro: You may also write the blob to a visible "KryptosBackups" folder in My Drive, so you can copy it elsewhere for safekeeping.

In every case, the file the cloud provider receives is opaque ciphertext. iCloud and Google Drive cannot decrypt it. We cannot decrypt it. Only your device, after a successful biometric unlock, can.

5. Permissions we request

• Camera — to scan documents with OCR. Frames are processed on-device and not stored unless you save the document.
• NFC — Android only, to read electronic passports and EMV cards. Reads happen locally; nothing is transmitted. The upcoming iOS version will not include NFC document reading.
• Biometric — to unlock your vault using Android Biometric today, with Face ID and Touch ID planned for iOS.
• Internet — only for Sign in with Apple or Google, iCloud sync, Google Drive backup, and store purchase verification.
• Notifications — to remind you before passports, IDs, and cards expire.

6. Children's privacy

Kryptos is not directed at children under 13. We do not knowingly collect personal information from children.

7. Data retention & deletion

Because your vault lives on your device, deleting Kryptos deletes your vault. To delete cloud backups:

• For iCloud backup, delete Kryptos data from your iCloud storage settings or from within Kryptos where available.
• For hidden Google Drive backup, open Google Drive → Settings → Manage apps → Kryptos → Delete hidden app data.
• For visible Google Drive Pro backup, delete the "KryptosBackups" folder in My Drive.

Diagnostic and crash reports collected by Google Play or Apple are managed under their retention policies and your device or account settings.

8. Your rights

Depending on your jurisdiction (GDPR in the EU/UK, PDPA in Malaysia, CCPA in California, etc.), you may have the right to access, correct, or delete personal data we hold about you. Since we hold no copy of your vault data, requests under these laws will primarily concern your account email and any diagnostic information — write to [email protected].

9. Third-party services

Kryptos relies on a small number of third parties, each used for the narrowest possible purpose:

• Sign in with Apple — authentication in the upcoming iOS version when selected.
• Google Sign-In / Credential Manager — authentication and Drive account access when selected.
• iCloud / CloudKit — encrypted backup storage in the upcoming iOS version when selected.
• Google Drive — encrypted backup storage when selected.
• Google ML Kit — on-device OCR on Android (no network).
• Apple VisionKit / Live Text — planned on-device OCR for the upcoming iOS version.
• Google Play Billing / Apple in-app purchase — Pro purchase verification.

These services are governed by their own privacy policies.

10. Changes to this policy

If we update this policy, we will revise the "Last updated" date above and, for material changes, notify you in-app. Continued use of Kryptos after a change constitutes acceptance.

11. Contact

For privacy questions or requests, email [email protected].