🔒 HushPic Privacy Policy

Last Updated: January 2025

Information We DON'T Collect

We take pride in what we don't do:

• No personal information - We don't collect your name, email, phone number, or any identifying information
• No message content - Your secret messages are never uploaded to our servers or stored anywhere except on your device
• No photos - All photo processing happens locally on your iPhone. Your photos never leave your device
• No usage analytics - We don't track how you use the app
• No advertising data - We don't serve ads or collect advertising identifiers
• No location data - We don't access or collect your location

How HushPic Works

HushPic processes everything locally on your device:

• When you hide a message in a photo, the encryption and embedding happens entirely on your iPhone
• When you reveal a message, the decryption happens on your device
• Messages are stored in the photo's metadata using industry-standard encryption
• No internet connection is required to hide or reveal messages

Photo Library Access

HushPic requests access to your Photo Library for the following purposes:

• Selecting photos - To let you choose which photo to hide a message in
• Saving photos - To save the photo with the hidden message back to your library

We only access the specific photos you select. We never scan, upload, or access other photos in your library.

In-App Purchases

HushPic offers credits and unlimited access through in-app purchases:

• All purchases are processed securely by Apple through the App Store
• We do not collect or store payment information
• Purchase history is managed by Apple and synced via your Apple ID
• We only receive confirmation that a purchase was made (no payment details)

Data Storage

The only data stored on your device includes:

• Credit balance - Stored locally on your device
• Purchase receipts - Managed by Apple's StoreKit framework
• Message history - Optional thumbnails and metadata for your convenience (you can clear this anytime)

This data is stored locally using Apple's secure storage mechanisms and is never transmitted to external servers.

Cross-Device Sync

Purchase information syncs across your devices through Apple's infrastructure:

• Your purchase history (credits and unlimited status) syncs via Apple ID
• This is handled entirely by Apple's StoreKit framework
• We do not create or manage user accounts
• Syncing requires you to be signed into the same Apple ID on multiple devices

Third-Party Services

HushPic does not use any third-party services for:

• Analytics
• Advertising
• Crash reporting
• Data storage

The only third-party service we use is Apple's StoreKit for processing in-app purchases, which is a required part of the iOS ecosystem.

Children's Privacy

HushPic does not knowingly collect any information from children. The app is designed to be privacy-friendly for users of all ages.

Security

We implement security best practices:

• Messages are encrypted using industry-standard AES-256 encryption
• Password-protected messages use PBKDF2 key derivation
• All cryptographic operations use Apple's CryptoKit framework
• Failed password attempts are tracked to prevent brute-force attacks

Your Rights

Since we don't collect any personal data, there's nothing for us to delete, export, or modify. You have complete control:

• Delete the app to remove all local data
• Clear message history in Settings anytime
• Restore purchases on any device signed into your Apple ID

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted here with an updated "Last Updated" date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this Privacy Policy or HushPic's privacy practices, please contact us at:

Email: lamplough.alex+hushpic@gmail.com