Your privacy, your choice. Allow optional Google Ads measurement, or keep all advertising storage limited.
Details in the privacy policyPrivacy
This page is publicly accessible for App Store review and for anyone using VaultSnap. It documents encryption, on-device data handling, StoreKit purchases, break-in detection, and contact details.
Last updated: July 13, 2026
VaultSnap ("the app") is an encrypted photo vault for iOS. Photos and thumbnails are encrypted on your device. Album metadata and settings remain inside the app's sandbox and receive iOS data protection, but are not separately encrypted by VaultSnap. There are no user accounts or vault-data cloud sync. This policy explains what data VaultSnap processes, how it is protected, and what is shared with third-party services.
VaultSnap is developed and operated by TheChosenVictor LLC ("we," "us," "our"). Victor Solano owns TheChosenVictor LLC.
VaultSnap ships with no advertising of any kind. There are no banner ads, third-party ad SDKs, analytics SDKs, consent management platforms, or advertising identifiers. Vault media stays on your device. Apple StoreKit handles the optional one-time Lifetime Pro upgrade. The optional support form sends your category, message, optional email address, and automatic app and device diagnostics only when you tap Send.
VaultSnap processes the following data entirely on your device. None of this data is uploaded, transmitted, or accessible to anyone other than you.
Photos you import are encrypted using AES-256-GCM before being written to disk. The original unencrypted file never persists in the app's storage. Encrypted files are stored in the app's sandboxed container on your device.
Encrypted thumbnails are generated for gallery display. These are also encrypted at rest using the same AES-256-GCM encryption as full-size media.
Album names, sort order, and photo-to-album assignments are stored in an on-device database (SwiftData). This metadata is not encrypted separately but resides within the app's sandboxed container, which is protected by iOS data protection.
If you set a PIN, it is hashed using PBKDF2 with a random salt before storage. The plaintext PIN is never stored. The hash is used only to verify your identity during unlock.
Your master encryption key is stored in the iOS Keychain with the kSecAttrAccessibleWhenUnlockedThisDeviceOnly accessibility class. The key is available only while your device is unlocked, does not sync through iCloud Keychain, and is not migrated to a different device.
When enabled (opt-in, default OFF), VaultSnap captures a photo using the front camera after three consecutive failed PIN attempts without an additional in-app confirmation at that moment. iOS may display its camera-use indicator. These selfies are encrypted and stored on-device with a 90-day automatic expiry. They are never transmitted off your device.
VaultSnap uses AES-256-GCM encryption via Apple's CryptoKit framework. Each file is encrypted with a unique nonce. The master encryption key is generated on-device and stored in the iOS Keychain with the following attributes:
kSecAttrAccessibleWhenUnlockedThisDeviceOnlyThisDeviceOnly accessibility class prevents the key from migrating to another device.VaultSnap does not upload vault media or metadata to an app-operated cloud service. There is no user account system, vault sync, app-owned telemetry, or app-owned crash reporting. The optional support form uses TheChosenVictor.com's support endpoint, but it does not include vault contents.
VaultSnap ships with no advertising of any kind. The app does not show ads, does not include any advertising SDKs, and does not collect or share advertising identifiers. The app does not present an App Tracking Transparency prompt because it performs no tracking.
The app does not initialize any analytics SDK, crash reporting SDK, or consent management platform.
VaultSnap uses Apple's PHPicker to let you import photos from your camera roll. PHPicker runs in a separate process outside the app and only provides VaultSnap with the specific photos you select. VaultSnap never has broad access to your entire photo library.
VaultSnap requests camera access only if you enable Break-In Selfie detection.
When enabled, the front camera is used after three consecutive failed PIN attempts. Captured selfies are encrypted, stored on your device, and automatically expire after 90 days. See the "Break-In Selfies" section above for details.
The optional Lifetime Pro upgrade is handled by Apple via StoreKit. VaultSnap does not process payment cards or billing credentials directly. Purchase validation happens on-device. No receipts are sent to external servers.
VaultSnap includes an optional break-in detection feature that is disabled by default. When you enable it:
This feature is entirely opt-in. You must explicitly enable it in Settings.
VaultSnap offers a decoy vault feature that displays an empty vault with no real albums, photos, settings, trash, or break-in logs exposed when a secondary PIN is entered. No data about which content is hidden, which vault is the "real" vault, or any other decoy-related information ever leaves your device.
VaultSnap stores data locally using the following mechanisms:
| Storage | What is stored |
|---|---|
| App sandbox (encrypted files) | Encrypted photos and thumbnails |
| SwiftData | Album metadata, vault settings, break-in selfie records |
| iOS Keychain | Master encryption key |
| UserDefaults | App preferences, onboarding state, purchase status |
All data resides within the app's sandboxed container, which is protected by iOS data protection.
Outside information you voluntarily send through Support and Feedback, VaultSnap does not collect or request:
VaultSnap has no account system or vault-data cloud sync.
If you use the in-app support form, VaultSnap sends the category, message, iOS version, app version, device model, and optional email address to TheChosenVictor.com. The support endpoint adds the app name, submission source, and timestamp, then stores a one-way hash of your IP address with the report. The raw IP address is processed in memory for rate limiting and is not stored in the feedback record. The submission is stored in our support database and delivered to our support inbox through Resend. The support request does not include photos, albums, PINs, or encryption keys. We use this information to respond, investigate problems, and prevent abuse.
| Service | Purpose | Privacy Policy |
|---|---|---|
| Apple StoreKit | Optional one-time Lifetime Pro upgrade | Apple Privacy Policy |
| Resend | Delivery of optional support and feedback messages | Resend Privacy Policy |
No advertising, analytics, or tracking SDKs are integrated into VaultSnap.
Vault data stays on your device. If you submit a support request, the submitted information may be processed by our hosting and email providers in the countries where they operate.
You can delete vault data from Settings > Delete All Data. This permanently removes encrypted photos, thumbnails, album metadata, break-in selfies, and app settings from the device. The master encryption key may remain in the iOS Keychain. This action is irreversible for the deleted vault data.
Uninstalling VaultSnap removes its app-container data from your device. iOS controls Keychain retention, so VaultSnap does not claim that uninstalling the app removes the master key.
Because VaultSnap has no app account or vault-data backend, there is no server-side app account to delete.
You may:
If you are located in the EEA, you have the following rights under the General Data Protection Regulation:
You control vault data on your device through Settings > Delete All Data. For support records, contact us from the email address associated with the request.
TheChosenVictor LLC acts as the data controller for the VaultSnap app. You may contact us at [email protected] for any GDPR-related requests.
Data Protection Contact: TheChosenVictor LLC handles privacy requests for this app. A separate Data Protection Officer is not designated for the scale and nature of the processing described here. For all data protection inquiries, contact [email protected]. We will respond within 30 days.
If you are a California resident, the California Consumer Privacy Act gives you:
VaultSnap does not sell or share your personal information.
To exercise any CCPA rights, contact us at [email protected].
VaultSnap is rated 4+ on the App Store. It is not designed for children, and the optional support form is not intended for a child to submit personal information. If you believe a child has provided personal information through the support form, contact us and we will take steps to delete it.
We may update this policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
For privacy questions, data requests, or concerns:
Data Controller: TheChosenVictor LLC Email: [email protected]
We aim to respond to all privacy-related requests within 30 days.