Privacy Policy

Blackbox ("we," "our," or "us") is committed to protecting your privacy and maintaining the highest standards of data security. This Privacy Policy explains how we handle your data, our zero-knowledge architecture, and your rights regarding your information when you use our mobile application ("App").

1. Zero-Knowledge Architecture

Blackbox is built on a zero-knowledge architecture, which means we cannot access, read, or decrypt your data under any circumstances. This fundamental principle ensures your complete privacy and security.

1.1 What We Cannot Access

• We cannot decrypt your data - All vault data is encrypted using AES-256 encryption before it leaves your device
• We cannot read your data - We have no access to encryption keys or your specific Vault PINs
• We cannot access your PINs - Vault PINs (including Decoy PINs) never leave your device and are used locally only
• Plausible Deniability (Decoy Vaults) - The app supports multiple independent vaults. Entering a "Decoy PIN" opens a separate, isolated environment. We cannot know how many vaults you have or which one is the primary
• Lock Methods - We support PIN, Pattern Match, and Piano Sequence. All patterns/sequences are encrypted locally and never transmitted
• Encryption Keys - Keys are derived from your PINs using PBKDF2 and never leave your device
• We act as a pass-through - We only sync encrypted files; we do not process or handle your data

2. Data Encryption and Security

2.1 End-to-End Encryption (E2EE)

All vault data is protected using industry-standard, military-grade encryption:

• Encryption Standard: Advanced Encryption Standard (AES) with 256-bit keys
• Key Derivation: Industry-standard key derivation function with sufficient iterations to ensure strong key generation
• Encryption Mode: Secure block cipher mode with unique initialization vectors for each operation
• Salt: Unique cryptographically secure random salt generated for each encryption operation
• Client-Side Encryption: All encryption and decryption occurs on your device before any data transmission
• No Backdoors: The encryption implementation has no backdoors or master keys that could compromise your data

2.2 PIN Security

• Your PIN is never transmitted over the network
• Your PIN is never stored in cloud storage
• Your PIN is only used locally on your device for encryption and decryption
• Encryption keys are derived from your PIN using PBKDF2 and never leave your device
• If you forget your PIN, we cannot recover your data - this is by design to ensure your privacy

2.3 Data Flow

Here's how your data is protected:

1. On Your Device: Vault data is encrypted using AES-256 with a key derived from your PIN
2. Before Upload: Only the encrypted data (unreadable without your PIN) is prepared for sync
3. During Sync: Encrypted data is transmitted to cloud storage (your iCloud/Google Drive or our secure servers)
4. In Cloud Storage: Data remains encrypted and unreadable without your PIN
5. On Restore: Encrypted data is downloaded and decrypted locally on your device using your PIN

3. Information We Collect

3.1 Vault Data

We do not collect, process, or have access to your vault data. Your vaults contain:

• Files, photos, videos, notes, and other content you store in vaults
• All content is encrypted on your device before any storage or sync
• We only handle encrypted blobs that are unreadable without your PIN
• We cannot see, read, or access the contents of your vaults

3.2 Subscription Information

For Premium subscription management:

• We use RevenueCat to process in-app purchases and subscription management
• RevenueCat collects purchase information, including transaction IDs and subscription status
• Purchase data is linked to your app store account (Google Play or Apple App Store)
• We do not collect or store payment card information
• Subscription status is stored locally on your device using secure storage

3.3 Cloud Sync Data

When you enable cloud sync:

• User's Storage Option: Encrypted vaults are synced to your own cloud storage (iCloud Drive or Google Drive). We have no access to this data.
• Blackbox Cloud Option: Encrypted vaults are stored on secure servers powered by Backblaze B2. We store only encrypted blobs that we cannot decrypt.
• Storage Usage: We track the total size of encrypted data (in GB) for storage limit management, but we cannot see the contents
• Sync Metadata: We store minimal metadata (vault IDs, last sync timestamps) to manage sync operations
• No Content Access: We cannot read, decrypt, or access the actual content of your vaults

3.4 App Usage Data

We store the following locally on your device:

• Premium subscription status (stored securely using Expo SecureStore)
• Cloud sync preferences (enabled/disabled, sync method selection)
• Per-vault sync settings (which vaults are enabled for sync)
• Storage usage statistics (total GB used, for display purposes only)
• Unlock style preferences (PIN, Pattern Match, Piano Sequence)
• No usage analytics, telemetry, or behavioral data is sent to our servers

3.5 Advertising Data

For users of the Free version which is ad-supported:

• We partner with IronSource (Unity LevelPlay) to deliver advertising
• Advertising partners may collect data such as device identifiers (Advertising ID), approximate location, and device data to show relevant ads
• This data is collected and processed by ad network partners subject to their own privacy policies
• Pro and Ultra users receive an ad-free experience and no ad-related data is collected

