Privacy Policy for SafeViewer Last updated: April 16, 2026 Overview SafeViewer is a privacy-first encrypted image vault application. We designed SafeViewer with a fundamental principle: your private images belong to you and only you. This Privacy Policy explains what data we collect (very little), how it is handled, and the strong encryption that protects your content. Information We Collect SafeViewer does not collect, transmit, or share any personal information with us or any third party. Specifically: - We do not collect your name, email address, phone number, or any identifying information. - We do not have access to any images you store in the app. - We do not collect usage analytics, crash reports, or behavioral data. - We do not use advertising networks or third-party tracking SDKs. Data Stored on Your Device All data created by SafeViewer is stored exclusively on your device in encrypted form. This includes: - Encrypted image files (.vault format) stored in the app's private internal storage directory. - Vault metadata (vault names, image counts, last-opened timestamps) stored in a local Room/SQLite database. - Your vault passwords are never stored. Instead, a one-way PBKDF2-SHA256 hash (100,000 iterations with a random salt) is stored and used only to verify your password at login. - App preferences such as theme, biometric settings, and auto-lock timers are stored locally via SharedPreferences. Encryption All images and thumbnails are encrypted using AES-256-GCM before being written to disk. Encryption keys are generated and stored in the Android Keystore, which uses your device's Trusted Execution Environment (TEE) hardware when available. Decrypted image data is held only in device RAM during viewing and is never written to disk in plaintext. Cloud Backup & Vault Sharing (Optional) If you choose to use the backup or share feature, SafeViewer packages your vault into a .safevault file. Before writing to the file, all images are decrypted from device storage and immediately re-encrypted using a key derived from your vault password (PBKDF2-SHA256, 100,000 iterations with a unique random salt per backup). This means the backup file is protected by your vault password and is not tied to any specific device — it can be safely restored on any device by someone who knows the password. The backup file can be saved to a destination of your choosing (such as Google Drive) via Android's Storage Access Framework, or shared directly with another person via the OS share sheet (WhatsApp, Bluetooth, Email, etc.). SafeViewer does not have its own servers and does not transmit your data to any backend operated by us. When using Google Drive, your use of Google Drive is subject to Google's own Privacy Policy and Terms of Service. Important: Anyone who receives a .safevault file and knows the vault password can restore its contents. Share your backup files only with trusted parties and through trusted channels. Permissions SafeViewer requests the following permissions for the stated purposes only: - Camera: To allow you to capture and import photos directly into a vault. - Read External Storage / Media Images: To allow you to select images from your device gallery to import into a vault. - Biometric / Fingerprint: To allow optional biometric unlock of vaults, if you choose to enable it. - Internet: Not required for core functionality. Used only if you initiate a Google Drive backup via the Storage Access Framework. Biometric Data SafeViewer uses Android's BiometricPrompt API for fingerprint/face unlock. Biometric data is handled entirely by the Android operating system and your device's secure hardware. SafeViewer never accesses, stores, or transmits your raw biometric data. Biometric unlock is a local convenience feature only — it is not involved in backup, restore, or any data transfer between devices. Children's Privacy SafeViewer is not directed at children under the age of 13. We do not knowingly collect any information from children. Changes to This Policy If we update this Privacy Policy, we will update the "Last updated" date at the top. Continued use of the app after any change constitutes acceptance of the revised policy. Contact If you have any questions about this Privacy Policy, please contact us at: support@backendside.com