Privacy Policy

SharpVault is meticulously engineered as a 100% offline application. We intentionally do not maintain any servers, databases, or cloud infrastructure to store, relay, or analyze your data.

• No Telemetry: We do not track how you use the app or interact with features.
• No Analytics: We do not secretly collect crash reports or behavior metrics.
• No Internet Required: Your vault operates completely untethered from the web.

Put simply: We do not collect, transmit, or share any of your personal information, media files, passwords, or usage analytics. Everything happens locally on your physical device.

Every file, photo, video, text note, and metadata entry you store inside SharpVault is encrypted directly on your device using AES-256-GCM encryption.

The cryptographic keys protecting your data are derived securely from your Master PIN and are stored exclusively within the impenetrable secure hardware enclave of your device (Android Keystore). Because we utilize a Zero-Knowledge Proof model, the developers cannot decrypt your files, and neither can anyone else who does not possess your device along with your Master PIN or biometric signature.

SharpVault strictly requests only the local device permissions vital to provide its core functionality. These permissions are used exclusively within the sandbox of your device:

• Storage & Media: Required to seamlessly read from and write to your device's storage when importing files into the encrypted vault or exporting them back to your public gallery.
• Camera: Required exclusively for the "Intruder Detection" feature to silently capture photos of unauthorized access attempts locally.
• Biometrics: Required to allow fingerprint or facial recognition unlock. SharpVault relies on the native Android OS API to verify identity; we never access, read, or export raw biometric data.

Advanced security features involving data generation—such as Intruder Detection photos or Fake Vault configurations—are managed entirely inside your local encrypted Realm database.

These localized logs and configurations exist solely for your personal security monitoring, audit trails, and protection under situational duress. They are inherently invisible to other apps on your device and are never sent to external networks.

Because SharpVault intentionally lacks internet connectivity constraints and does not fetch configuration updates dynamically, any changes to this Privacy Policy will be delivered exclusively through official application updates via the Google Play Store (or your respective secure platform). Continued use of the updated app constitutes your ongoing agreement to these terms.