3.6 Authentication Data

For Blackbox Cloud (optional cloud storage service):

• If you choose to use Blackbox Cloud, you may create an account with email and an **Account Password**
• **Important Distinction:** Your **Account Password** allows you to log into the cloud service, while your **Vault PINs** are used to encrypt your data. We do not have access to your Vault PINs, even if you are logged into your account
• Passwords are hashed using bcrypt (secure hashing algorithm) before storage
• We use JWT tokens for authentication (stored securely on your device)
• Authentication is only used to manage your cloud storage account - it does not provide access to your encrypted vault data

4. How We Use Your Information

4.1 Vault Data

• We do not use your vault data - We cannot access it due to our zero-knowledge architecture
• Encrypted vault files are stored or synced as-is without any processing
• We do not analyze, scan, or inspect the contents of your vaults
• We do not use your data for analytics or any other purpose beyond storage

4.2 Subscription Management

• Purchase information is used to verify and maintain your Premium subscription status
• Subscription status is checked through RevenueCat's servers to ensure validity
• Purchase data is used to restore your subscription if you reinstall the App
• Storage tier purchases are tracked to manage your cloud storage limits

4.3 Cloud Sync Services

• User's Storage: We facilitate sync to your iCloud/Google Drive, but we do not access the data
• Blackbox Cloud: We store encrypted vault files on secure servers (Backblaze B2) with encryption at rest
• We track storage usage (total GB) to enforce storage limits for Premium users
• We do not decrypt, read, or process the encrypted vault files
• Sync operations are automated and do not involve human access to your data

5. Data Storage and Security

5.1 Local Storage

• All vault data is stored locally on your device in encrypted format
• Vault files are encrypted using AES-256 before being written to device storage
• User settings are stored using Expo SecureStore (encrypted storage)
• Unlock patterns and piano sequences are encrypted and stored securely
• You can clear app data at any time through your device settings

5.2 Cloud Storage Options

5.2.1 User's Storage (iCloud/Google Drive)

• Encrypted vaults are synced to your own cloud storage account
• You maintain full ownership and control of your data
• We have no access to your iCloud or Google Drive accounts
• Data is subject to your cloud provider's terms and privacy policies
• You can disable sync or delete cloud data at any time

5.2.2 Blackbox Cloud (Our Servers)

• Encrypted vaults are stored on Backblaze B2 Cloud Storage
• Data is stored with server-side encryption as an additional security layer
• Each user's data is isolated in separate folders (user isolation)
• We use industry-standard security practices and access controls
• Even with server access, we cannot decrypt your data without your PIN
• Data is stored in secure data centers with physical and digital security measures

5.3 Third-Party Services

• RevenueCat: Handles subscription management. Purchase data is encrypted in transit and at rest. See RevenueCat's Privacy Policy for details.
• Backblaze B2: Provides cloud storage infrastructure for Blackbox Cloud. Data is encrypted at rest and in transit. See Backblaze Privacy Policy for details.
• IronSource: Provides advertising services for the free version. See IronSource Privacy Policy for details.
• Google Play / Apple App Store: Handles payment processing. We do not receive payment card information.
• iCloud Drive / Google Drive: When using user's storage option, your encrypted data is stored in your own cloud accounts, subject to their privacy policies.

5.4 Security Measures

• End-to-End Encryption: All vault data is encrypted before leaving your device
• Strong Key Derivation: Industry-standard key derivation (PBKDF2) to prevent brute-force attacks
• Unique Encryption: Each vault and file uses unique encryption keys and initialization vectors
• Secure Storage: Sensitive data (PINs, keys) stored locally using secure, encrypted device storage
• HTTPS/TLS: All network communications are encrypted using the latest TLS protocols
• Rate Limiting: API endpoints and authentication are protected to prevent abuse
• No Backdoors: We have designed the system so that even we cannot access your data
• Regular Security Updates: We continuously update our security practices to address emerging threats

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information or vault data. We share data only in the following limited circumstances:

• RevenueCat: Purchase and subscription data is shared with RevenueCat for subscription management. This does not include vault data.
• IronSource: For free users, advertising IDs and device data may be shared with IronSource to facilitate ad delivery.
• Backblaze: Encrypted vault files are stored on Backblaze B2 for Blackbox Cloud users. Backblaze cannot decrypt the data.
• Your Cloud Storage: When using user's storage option, encrypted vaults are synced to your iCloud/Google Drive account.
• Legal Requirements: We may disclose information if required by law, court order, or to protect our rights, property, or safety. However, we can only provide encrypted data that we cannot decrypt.
• Service Providers: We may use third-party services (hosting, payment processing) that process encrypted data, but they cannot decrypt it.

