Public privacy disclosures for VaultSnap.

Privacy Policy

VaultSnap Last updated: March 19, 2026

Overview

VaultSnap ("the app") is an encrypted photo vault for iOS. All photos, videos, and metadata you store in VaultSnap are encrypted on your device and never leave it. There are no user accounts, no cloud storage, no backend servers, and no analytics. This policy explains what data VaultSnap processes, how it is protected, and what is shared with third-party services.

VaultSnap is developed by Victor Solano ("we," "us," "our").

Data Processed on Device

VaultSnap processes the following data entirely on your device. None of this data is uploaded, transmitted, or accessible to anyone other than you.

Encrypted Photos and Videos

Photos and videos you import or capture are encrypted using AES-256-GCM before being written to disk. The original unencrypted file never persists in the app's storage. Encrypted files are stored in the app's sandboxed container on your device.

Thumbnails

Encrypted thumbnails are generated for gallery display. These are also encrypted at rest using the same AES-256-GCM encryption as full-size media.

Album Metadata

Album names, sort order, and photo-to-album assignments are stored in an on-device database (SwiftData). This metadata is not encrypted separately but resides within the app's sandboxed container, which is protected by iOS data protection.

PIN Hash

If you set a PIN, it is hashed using PBKDF2 with a random salt before storage. The plaintext PIN is never stored. The hash is used only to verify your identity during unlock.

Master Encryption Key

Your master encryption key is stored in the iOS Keychain with the kSecAttrAccessibleWhenUnlockedThisDeviceOnly accessibility class. This means the key is available only while your device is unlocked, is never included in device backups, and is never synced to iCloud Keychain.

Break-In Selfies

When enabled (opt-in, default OFF), VaultSnap silently captures a photo using the front camera after three consecutive failed PIN attempts. These selfies are encrypted and stored on-device with a 90-day automatic expiry. They are never transmitted off your device.

Encryption Details

VaultSnap uses AES-256-GCM encryption via Apple's CryptoKit framework. Each file is encrypted with a unique nonce. The master encryption key is generated on-device and stored in the iOS Keychain with the following attributes:

• Accessibility: kSecAttrAccessibleWhenUnlockedThisDeviceOnly
• iCloud sync: Disabled. The key never leaves your device.
• Backup inclusion: Excluded. The key is not included in iTunes or iCloud backups.

No Cloud, No Backend, No Analytics

VaultSnap does not upload any data to the cloud. There is no backend server, no user account system, no cloud sync, no analytics SDK, no telemetry, and no crash reporting. Your encrypted data exists only on your device.

Photo Library Access

VaultSnap uses Apple's PHPicker to let you import photos from your camera roll. PHPicker runs in a separate process outside the app and only provides VaultSnap with the specific photos you select. VaultSnap never has broad access to your entire photo library.

Camera Access

VaultSnap requests camera access for two purposes:

1. Direct capture: You can take photos directly into the vault using the in-app camera. Captured photos are encrypted immediately and never saved to your camera roll.
2. Break-in selfie detection: When enabled, the front camera is used to photograph failed PIN attempts. See the "Break-In Selfies" section above for details.

Advertising (Free Tier)

VaultSnap uses Google AdMob to display ads for free-tier users. The AdMob SDK may collect:

• Device identifiers (for example, IDFA when permitted)
• Ad interaction data, including impressions and taps
• Basic device information such as model and OS version

This data is processed by Google under their privacy policy. VaultSnap does not have access to the raw data AdMob collects.

Google AdMob may also collect coarse location (IP-based), crash data, performance data, and diagnostic information. For the full list of data types Google collects through AdMob, see Google's data disclosure guide.

Pro users: The ad SDK is never initialized for Pro users. No advertising data is collected or transmitted.

Tracking and Consent

VaultSnap shows Apple's App Tracking Transparency (ATT) prompt before initializing any ad requests.

• If you allow tracking: ads may be personalized based on your activity across other apps and websites.
• If you deny tracking: only non-personalized ads are shown. No cross-app tracking occurs.

VaultSnap also presents a UMP (User Messaging Platform) consent dialog for users in regions where GDPR or similar regulations apply. This dialog lets you manage your preferences for ad personalization and data processing.

You can change your tracking preference at any time in iOS Settings > Privacy & Security > Tracking.

Tracking Domains

When ads are served, the AdMob SDK may communicate with the following domains:

• googleads.g.doubleclick.net
• googlesyndication.com
• app-measurement.com
• googleadservices.com

These domains are used for ad delivery, measurement, and attribution. No tracking domain communication occurs for Pro users.

In-App Purchases

Purchases are handled by Apple via StoreKit. VaultSnap does not process payment cards or billing credentials directly. Purchase validation happens on-device. No receipts are sent to external servers.

Break-In Selfie Disclosure

VaultSnap includes an optional break-in detection feature that is disabled by default. When you enable it:

• After three consecutive failed PIN attempts, the app silently captures a photo using the front-facing camera.
• The captured selfie is encrypted using the same AES-256-GCM encryption as all other vault content.
• Selfies are stored on-device only and are never transmitted, uploaded, or shared.
• Selfies automatically expire and are deleted after 90 days.
• You can view and manually delete break-in selfies at any time from within the app.

