Lockify is a privacy-first Android application designed to help users securely store and manage files on their device. Your privacy is important to us, and this Privacy Policy explains how your data is handled when you use the app. Lockify is developed and operated by Subhodeep Roy, an independent developer based in India.

01

Information We Collect

The current version of Lockify does not automatically collect personal data. Future versions may introduce optional features that require limited data processing, which will be clearly disclosed. The app only processes information that you explicitly provide or choose to use within the app.

a) Files You Choose to Import

When you import files (such as images, videos, PDFs, or other documents), those files are processed and stored locally on your device inside the app's private storage. These files may contain personal or sensitive information depending on their content. Lockify does not analyze or inspect the contents of your files beyond what is required to provide vault functionality.

b) Authentication and Access Control

Lockify uses the Android operating system's secure authentication mechanisms to protect access to the vault. Access always requires biometric authentication or the device's screen lock credential (such as fingerprint, face unlock, or device PIN, pattern, or password). This requirement applies in all modes of operation.

Lockify does not access, store, or process biometric data or device credentials. All biometric and device authentication is handled entirely by the Android operating system — Lockify only receives an authentication success or failure result.

If the user enables calculator stealth mode, an additional calculator-style PIN and gesture are required before the system authentication prompt is shown. This calculator PIN acts as an extra access gate and does not replace biometric or device credential authentication. It is stored locally in a secure, cryptographically derived form and is used only to determine whether to proceed to system authentication.

c) Optional Profile Information

You may optionally set a profile name within the app. This information is stored locally on your device and is used only for display within the app.

d) Google Account Information (Cloud Sync)

If you choose to enable the optional Cloud Sync feature, Lockify requests your Google account email address as part of connecting to Google Drive. This is used only to confirm and display which account is connected, and is stored locally on your device. See Section 07 for details on Cloud Sync.

02

Data Stored on Your Device

All data used by Lockify is stored locally on your device only, unless you choose to enable the optional Cloud Sync feature described in Section 07. This includes:

Lockify does not upload or synchronize this data to any external servers unless you explicitly enable Cloud Sync. The Decoy Vault is never included in local backups or Cloud Sync — its contents remain exclusively on the device they were created on.

While Lockify implements strong encryption and on-device security measures, no software system can guarantee absolute security.

03

Thumbnails and File Previews

To display previews of files inside the vault, Lockify generates thumbnail images from files you import. These thumbnails are stored locally within the app's private storage and are not shared or transmitted.

04

Premium Security Features

Lockify offers optional premium features for protecting and disguising the vault. These features operate entirely on your device and do not transmit data externally.

a) Disguise Mode

Disguise Mode lets you replace the app's icon and name with one of three preset alternatives (Settings, Package Installer, or Device Care). Tapping the disguised icon shows a short message you configure yourself, rather than opening the vault. The vault can only be opened while disguised via a deep link (https://getlockifyapp.com/open). Your chosen preset and message are stored locally on your device.

b) Decoy Vault

Decoy Vault is a separate, alternate vault space protected by its own PIN that you set. It is stored locally on your device, independently of your main vault, and is never included in local backups or Cloud Sync.

c) Motion Lock

Motion Lock uses your device's built-in accelerometer to detect gestures such as a flip, shake, or snatch, and automatically locks the vault in response. Sensor readings are processed entirely on-device in real time to make this decision and are never stored or transmitted.

05

Temporary Decrypted Files

Certain features may temporarily create decrypted copies of files on your device only, such as:

These temporary files are stored in app-private locations and are intended to be removed automatically. Once a file is opened in another app, Lockify cannot control how that external app handles the file.