Important: Even if we were legally compelled to provide your data, we can only provide encrypted files that are unreadable without your PIN. We do not have the ability to decrypt your data.

7. Your Rights and Choices

7.1 Data Control

• You own your data: All vault content belongs to you
• You control encryption: Your PIN controls access to your data
• You choose sync: Cloud sync is disabled by default and can be enabled/disabled at any time
• You choose storage: You can use your own cloud storage or Blackbox Cloud
• You can delete: You can delete vaults, disable sync, or delete cloud data at any time
• You can export: You can export your decrypted files locally at any time

7.2 Cloud Sync Management

• Cloud sync is disabled by default - you must explicitly enable it
• You can choose which vaults to sync (per-vault control)
• You can switch between user's storage and Blackbox Cloud at any time
• You can disable cloud sync entirely, which stops all cloud operations
• You can delete your cloud data from Blackbox Cloud servers at any time

7.3 Your Right to Erasure

In compliance with global privacy regulations (GDPR, CCPA, App Store Guidelines), we provide three distinct and granular options for removing your data:

• Access: Permanent closure at www.meetblackbox.com/delete-account.
• Verification: For your security, account deletion requires your main Account Password and a specific confirmation phrase.
• Irreversibility: Once a "Permanent Account Closure" or "Delete Vault" is executed, the encryption keys and data are scrubbed following our Zero-Knowledge policy and cannot be recovered by us or anyone else.

7.4 Subscription Management

• You can restore your Premium subscription at any time through the App's settings
• Subscription purchases are managed through your app store account
• You can cancel or manage your subscription through Google Play or Apple App Store settings
• If your subscription expires, premium features will be locked, but your local data remains accessible

8. App Store and Play Store Compliance

8.1 Data Handling

• We do not handle user data - Data is encrypted client-side before any transmission
• We do not process user data - We only sync encrypted files without processing
• We do not have access to user data - Encryption keys never leave the device
• We act as a pass-through - Encrypted files are synced to cloud storage without decryption
• Data is stored in user's own cloud storage - When using user's storage option, data goes to their iCloud/Google Drive
• User maintains full control and ownership - Users can enable/disable sync and delete data at any time

8.2 Data Safety (Play Store)

• Data encryption: Yes, AES-256 encryption in transit and at rest
• Data sharing: No, except for ad networks (for free users) and cloud providers for storage
• Data collection: Minimal (Account info for sync, subscription status). No content collection.
• Data access: No, we cannot access encrypted data
• Data deletion: Users can delete their data at any time inside the app

8.3 App Privacy (App Store)

• Data collected: Contact Info (Email - optional), Identifiers (Device ID - for ads).
• Data linked to user: Contact Info (for Cloud Sync account).
• Data used to track: Identifiers (Device ID) may be used by third-party ad networks for serving ads.
• Data shared with third parties: Encrypted blobs (Cloud Storage), Advertising ID (Ad Networks).

9. Children's Privacy

Blackbox is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. However, due to our zero-knowledge architecture, we cannot access or verify the contents of any vaults.

10. International Data Transfers

Your encrypted data may be processed and stored in countries other than your country of residence. RevenueCat, Backblaze, and IronSource operate globally and may transfer data to servers located in different countries. By using the App, you consent to such transfers. However, your data remains encrypted and unreadable regardless of where it is stored.

11. Data Retention

• Vault Data: Stored locally on your device and in cloud storage (if sync is enabled) until you delete it. We do not retain copies.
• Purchase Data: RevenueCat retains purchase data as required for subscription management and legal compliance.
• Cloud Storage: Encrypted vaults remain in cloud storage until you delete them or disable sync.
• Account Data: If you delete your Blackbox Cloud account, all encrypted vaults and account information are permanently deleted immediately.
• Local Settings: Stored on your device until you uninstall the App or clear app data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes. Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Us

14. Third-Party Privacy Policies

For more information about how third-party services handle your data:

• RevenueCat Privacy Policy: https://www.revenuecat.com/privacy
• Backblaze Privacy Policy: https://www.backblaze.com/privacy
• IronSource Privacy Policy: https://developers.is.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/
• Google Privacy Policy: https://policies.google.com/privacy
• Apple Privacy Policy: https://www.apple.com/privacy/

15. Security Best Practices

To maintain the security of your data, we recommend:

• Choose a strong, unique PIN that you can remember (we cannot recover it if forgotten)
• Enable cloud sync for backup, but understand that you control when it's enabled
• Keep your device and app updated to the latest version for security patches
• Use device-level security (screen lock, biometric authentication)
• Regularly review your synced vaults and delete unnecessary data
• Be cautious when sharing your device with others