← Back to Home

Ciphio – Privacy Policy

Last updated: November 24, 2025

1. Privacy First Architecture

Ciphio is built on a zero access design philosophy. All sensitive data including passwords, encrypted text, and vault contents are encrypted and stored locally on your device. Ciphio does not have access to your vault contents and cannot decrypt them.

We do not collect, view, sell, or share user vault data.

2. Information We Do NOT Collect

Ciphio does NOT collect:

  • Stored passwords
  • Vault contents
  • Encrypted text data
  • Notes or private content
  • Biometric data
  • Personal identity profiles

All such data remains encrypted and fully under user control on the device.

3. Anonymous Technical Metrics

Ciphio may process limited technical metrics for application improvement and stability purposes. These metrics are anonymous and cannot be used to identify you.

This may include:

  • App performance statistics
  • Feature usage trends
  • Crash diagnostics
  • Session duration patterns
  • Basic device and operating system version

These metrics:

  • Do NOT include personal data
  • Are NOT linked to individual users
  • Are NOT used for profiling or advertising

Ciphio does not monitor or track user behavior for marketing or behavioral analysis.

4. Data Security

We employ industry standard encryption and secure coding practices to protect all sensitive data:

  • AES GCM encryption
  • Secure key derivation
  • Local only storage architecture
  • Platform level security features (Android Keystore and Apple Keychain)

Your master password and vault data are never transmitted to Ciphio servers.

5. Third Party Services

In limited cases, essential third party services may be used for operational functionality such as crash reporting or application performance. These services are configured to respect anonymization standards and do not receive vault data or personal identity information.

6. User Rights

You maintain full control over your data on your device. Since vault data is not stored on Ciphio servers, requests for deletion or access apply only to locally stored content, which you can manage directly within the app.

7. Policy Updates

We may update this Privacy Policy periodically. Any changes will be published on this page with a revised date.