06

Encrypted Backup and Import

Lockify includes an optional encrypted backup feature that lets you create a portable backup of your vault and restore it later.

a) Creating a Backup

When you create a backup, Lockify encrypts all vault contents using AES-256-GCM encryption and writes the resulting backup file to a storage location you select on your device via Android's Storage Access Framework. Lockify does not transmit this file to any server. The backup file is stored wherever you choose to save it — Lockify has no control over what you do with the file after it is created.

b) Importing a Backup

When you import a backup, Lockify reads and decrypts the backup file you select. All decryption and data processing occurs entirely on your device. No data is transmitted externally during this process.

c) Background Processing and Foreground Service

Backup and import operations run as Android foreground services to ensure they complete reliably even when the app is in the background or removed from the recent tasks list. While a foreground service is active, Android requires Lockify to display a system notification indicating that a background operation is in progress. On older Android versions this appears as a notification in the notification shade; on Android 14 and above it may appear as an active-app indicator in the status bar. This is a system requirement and does not involve any collection or transmission of data.

07

Cloud Sync (Google Drive)

Lockify includes an optional Cloud Sync feature that lets you back up and restore your vault using your own Google Drive account.

a) Connecting Your Google Account

To use Cloud Sync, you choose and sign in with a Google account. Lockify requests your email address, shown in the app to confirm which account is connected, and permission to access only files that Lockify itself creates in your Google Drive — Lockify cannot see or access any of your other Drive files.

b) What Gets Synced

When Cloud Sync is enabled, your vault contents are encrypted on your device using the same AES-256-GCM encryption and password-based key derivation used for local backups, before ever leaving your device. The encrypted backup is then uploaded to a "Lockify Backup" folder in your Google Drive. Google and Lockify cannot read the contents of this encrypted backup. The Decoy Vault is never included in Cloud Sync.

c) Disconnecting Your Account

You can disconnect your Google account from within the app at any time. Disconnecting stops future sync activity but does not delete files already uploaded to Google Drive — those files remain in your Google Drive until you delete them yourself, either from within the app or directly in Google Drive.

08

Data Sharing

Lockify does not share vault content with third parties, other than the encrypted upload to your own Google Drive if you explicitly enable Cloud Sync, as described in Section 07. The app does not include analytics, advertising SDKs, or tracking tools.

If you choose to export a file or open it with another app, that action is performed only at your request, and data is shared directly with the app you select.

09

Internet and Network Usage

Lockify functions fully offline by default. Your vault data remains on your device unless you explicitly export it or enable the optional Cloud Sync feature.

Lockify connects to Google Play on launch to verify and restore any in-app purchases associated with your Google Play account, and to check for available app updates. This communication occurs between your device and Google Play infrastructure only — no vault data or personal content is involved.

If you enable Cloud Sync, Lockify also connects to Google Drive to upload and download your encrypted backup, as described in Section 07.

10

Google Play Services

Lockify may use Google Play's official in-app review feature to allow users to rate the app. This process is handled entirely by Google Play. Lockify does not send any vault data or personal content to Google as part of this process.

Lockify uses Google Play Billing to offer optional premium purchases, including auto-renewing subscriptions and one-time purchases. Purchase and subscription transactions are processed entirely by Google Play, and subscriptions can be managed or cancelled through your Google Play account settings. Lockify does not collect or store payment information. Purchase entitlement status is stored locally on your device only. Google's own privacy policy governs all billing and transaction data.

Lockify uses Google Play's In-App Update API to check whether a newer app version is available and to prompt you to update. This check is handled entirely by Google Play and does not involve any vault data or personal content.

11

Data Retention

All vault data remains on your device until you delete it or uninstall the app. Uninstalling the app may permanently remove vault data unless you have exported it or created a backup beforehand.

12

What We Do Not Collect

Lockify does not collect, store, or transmit:

Vault data is uploaded only if you explicitly enable Cloud Sync, and only in encrypted form, as described in Section 07.

13

Children's Privacy

Lockify is not specifically designed for children and does not target children as its primary audience. The app does not knowingly collect personal information from children. All data stored in the app is provided by the user and remains on the device.

14

Changes to This Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in app features or legal requirements. Any updates will be reflected on this page with a revised effective date. This Privacy Policy is governed by the laws of India.

15

Contact Information

If you have any questions or concerns about this Privacy Policy, you can reach us at: