Privacy Policy
No data collected No tracking 100% on-device
This Privacy Policy describes how LOCK APP — Fingerprint & Vault
(package com.ai.lockapp, the “App”) handles your information.
The App is published by the LOCK APP team (“we”, “us”).
Our guiding principle is simple: your data stays on your phone.
1. Information we collect
We do not collect, transmit, or store any personal information on our servers. The App has no backend. It does not maintain user accounts, does not require sign-up, and does not send any data over the network to us or to any third party.
2. Data stored on your device
To do its job, the App stores certain information locally on your device. None of this is ever transmitted off your device.
| What | Where | Why |
|---|---|---|
| Your PIN / pattern (hashed) | Android encrypted shared preferences | So we can verify unlock attempts without storing the PIN in plain text. SHA-256 with a per-install random salt. |
| List of apps you locked | App-private storage | So the lock service knows which apps to overlay. |
| Safe Vault photos / videos | App-private storage, AES-256 encrypted | So your hidden media is invisible to the gallery and other apps. The encryption key is generated locally and stored in Android Keystore. |
| Intruder selfies + GPS coordinates | App-private storage | So you can see who tried to break in. Captured only after the failed-attempt limit you choose. Never transmitted anywhere. |
| Recovery email + security question | Android encrypted shared preferences | So you can recover your PIN if you forget it. We do not send any email — we use Android's mailto: handover, which opens your default email client locally. |
| Schedules, themes, settings | App-private storage | So your preferences survive restarts. |
| Dashboard counters (unlocks, blocked attempts) | App-private storage | So you can see your weekly privacy stats. Anonymous and local-only. |
3. Permissions we request
Each permission is requested only when needed and is explained on screen before the prompt.
- Usage Access — required to detect which app you opened so the App can lock it.
- Display over other apps — required so the lock screen can appear on top of the locked app.
- Camera — used only for the Intruder Selfie feature. Photos are saved locally and never uploaded.
- Location — used only to tag intruder selfies with coordinates. Coordinates stay on your device.
- Notifications — used to display the persistent “Lock service active” notification required by Android for foreground services.
- Biometric / Fingerprint — used to verify your unlock attempts. Biometrics are processed by Android's secure hardware and are never seen by us.
- Photos & Videos — used only when you import media into the Safe Vault.
- Query installed apps — required so you can pick which apps to lock from a list.
4. Third-party services
None in v1.0 The App does not use any analytics, advertising, crash-reporting, or other third-party SDKs. There is no Google AdMob, Firebase, Facebook SDK, or similar integration in v1.0.
Future versions may introduce optional ads (Google AdMob). If that happens, this policy will be updated and you will be informed in advance via an in-app notice.
5. Children's privacy
The App is rated for everyone and does not knowingly collect any data from children under 13. Because no data is collected at all, this is automatic.
6. Data deletion
All data lives on your device. To delete everything, simply uninstall the App from your phone. Android will remove all app-private storage, including the Safe Vault, intruder logs, schedules, and PIN.
Since we never receive your data, there is nothing for us to delete on our side.
7. Security
We follow current Android security best practices:
- PINs and patterns are stored as SHA-256 hashes with a 16-byte random salt.
- Safe Vault files are encrypted with AES-256-CBC using a per-install key from
flutter_secure_storage, which is backed by Android Keystore. - The App requests minimal permissions, and only when each feature is first used.
- No data leaves your device.
8. Changes to this policy
We may update this policy from time to time. The “Last updated” date at the top of this page will always reflect the most recent version. Material changes will be announced in-app.
9. Contact
Questions, suggestions, or data requests?
Email us at modajxx@gmail.com. We read every message.