Privacy Policy

Last updated: May 1, 2026

This Privacy Policy explains how VAULTA ("we", "our", or "the app") handles information in connection with your use of the VAULTA iOS application. We built VAULTA on a simple principle: your private files are none of our business.

The Short Version

We do not collect, store, or transmit your personal data. Your files never leave your device in readable form. We have no access to your vault contents — ever.

Data We Do Not Collect

VAULTA does not collect, transmit, or store any of the following:

  • Your name, email address, or any personal identifiers
  • Your vault contents (photos, videos, documents, or files)
  • Usage analytics or behavioral data
  • Crash reports or diagnostic telemetry (beyond Apple's standard App Store Connect crash logs, which we do not control)
  • Device identifiers, advertising IDs, or location data

VAULTA contains no third-party analytics SDKs, advertising SDKs, or tracking frameworks of any kind.

Local Storage

All files you import into VAULTA are stored entirely on your device. Encryption happens on-device before any file is written to storage — your original files are never saved in plaintext.

Encryption details:

  • Algorithm: AES-GCM with a 256-bit symmetric key
  • Nonce: 12 bytes, randomly generated per encryption operation
  • Integrity: 16-byte GCM authentication tag — verifies both authenticity and integrity on every read
  • Key storage: Encryption keys are stored in the iOS Keychain and are never transmitted off-device
  • Key lifecycle: Keys are cached in memory while your vault is unlocked and cleared immediately on lock

We have no copy of your encryption keys. We cannot decrypt your vault. There is no "forgot passcode" recovery — if you lose your passcode and recovery key, your data cannot be recovered by anyone.

iCloud Backup (VAULTA PRO)

VAULTA PRO users may optionally enable encrypted iCloud backups. If enabled:

  • Your vault data is encrypted on-device using your encryption key before being uploaded to iCloud
  • Only the encrypted ciphertext reaches iCloud — Apple cannot read your files
  • Restoring a backup requires your original recovery key; without it, the backup cannot be decrypted
  • You can disable iCloud backup at any time from within the app

iCloud backup is governed by Apple's iCloud Terms and Privacy Policy in addition to this policy.

Apple ID

VAULTA may interact with your Apple ID solely for App Store purchases and, if enabled, iCloud backup. We do not receive, store, or process your Apple ID credentials or Apple ID-linked personal data.

In-App Purchases

VAULTA PRO is available as an in-app purchase processed entirely through Apple's App Store. We do not collect or store payment information. All billing is handled by Apple.

Age Rating & Content

VAULTA is rated 4+ on the Apple App Store. We are not responsible for any content stored, imported, or managed by users within the app. Users are solely responsible for ensuring that all content they store complies with applicable laws and regulations.

Security

Because we do not collect your data, there is no central database to breach. Your security depends on the strength of your passcode and the safekeeping of your recovery key. We recommend:

  • Using a strong, unique passcode
  • Storing your recovery key in a secure location outside the app
  • Keeping your iOS version up to date

Changes to This Policy

If we update this Privacy Policy, we will post the revised version on this page and update the date above. We will notify you of material changes through the App Store update notes or within the app.

Contact

Questions about this Privacy Policy? Contact us at ereskaapps@gmail.com.