⚖️ Legal Documents

Privacy & Terms

Plain language. No hidden clauses. Everything Cipher Compass does with your data — which is almost nothing.

Developer: Vymoir Studio App: Cipher Compass Effective: 11 March 2026 Last updated: 11 March 2026
The short version: Cipher Compass collects nothing about you. No accounts, no analytics, no servers, no ads. Your files are encrypted on your device and never leave it.
Section 1

Who We Are

Cipher Compass is developed by Vymoir Studio, an independent solo developer. Contact: vymoirstudio@gmail.com

This Privacy Policy applies to the Cipher Compass Android application and this website.

Section 2

What Data We Collect

🚫

We do not collect

  • Your name, email address, or any personal identifiers
  • Your files, photos, videos, or documents
  • Your vault PIN, recovery phrase, or any credentials
  • Device identifiers, IP addresses, or location data
  • Usage analytics or crash reports
  • Any data transmitted to our servers (we have none)
📱

What stays on your device only

  • Encrypted vault files — stored in your device's private app storage, encrypted with AES-256-GCM
  • Your PIN hash — a one-way hash stored locally; we cannot reverse it
  • Recovery phrase hash — same; hashed locally, never stored in plaintext
  • App settings — your compass degree, gesture type, and feature preferences, stored locally in SharedPreferences
  • Encryption keys — generated on your device and stored in Android's hardware-backed Keystore; Vymoir Studio has no access
Section 3

Permissions We Request

Storage Access (MANAGE_EXTERNAL_STORAGE)

Required to read files you choose to encrypt — including photos, videos, audio files, and documents — and to delete original files after encryption. We access only files you explicitly select. We never scan your storage automatically.

Biometrics (USE_BIOMETRIC)

Optional. Used only to authenticate you into the vault. Biometric data is handled entirely by Android's BiometricManager — we never receive or store your fingerprint or face data.

Device Administrator (optional)

Optional. If you enable Uninstall Protection in Settings, we request Device Administrator permission. This lets Android show a warning dialog before the app is uninstalled. You can revoke this at any time from within the app or from Android Settings → Security → Device Admin Apps.

Network Access (INTERNET)

Required only for in-app purchase processing and subscription validation through RevenueCat. This connection is used exclusively to verify your purchase status with Google Play. Your vault contents, encrypted files, passwords, recovery phrase, and all personal data never leave your device. We have no servers that receive your data.

Permissions we intentionally do NOT request

  • READ_CONTACTS, CAMERA, MICROPHONE, LOCATION — never requested, never used.
Section 4

How We Protect Your Data

  • AES-256-GCM encryption with unique IV per file
  • Android Hardware Keystore — encryption keys bound to your device hardware
  • Argon2 password hashing — industry-standard memory-hard hashing protects your PIN against brute force
  • FLAG_SECURE — all app screens are protected from screenshots, screen recording, and remote VNC capture (including PromptSpy-type malware)
  • Cloud backup disabled — Google Backup and device-to-device transfer are fully disabled for all app data
  • No internet permission — the app physically cannot transmit data
PromptSpy protection: Cipher Compass sets FLAG_SECURE before the app window is created. This means all screens — including your PIN entry screen — appear as a black screen to any screen recording or remote access tool, including malware that uses VNC or Accessibility Services to capture screen content.
Section 5

Data Sharing

We share your data with nobody. There are no third-party SDKs, no analytics services, no advertising networks, and no data brokers involved in Cipher Compass.

We have no servers. There is nowhere for your data to go.

Section 6

Your Rights

Since we collect no personal data, there is nothing for us to delete, export, or correct on our end. All your data lives on your device. You can delete all app data at any time by uninstalling the app.

Warning: Uninstalling the app or using Android's "Clear Data" option will permanently delete your encryption keys. Any files that remain encrypted will be inaccessible. Always export your files before uninstalling.
Section 7

Children's Privacy

Cipher Compass is not directed at children under 13. We do not knowingly collect data from anyone, including children.

Section 8

Changes to This Policy

If we update this policy, we will update the "Last updated" date above. Significant changes will be noted in the app update release notes on Google Play.

Section 9

Contact

Questions about this policy: vymoirstudio@gmail.com

Developer: Vymoir Studio App: Cipher Compass Effective: 11 March 2026
By downloading or using Cipher Compass, you agree to these terms. Please read them — they are short and written in plain language.
Section 1

What Cipher Compass Is

Cipher Compass is a private file vault application for Android. It encrypts files on your device and hides the vault behind a compass interface. It is developed and maintained by Vymoir Studio, an independent solo developer.

Section 2

License

Cipher Compass is licensed to you for personal, non-commercial use on Android devices you own or control. You may not:

  • Reverse engineer, decompile, or disassemble the app
  • Redistribute, resell, or sublicense the app
  • Use the app for any illegal purpose
Section 3

Your Responsibility for Your Data

Critical: Cipher Compass is a local-only encryption app. If you lose your PIN and recovery phrase, your files cannot be recovered. Not by us, not by anyone. There is no password reset, no customer support backdoor, and no cloud backup unless you set one up yourself.

You are solely responsible for:

  • Remembering or securely storing your vault PIN
  • Keeping your recovery phrase in a safe place
  • Exporting files before uninstalling the app
  • Not using the app for storing content that is illegal in your jurisdiction
Section 4

Premium Features

Certain features (currently Paranoid Mode) require a one-time in-app purchase. This purchase is:

  • One-time only — no recurring charges, ever
  • Permanent — tied to your Google Play account; restores if you reinstall
  • Non-refundable after 48 hours per Google Play's refund policy

We do not offer subscriptions. We do not charge for core vault functionality. The free version of Cipher Compass is fully functional.

Section 5

Disclaimer of Warranties

Cipher Compass is provided "as is." While we have implemented industry-standard security measures, we cannot guarantee absolute security. No software is immune to all threats. We are not liable for:

  • Data loss due to device failure, loss, or theft
  • Loss of access due to forgotten PIN or lost recovery phrase
  • Security vulnerabilities in the Android OS or device firmware
  • Any damages arising from use or inability to use the app
Section 6

Acceptable Use

You agree not to use Cipher Compass to store, distribute, or conceal:

  • Content that is illegal under applicable law
  • Child sexual abuse material (CSAM) — strictly prohibited
  • Content that violates another person's rights

Violation of these terms may result in being banned from future versions and reported to relevant authorities where legally required.

Section 7

Updates and Changes

We may update the app and these terms over time. Continued use after updates constitutes acceptance of any revised terms. Material changes will be communicated through Google Play release notes.

Section 8

Governing Law

These terms are governed by the laws of India.

Section 9

Contact

Questions, concerns, or feedback: vymoirstudio@gmail.com