SCVault

Privacy Policy & Terms of Service

Last updated: February 5, 2026

Overview

SCVault is a zero-knowledge encrypted photo and video vault. Your privacy is the core principle of this application. We do not collect, store, transmit, or have access to any of your personal data, files, or encryption credentials.

Data Collection

SCVault collects no data whatsoever. Specifically:

•        No analytics or usage tracking

•        No crash reporting

•        No advertising identifiers

•        No personal information

•        No cookies or fingerprinting

•        No server-side storage or processing

Encryption & Security

All encryption and decryption occurs entirely on your device using the Web Crypto API. Your encryption password is never transmitted, stored remotely, or accessible to anyone other than you.

•        Encryption: AES-256-GCM

•        Key derivation: PBKDF2 with 600,000 iterations

•        Architecture: Zero-knowledge — the app developer cannot access your data under any circumstances

If you forget your encryption password, your data cannot be recovered. There is no backdoor, recovery mechanism, or master key.

User Responsibility & Backups

You are solely responsible for maintaining separate backups of your original files at all times. SCVault is an encryption tool, not a backup service. You should always keep copies of your original, unencrypted files in a separate location that you control.

By using SCVault, you acknowledge and accept that:

•        You are responsible for remembering your encryption password and PIN

•        Forgotten passwords result in permanent, irrecoverable data loss

•        You must maintain independent backups of all files stored in SCVault

•        Device failures, software bugs, Google Drive disruptions, or any other technical issues may result in data loss

•        Resetting the vault permanently destroys all encrypted data, both locally and on Google Drive

Google Drive

SCVault optionally connects to your Google Drive account to store encrypted files. When connected:

•        SCVault uses the drive.file scope, which limits access to only files and folders created by the app

•        SCVault cannot read, modify, or access any other files in your Google Drive

•        All files uploaded to Google Drive are encrypted before leaving your device

•        Google Drive receives only encrypted, unreadable data — it cannot see your photos, videos, or file names

•        Your Google email address is displayed locally for your convenience and is not transmitted to any third party

You can disconnect Google Drive at any time from the Settings screen. SCVault does not retain your Google OAuth tokens after disconnection.

Local Storage

SCVault stores the following data locally on your device:

•        Your encrypted files and thumbnails

•        Your PIN-encrypted password (in secure local storage)

•        Encryption salts and verification tokens

•        App preferences (view mode, sort order, auto-lock timer)

All sensitive data stored locally is encrypted. Resetting the vault permanently deletes all local data.

Third-Party Services

SCVault uses only one third-party service:

•        Google Identity Services & Google Drive API — for optional cloud backup of encrypted files. Subject to Google’s Privacy Policy (https://policies.google.com/privacy).

No other third-party services, SDKs, analytics platforms, or advertising networks are used.

Disclaimer of Warranties

SCVault is provided “as is” and “as available” without warranties of any kind, whether express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, and non-infringement. The developer makes no warranty that:

•        The application will meet your requirements or expectations

•        The application will be uninterrupted, timely, secure, or error-free

•        Any data stored, encrypted, or transmitted through the application will be preserved, accessible, or recoverable

•        Any defects or errors in the application will be corrected

Limitation of Liability

To the maximum extent permitted by applicable law, the developer shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to:

•        Loss, corruption, or inaccessibility of files, photos, videos, or any other data

•        Loss resulting from forgotten passwords, PINs, or encryption credentials

•        Damages arising from device failure, software malfunction, or third-party service disruptions (including Google Drive)

•        Any unauthorized access to your data resulting from your failure to maintain adequate security of your credentials

•        Any damages resulting from bugs, errors, or vulnerabilities in the application

In no event shall the developer’s total liability exceed the amount you paid for the application (if any).

Indemnification

You agree to indemnify, defend, and hold harmless the developer and any associated parties from and against any and all claims, damages, obligations, losses, liabilities, costs, and expenses (including reasonable attorney’s fees) arising from:

•        Your use or misuse of the application

•        Your failure to maintain separate backups of your files

•        Your failure to safeguard your encryption password, PIN, or any other credentials

•        Any violation of these terms by you

•        Any claim by a third party related to your use of the application

Children’s Privacy

SCVault is not directed at children under 13. We do not knowingly collect any information from children.

Changes to This Policy

The developer reserves the right to modify this policy and these terms at any time. Changes will be reflected in the app with an updated date. Continued use of SCVault after changes constitutes acceptance of the revised terms.

Contact

For questions about this privacy policy or these terms, contact the developer through the app’s distribution platform.

© 2026 SCVault. All rights reserved.