cryptoscreen Privacy Policy

cryptoscreen is designed for one-time encrypted messages. Message plaintext is encrypted on the sender device before upload and is not stored by the service.

What the service stores

The production API stores encrypted message bytes, nonce, tag, salt, expiry time, and failed attempt count. User message rows are deleted after a successful read, after the third wrong PIN, or after expiry cleanup. Unused user links expire after 30 days.

Service-owned retained review/demo rows may remain reusable for Apple App Review and TestFlight invocation testing. These rows must contain only demo text, not private user content.

The service also keeps an aggregate count of how many sealed messages have been shared. That counter does not include message content, recipients, senders, or link secrets.

What is not stored

The service does not intentionally store plaintext message content, the URL fragment secret, contact lists, or account profiles.

Operational data

Cloudflare and Neon may process standard infrastructure logs needed to operate, secure, and debug the service.

Contact

For privacy requests, use the contact address on the support page.