VeilKeep — Privacy Policy

Last updated: October 6, 2025

At a glance

• Sign-in uses Sign in with Apple only (authentication and account identification).
• All note content, checklists, and attachments are stored locally on your device and encrypted. The encryption key stays on your device; we do not have access to it.
• We do not use advertising trackers or third-party analytics SDKs.
• We may use notifications (if you allow them) to remind you about app-related events.

1) Who we are

VeilKeep (the “App”, “we”, “us”, “our”).
VeilKeep is developed and published by an independent developer. Developer contact details are provided in the Contact us section below.

2) Data we process

2.1 Authentication (Sign in with Apple)

VeilKeep uses Sign in with Apple as its authentication method.

When you sign in with Apple, Apple provides the App with:

• A stable user identifier specific to VeilKeep.
• Your email address, which can be either your real email or a private relay email, depending on what you choose during sign-in.
• Authentication tokens required to keep you signed in.

We do not receive your Apple ID password. Sign in with Apple is fully handled by Apple; VeilKeep only receives the minimum information needed to:

• Create and recognize your VeilKeep account on this device,
• Keep you signed in,
• Associate purchases or features with your Apple identity where applicable.

We do not run a separate username/password system on our own servers.

2.2 On-device data (local)

VeilKeep is designed so that your note content stays on your device.

We store locally on your device:

• Notes and checklists,
• Attachments (for example, files or other content you add),
• Encryption keys and metadata needed for secure offline storage,
• App settings and preferences (e.g., theme, lock options, etc.).

This data does not leave your device unless you explicitly choose to:

• Export or share notes/attachments via the system share sheet or similar, or
• Include the App’s data in device backups that you control (for example, iOS backups).

We cannot decrypt your notes: the encryption key is stored only on your device and is never sent to us or to Apple as part of VeilKeep.

2.3 Notifications data

If you allow notifications, VeilKeep may process:

• Simple reminder or status information needed to show notifications (for example, that a reminder should be displayed at a certain time).

Notification content is derived from your local app data and processed on your device. We do not upload your note content to our own servers for the purpose of notifications.

You can control notification settings in your device settings (see Device permissions below).

2.4 Diagnostics and logs

By default, VeilKeep does not include in-app analytics or behavioral tracking.

However, your device and the app store provider (for example, Apple) may collect optional crash reports and diagnostics, if you opt in at the system level. These may include:

• Device model,
• Operating system version,
• App version,
• Technical information about a crash or error.

We may access this data in aggregate to:

• Improve app stability,
• Diagnose problems,
• Make future compatibility decisions.

You can control whether to share such diagnostics in your device’s privacy/analytics settings.

3) Purposes & legal bases

Where applicable (e.g., under GDPR), our legal bases for processing are:

• Contract performance
  To provide sign-in with Apple and maintain your session.
  To operate VeilKeep’s core functionality (encrypted local notes).
• Legitimate interests
  To ensure security and prevent abuse.
  To maintain and improve app stability and performance using limited technical diagnostics.
• Consent
  For notifications, if you allow them in system settings.
  For OS-level diagnostics/crash sharing, where governed by your device settings.

You may withdraw your consent to optional permissions at any time through your device settings.

4) Storage & retention

• Auth tokens from Sign in with Apple may be stored in secure device storage (e.g., Keychain) and are removed when you sign out or delete the App.
• Local notes, checklists, and attachments remain on your device for as long as you keep them in the App or until you delete the App and its data.
• Notification schedules and related metadata are kept locally as long as needed for notifications to function, or until you disable them or delete the App.
• Any OS-level crash/diagnostic data is managed by Apple according to their own policies.

VeilKeep does not maintain a separate remote database of your note content.

5) Where processing occurs

• Your note content, encryption keys, and notification data are processed on your device.
• Authentication data is processed by Apple when you use Sign in with Apple.
• Any OS-level backups or analytics are processed by Apple under its own terms.

6) Sharing with third parties

• We do not sell your personal data.
• We do not use third-party advertising SDKs or trackers in VeilKeep.
• Apple acts as:
  • the identity provider for Sign in with Apple, and
  • the platform provider (iOS, App Store, backup and analytics infrastructure).
• Data may be disclosed if required by law (e.g., a valid court order) and only to the extent legally required.

We do not share your encrypted note content with any third party.

7) Security

We take reasonable measures to protect the limited data processed through VeilKeep:

• Notes and attachments are encrypted locally, with keys stored only on your device.
• Authentication tokens and sensitive items are stored in secure device storage where available.
• We minimize the amount of data sent outside the device and rely primarily on on-device processing.

No system can be perfectly secure. You are responsible for maintaining the security of your device (for example, by using a passcode and not sharing your Apple ID credentials).

8) Your rights

Depending on your jurisdiction, you may have rights to:

• Access your personal data,
• Correct inaccurate data,
• Request deletion of data (“right to be forgotten”),
• Restrict or object to certain kinds of processing,
• Data portability (where applicable),
• Withdraw consent where processing is based on consent.

In practice:

• Local notes and attachments
  You can manage and delete them directly inside VeilKeep or by deleting the App and its data from your device. We cannot decrypt or remotely access your notes.
• Sign in with Apple data
  You can manage app access in your Apple ID settings (e.g., revoke Sign in with Apple for VeilKeep).

Because much of the relevant data is controlled by Apple (Apple ID, iOS diagnostics, backups), some actions must be performed using Apple’s tools and settings. If you have questions or requests related specifically to VeilKeep, please contact us (see below).

9) Children

VeilKeep is not intended for individuals under 13 (or another age defined by local law in your jurisdiction). We do not knowingly collect data from such users.

If you believe that a child under the relevant age has used VeilKeep and provided data in a way that we control, please contact us so that we can take appropriate action.

10) Contact us

If you have any questions about this Privacy Policy or how VeilKeep handles your data, please contact:

• Email: devalexmob360@gmail.com
• Developer: VeilKeep

Please include enough detail for us to understand your request (for example, that it concerns VeilKeep).

11) Changes to this Policy

We may update this Policy from time to time. When we do:

• The updated version will be made available in the App and/or on our website, and
• The “Last updated” date at the top will indicate when the changes took effect.

Your continued use of VeilKeep after an updated Policy takes effect means that you accept the changes.

12) Account deletion and Sign in with Apple

VeilKeep does not maintain a separate remote account database; your identity in the App is tied to Sign in with Apple.

To effectively “delete your account” in the context of VeilKeep, you can:

1. Revoke Sign in with Apple access for VeilKeep in your Apple ID settings:
   • On your device, go to Settings → [your name] → Password & Security → Apps Using Your Apple ID,
   • Select VeilKeep and choose to stop using Apple ID with this app.
2. Delete local data:
   • Delete your notes and attachments directly in the App, or
   • Delete the VeilKeep app from your device (which typically removes its local data).

If you have additional questions about account-related data, you can contact us by email.

13) Device permissions

VeilKeep may request the following permission:

• Notifications (Push / Local Notifications) – to send you app-related alerts, such as reminders or status updates related to your content or app activity.

Details:

• Notification content is generated from your local app data and processed on your device.
• We do not send your encrypted note content to our own servers for the purpose of notifications.

You can revoke notification permissions at any time in your device settings. If you do so, VeilKeep will remain usable, but certain features (such as reminders or alerts) may no longer function as intended.