Privacy Policy
Last Updated: May 27, 2026 Effective Date: May 27, 2026
Emoryx ("Emoryx", "we", "us", or "our") is an application
developed and operated by Erez Cohen ("Developer"), located in Israel.
This Privacy Policy explains how Emoryx handles information when you use the
mobile application (the "App") and the supporting website at
https://emoryx.erezults.com (the "Website", together with the App, the
"Service").
By using the Service you agree to the practices described in this Privacy Policy. If you do not agree, do not install or use the App.
1. Summary (in plain language)
- The App is designed as a local-first private vault. By default, your files and metadata never leave your device.
- Emoryx does not operate any servers, does not collect analytics, does not use third-party trackers, and has no access to your content.
- If you choose to enable iCloud Backup (an optional feature), your data is uploaded to your own iCloud Drive container under Apple's control. Emoryx cannot read, recover, or restore that data without your password — including the Developer. Your iCloud password is never transmitted to or stored by the Developer.
- The Service uses only Apple-provided platform services (SecureStore / Keychain, expo-file-system, iCloud Drive, Photos, Camera, StoreKit, App Store Connect). Apple's privacy practices apply to those services. See Apple's Privacy Policy.
- You are solely responsible for your data, your iCloud account, your passwords, and your backups.
2. Information we collect
2.1 Information we do NOT collect
The Developer does not operate any backend servers, analytics platforms, crash-reporting services, advertising networks, or marketing tools. As a result, the Developer does not receive or store any of the following:
- Your name, email address, phone number, or contact information
- Your location, IP address, or device identifiers
- Your photos, videos, files, folder names, or metadata
- Your passwords, encryption keys, or recovery phrases
- Your usage patterns, screen views, taps, or interactions
- Crash logs or diagnostic information
2.2 Information that stays on your device
The App stores the following information locally on your device, in sandboxed storage that is not accessible to other apps or to the Developer:
- The files, photos, videos, and documents you import into the vault
- Folder structure and folder names
- File metadata (creation date, file size, MIME type) generated by iOS
- A salted, one-way hash of your app password (stored in iOS Keychain via SecureStore — the password itself is never stored)
- App preferences (language, theme, sort order, whether Face ID is enabled, whether onboarding has been completed)
- One-time prompt flags (e.g. whether we already asked about Face ID)
When you delete the App, iOS removes the sandbox storage. The Keychain entries are removed by the App on first launch after reinstall (we detect a fresh install via a marker file).
2.3 Information processed by Apple (third party)
The App relies on the following Apple platform services. These services have their own privacy practices, governed by Apple:
| Service | Purpose | Apple's privacy practices apply |
|---|---|---|
| App Store / TestFlight | App distribution, purchase records, subscription receipts | Yes — see Apple Privacy Policy |
| iCloud Drive | Optional encrypted backup of your vault | Yes — see Apple iCloud Privacy |
| iCloud account verification | Your Apple ID verifies subscription entitlement and Family Sharing | Yes |
| StoreKit | In-app purchase / subscription processing | Yes |
| Photos framework | When you import from your Photo library (with your permission) | Yes |
| Camera | When you capture a new photo or video (with your permission) | Yes |
| Local Authentication (Face ID / Touch ID) | When you unlock the App (with your permission). Biometric data never leaves the Secure Enclave. | Yes |
| Files (UIDocumentPickerViewController) | When you import from Files or iCloud Drive (with your permission) | Yes |
We do not receive any data from these services beyond what is necessary for the App to function (e.g. the URI of the file you selected). Apple may collect information independently as described in their policies.
2.4 Subscription information (from Apple)
If you purchase a subscription or one-time purchase through Apple, Apple processes your payment. The Developer receives only the information Apple provides through the App Store Connect API:
- Anonymous transaction identifiers
- Subscription status and expiration date
- Product purchased (Monthly, Yearly, or Lifetime)
- Refund or cancellation events
The Developer does not receive your name, email, payment method, billing address, or any other personal information from Apple.
2.5 Family Sharing
If you share your subscription via Apple Family Sharing, family members' purchases are verified through their own Apple IDs. Each family member's vault data remains private to their own device — Family Sharing only shares the right to use Premium features, not the encrypted content of any vault.
3. iCloud Backup — How it works
If you choose to enable iCloud Backup:
- The App generates a 256-bit AES master key derived from your iCloud Backup Password using PBKDF2 with a per-device random salt.
- Each file is encrypted on your device using AES-GCM with that master key, then uploaded to the App's iCloud Drive container (under your iCloud account).
- The metadata manifest is also encrypted with the same key and stored in the container.
- The salt is stored unencrypted in the container so that restore is possible from a fresh install (re-derivation requires the password again).
Key implications:
- The Developer cannot decrypt your backup. Apple cannot decrypt your backup (the encryption is done client-side before upload).
- If you forget your iCloud Backup Password, your backup is permanently unrecoverable. There is no recovery mechanism, no support workaround, and no "forgot password" link. This is by design.
- iCloud Drive availability, retention, and quota are entirely managed by Apple. The Developer has no control over them and is not responsible for their availability, accuracy, or completeness.
- You can delete the backup at any time from within the App (Settings → iCloud Sync → Disable + Delete).
4. Permissions
The App requests permissions strictly as needed for the features you invoke:
| Permission | Why | When asked |
|---|---|---|
| Camera | To capture a photo/video into the vault | First time you use the Camera option |
| Photo Library | To import existing photos/videos | First time you tap "Photos" |
| Photo Library — Save | When you export from the vault back to Photos | First time you export |
| Photo Library — Delete | To remove originals from Photos after import (optional) | First time you accept the delete-original prompt |
| Face ID / Touch ID | To unlock the App and (optionally) folders | First time you enable biometric unlock |
| Files | To import from the Files app or iCloud Drive | First time you tap "Files" |
You may revoke any of these permissions at any time in iOS Settings → Emoryx. Doing so will disable the corresponding feature but will not delete your existing vault content.
5. Children's privacy
The App is rated 4+ by Apple's age rating system. The App does not collect personal information from children or any other users. Parents and guardians should supervise their children's installation and use of the App. If you believe a child has used the App and you wish to delete any vault data, you may do so from within the App itself (Settings → Delete Account & All Data).
6. International transfers
Because the Developer does not collect or transmit any personal data, there are no international data transfers performed by the Developer. Apple's iCloud and App Store services may transfer data internationally according to Apple's policies and applicable law.
7. Your rights (GDPR, CCPA, and similar laws)
Under the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and similar laws, you may have rights including:
- The right to know what personal data is collected about you
- The right to access, correct, or delete your personal data
- The right to data portability
- The right to opt out of the sale or sharing of personal information
- The right to non-discrimination for exercising these rights
Because the Developer does not collect or store your personal data, there is no personal data held by the Developer to access, correct, or delete. Your vault content lives only on your device (and optionally in your iCloud account, under your control). You may exercise full control by:
- Using the App's built-in "Delete Account & All Data" function
- Disabling iCloud Backup and deleting the backup container
- Uninstalling the App
- Managing your Apple ID privacy settings at appleid.apple.com
If you have a question or believe the Developer holds personal data about you, contact emoryx.support@erezults.com.
8. Security
The Developer implements industry-standard security practices appropriate to the local-only nature of the Service, including:
- Encryption of iCloud backups using AES-GCM with PBKDF2-derived keys
- Password storage using salted, one-way cryptographic hashing (Argon2-grade)
- Use of iOS Keychain (Secure Enclave) for sensitive material via SecureStore
- App-level lock with biometric or password authentication
- Per-folder optional password protection
- Privacy cover during app-switcher snapshots
- Sandboxed file storage isolated from other apps
No security system is perfectly secure. You are responsible for choosing a strong password and for safeguarding your iCloud account and device. The Developer cannot recover lost passwords or decrypted data.
9. Changes to this Privacy Policy
The Developer may update this Privacy Policy from time to time. The "Last Updated" date at the top of this document indicates when the latest revision was made. Material changes will be communicated in the App on the next launch. Continued use of the Service after such notice constitutes acceptance of the revised Privacy Policy.
10. Contact
Questions, concerns, or requests regarding this Privacy Policy:
Email: emoryx.support@erezults.com Website: https://emoryx.erezults.com
11. Limitation of warranty (privacy-related)
THE DEVELOPER PROVIDES THIS PRIVACY POLICY IN GOOD FAITH AND TO THE BEST OF HIS KNOWLEDGE. NO WARRANTY OR GUARANTEE IS PROVIDED THAT APPLE'S OR ANY THIRD-PARTY SERVICE'S PRIVACY PRACTICES WILL BE FREE FROM CHANGE, ERROR, OR COMPROMISE. THE DEVELOPER SHALL NOT BE LIABLE FOR ANY ACTS, OMISSIONS, OR SECURITY INCIDENTS OF APPLE OR ANY OTHER THIRD-PARTY PROVIDER. SEE THE ACCOMPANYING TERMS OF SERVICE FOR FURTHER DISCLAIMERS AND LIMITATIONS.