Privacy Policy

Effective date: 24 May 2026 · Last updated: 24 May 2026

LockMemo is a local-first, end-to-end encrypted vault for passwords, one-time codes, notes, attachments, and crypto seed phrases. This policy describes — in plain language — what data the app handles, how it is protected, and who, if anyone, can see it.

The short version: LockMemo does not collect, transmit, or have access to any of your personal data. There is no LockMemo account, no LockMemo server, no analytics, no advertising, and no crash-reporting service. Your vault lives on your device and, optionally, in a Git repository you control.

1. Who we are

LockMemo (the "app") is developed and published by GoKit Apps ("we", "us", "our"). For questions about this policy, contact: support@goappkit.com.

2. Information we do not collect

The following data is never collected by LockMemo:

• Your name, email address, phone number, postal address, or any other personal identifier.
• Your IP address, device identifier (IDFA / GAID), or location.
• Your contacts, photos, calendar, microphone, or browsing history.
• Usage analytics, telemetry, crash reports, performance metrics, or click events.
• Your master password, vault contents, or any value typed into the app.

LockMemo contains no advertising SDKs, no analytics SDKs (e.g. Google Analytics, Firebase Analytics, Amplitude, Mixpanel), and no crash-reporting SDKs (e.g. Firebase Crashlytics, Sentry, Bugsnag).

3. Information stored on your device

LockMemo creates a vault on your device that contains everything you choose to save. This vault never leaves your device unless you explicitly enable sync (see Section 5).

What's in the vault

• Credentials you create (titles, custom field labels and values, including passwords).
• Notes you write.
• Attachments you add (images, PDFs, files, including crypto seed phrases).
• TOTP secrets for authenticator codes.
• Application settings (your preferred language, sort order, auto-lock duration, etc.).

How it is protected

• Every file written to the vault is encrypted with AES-256-GCM using a key derived from your master passphrase via Argon2id (RFC 9106), with a random 256-bit salt per vault.
• File names on disk are HMAC-SHA256 hashes, so even an attacker with raw access to the storage cannot learn the names of files in the vault.
• A separate encrypted SQLite database (SQLCipher, AES-256-CBC) is used as a search index. Its key is also derived from your master passphrase.
• Your master passphrase is never stored. It exists only in memory while the vault is unlocked.
• If you enable biometric unlock (Face ID / Touch ID / Fingerprint), a single 32-byte key is stored in the platform keychain (iOS Keychain / Android Keystore), protected by the operating system's biometric-bound access controls. This key encrypts the same vault — the master passphrase still has to unlock at least once.

Because the encryption key is derived from your master passphrase and never transmitted, we cannot decrypt your vault under any circumstance. If you forget your master passphrase, there is no recovery — your data is mathematically irretrievable.

4. Device permissions LockMemo may request

LockMemo requests system permissions only at the moment they are needed for a specific user-initiated action. None of these are used for tracking.

• Camera — only when you tap "Scan QR" to add a new authenticator. The camera feed is processed entirely on device; no image is stored or transmitted.
• Biometric authentication — only if you opt into biometric unlock. The biometric data itself never leaves the OS; LockMemo only receives a yes/no authentication result.
• Files / Photos — only when you tap to attach a file or image to a credential or note. The file you pick is encrypted and stored inside the vault; the original is not modified or copied elsewhere.
• Internet — only when you explicitly use Git sync (see Section 5) or tap a URL field to open a website in your default browser.

5. Optional Git sync

LockMemo can synchronize the vault to a Git repository you choose (e.g. GitHub, GitLab, Bitbucket, or a self-hosted server). This feature is off by default and must be explicitly enabled by you in Settings.

• When enabled, the encrypted vault files (already AES-256-GCM encrypted on your device) are pushed to the Git remote you configured.
• The Git remote sees only encrypted bytes and HMAC-hashed file names. Without your master passphrase, neither the Git provider nor anyone with access to the repository can read your data.
• Your Git credentials (URL, username, personal access token) are stored inside your encrypted vault — they are not sent to us.
• The Git provider you choose has its own privacy policy (e.g. GitHub, GitLab) governing what they do with the bytes you push. LockMemo has no agreement with these providers on your behalf.

6. In-app purchases

If LockMemo offers paid features in the future, purchases will be processed by Apple App Store or Google Play. Those platforms collect transaction data according to their own privacy policies; LockMemo does not see your name, payment method, or billing address.

We may use a third-party receipt-verification service (e.g. RevenueCat) to confirm that a purchase is valid. Any such service receives only an anonymous purchase token, never your identity.

7. Third-party libraries

LockMemo is built with open-source libraries. None of the libraries we use perform network requests on behalf of the app without an explicit user action. Notable libraries:

• sqlcipher — encrypted SQLite (offline).
• libgit2dart — Git operations (only used when sync is enabled).
• mobile_scanner — camera-based QR decoding (offline).
• local_auth — biometric prompts (offline).
• flutter_secure_storage — single keychain entry for the biometric key.
• pdfx — in-memory PDF rendering (offline).
• bip39 — offline mnemonic validation.
• font_awesome brand icons — bundled as fonts, no network.

8. Children's privacy

LockMemo is intended for users aged 13 and older. We do not knowingly collect data from children, because LockMemo does not collect data from any user, of any age.

9. Your rights

Because your data is stored only on your device (and optionally in a Git repository you control), you have complete control over it at all times. Specifically:

• Access — you have direct access to your vault through the app.
• Export — you can export the entire vault as a plain-text ZIP at any time via Settings → Backup.
• Deletion — uninstalling the app removes the encrypted vault from your device. If you enabled Git sync, deleting the remote repository removes the synced copy. Because we never had a copy, no further request is needed.
• Portability — the vault is a directory of encrypted files plus a JSON manifest; it is self-contained and can be moved between devices.

10. Changes to this policy

If we materially change how the app handles data (e.g. add a new optional sync target), this page will be updated and the "Last updated" date at the top will change. We will also surface a notice inside the app on next launch. Continued use of the app after a material change constitutes acceptance of the updated policy.

11. Contact

Questions, concerns, or vulnerability disclosures: support@goappkit.com.