This feature is entirely opt-in. You must explicitly enable it in Settings.

Decoy Vault

VaultSnap offers a decoy vault feature that displays alternate, innocuous content when a secondary PIN is entered. No data about which content is hidden, which vault is the "real" vault, or any other decoy-related information ever leaves your device.

Data Stored on Device

VaultSnap stores data locally using the following mechanisms:

All data resides within the app's sandboxed container, which is protected by iOS data protection.

Data We Do Not Collect

VaultSnap does not collect or request:

• Your name, email address, or phone number
• Your precise location (GPS). Note: Google AdMob may use your IP address to infer approximate, city-level location for ad targeting, as described in the Advertising section above
• Your contacts, calendar, or health data
• Browsing or search history
• Crash logs or diagnostics (no analytics SDK is included)

Third-Party Services

VaultSnap Pro users are never shown ads. The AdMob SDK may still be present in the app binary but does not serve ads or collect data for Pro users.

Google processes advertising data in accordance with their Ads Data Processing Terms. Google acts as a data processor for certain advertising data and as an independent data controller for other data, as described in their terms.

International Data Transfers

VaultSnap itself does not transfer data internationally. All vault data stays on your device.

However, when ads are served to free-tier users, Google AdMob may transfer advertising data to Google servers located in the United States and other countries. Google provides appropriate safeguards for international transfers as described in their privacy policy.

Data Retention

• On-device vault data is retained until you explicitly delete it or uninstall the app.
• Break-in selfies automatically expire and are deleted after 90 days.
• AdMob data is retained by Google per their data retention policies.
• StoreKit purchase records are retained by Apple per their policies.

Data Deletion

You can delete all vault data from Settings > Delete All Data. This permanently removes all encrypted photos, videos, thumbnails, album metadata, break-in selfies, and preferences from the device. This action is irreversible.

Uninstalling VaultSnap removes all app-local stored data from your device. The master encryption key is removed from the Keychain upon uninstall.

To request deletion of any data processed by Google AdMob, refer to Google's Privacy Policy for details on data deletion and your rights.

Your Rights

For All Users

You may:

• Access your data by viewing your vault content, albums, and settings within the app.
• Delete your data at any time using Settings > Delete All Data, which permanently removes all vault content and metadata from the device.
• Control ad tracking by changing your preference in iOS Settings > Privacy & Security > Tracking, or by changing ad consent preferences in VaultSnap Settings (where available).

European Economic Area (GDPR)

If you are located in the EEA, you have the following rights under the General Data Protection Regulation:

• Right to access (Art. 15): request a copy of the personal data we hold about you.
• Right to rectification (Art. 16): request correction of inaccurate data.
• Right to erasure (Art. 17): request deletion of your data ("right to be forgotten").
• Right to restrict processing (Art. 18): request that we limit how we use your data.
• Right to data portability (Art. 20): request a machine-readable copy of your data.
• Right to object (Art. 21): object to processing of your data for certain purposes.
• Right to withdraw consent (Art. 7): withdraw your ad tracking or ad personalization consent at any time without affecting the lawfulness of prior processing.

Since VaultSnap stores all data locally on your device with no backend, you already have direct control over your data. Use Settings > Delete All Data to exercise your right to erasure. For data processed by Google AdMob, contact Google directly using their privacy tools.

For EEA users, Google acts as an independent data controller for the advertising data it collects through AdMob. Victor Solano acts as the data controller for the VaultSnap app. You may contact us at [email protected] for any GDPR-related requests.

Data Protection Contact: VaultSnap is developed by an individual developer. Under GDPR Article 37, a Data Protection Officer is not required for organizations of this nature and scale. For all data protection inquiries, contact [email protected]. We will respond within 30 days.

California (CCPA)

If you are a California resident, the California Consumer Privacy Act gives you:

• Right to know: what personal information is collected and how it is used.
• Right to delete: request deletion of your personal information.
• Right to opt-out of sale/sharing: opt out of the sale or sharing of your personal information.
• Right to non-discrimination: equal service regardless of whether you exercise your privacy rights.

VaultSnap does not sell your personal information. When ad tracking is enabled, advertising identifiers may be shared with Google AdMob for personalized advertising purposes. You can opt out at any time by:

1. Denying tracking in the iOS App Tracking Transparency prompt, or
2. Changing your preference in iOS Settings > Privacy & Security > Tracking.

To exercise any CCPA rights, contact us at [email protected].

Children's Privacy

VaultSnap is rated 17+ on the App Store and is not directed to children. We do not knowingly collect personal information from children under 17. If you believe a child under 17 has provided personal information through our app, please contact us and we will take steps to delete such information.

Changes to This Policy

We may update this policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

Contact

For privacy questions, data requests, or concerns:

Data Controller: Victor Solano Email: [email protected]

We aim to respond to all privacy-related requests within 30 days.