Privacy Policy
Last updated: March 29, 2026
Cipher (“we”, “our”, “the app”) is operated by Cipher Tracker LLC. This privacy policy explains what data Cipher collects, how it's handled, and what control you have over it.
If you have questions, contact us at app@cipher-app.org.
The short version
Your health and habit data is encrypted on your device before it goes anywhere. We cannot read it. We don't sell data. We don't run ads. We don't share your information with data brokers.
What data Cipher collects
Data you enter into trackers
Cipher lets you track health and wellness data across 12 categories: alcohol, caffeine, cannabis, nicotine, screen time, calories/food, sleep, exercise, hydration, medication, menstrual cycle, and journal entries.
All tracker data is encrypted on your device using AES-256 encryption before being stored or synced. The encryption key is derived from your password, which never leaves your device. We store only the encrypted output — we have no way to decrypt or read your tracker data.
Account credentials
When you set up Cipher, you create a password. This password is stored locally on your device in the operating system's secure storage (iOS Keychain or Android Keystore). It is not transmitted to our servers.
If you set up a PIN for daily unlock, the PIN-derived key is stored locally in secure storage as well.
Subscription information
If you purchase a subscription (monthly, yearly, or lifetime), the transaction is processed by Apple (App Store) or Google (Google Play). We receive a record of your subscription status (active, expired, etc.) and an anonymous user identifier. We do not receive your payment details — Apple and Google handle that directly.
Food search queries
When you use the food search or barcode scanner in the Calorie tracker, your search terms or barcode numbers are sent to a third-party nutrition database to retrieve food and nutrition information. These queries are not linked to your account or identity — they are anonymous API requests.
Device information
We collect minimal technical information necessary for the app to function:
- •Device platform (iOS or Android)
- •App version number
- •Subscription status
We do not collect your name, email address, phone number, location, contacts, photos, or browsing history.
How your data is stored
Encryption
All health and tracker data is encrypted using AES-256-CTR with the following properties:
- •A unique encryption key is derived from your password using PBKDF2-HMAC-SHA256 with 50,000 iterations
- •A random 128-bit salt is generated per account
- •A random initialization vector (IV) is generated for each encryption operation
- •HMAC-SHA256 integrity verification protects against data tampering
- •Your password never leaves your device
The encrypted data is stored on a secure cloud database. The server stores only the encrypted blob — it cannot decrypt or access the contents.
What our cloud storage can see
Our cloud storage can see:
- •That encrypted data exists for your account
- •The size of the encrypted data
- •When the data was last synced
- •The encryption salt (this is not sensitive — it's useless without your password)
Our cloud storage cannot see what you tracked, when you tracked it, or any patterns in your data.
Local storage
Some data is stored locally on your device:
- •Your password (in iOS Keychain / Android Keystore)
- •Your PIN (encrypted, in secure storage)
- •Cached tracker data (encrypted via the same AES-256 scheme)
- •App preferences and settings
Third-party services
Cipher uses the following third-party services:
| Service | Purpose | Data shared |
|---|---|---|
| Cloud database provider | Cloud storage for encrypted data backup | Encrypted blobs only — contents unreadable |
| Nutrition database provider | Food nutrition database and barcode lookup | Search queries and barcode numbers (anonymous, not linked to account) |
| Apple / Google | In-app purchase processing | Payment handled entirely by Apple/Google — we don't receive payment details |
We do not use advertising SDKs, analytics tracking, or any data broker services. We do not use Facebook SDK, Google Analytics, or any similar tracking tools.
What we don't do
- •We don't sell your data. Not to advertisers, not to data brokers, not to anyone.
- •We don't serve ads in the app.
- •We don't track your behavior, location, or browsing activity.
- •We don't share your health data with third parties.
- •We can't read your encrypted tracker data, even if legally compelled to hand over our database — the data is meaningless without your password, which we don't have.
Your rights and controls
Viewing your data
All your data is visible within the app through the Calendar, Archive, and Analytics screens.
Deleting your data
You can delete all of your data at any time from Settings within the app. This permanently removes your encrypted data from both the device and our servers. This action cannot be undone.
Account deletion
Deleting your data through the app removes everything. There is no separate “account” to delete beyond the encrypted data stored on our servers.
Data portability
Your tracker data is stored in an encrypted format. Because only your device can decrypt it, data export is available through the app's interface.
Password recovery
There is no password recovery mechanism. Your password is the only way to derive the encryption key for your data. If you lose your password, your data cannot be recovered by anyone — including us. This is intentional and by design.
Children's privacy
Cipher is not intended for use by anyone under the age of 18. We do not knowingly collect data from children. The app tracks substances including alcohol, cannabis, and nicotine, and is designed for adult users.
Data retention
Your encrypted data is stored on our servers for as long as you use the app. If you delete your data through the app, it is permanently removed.
We do not retain backups of deleted data. When it's gone, it's gone.
Security
Beyond encryption, Cipher implements the following security measures:
- •Certificate pinning on all server connections, preventing man-in-the-middle attacks
- •PIN-protected access with AES-encrypted password storage behind the PIN
- •Secure credential storage using iOS Keychain and Android Keystore
- •No sensitive data logging — the app uses a secure logger that redacts personal information
Changes to this policy
If we make changes to this privacy policy, we will update the “Last updated” date at the top. For significant changes, we will notify users through the app.
Contact
If you have questions about this privacy policy or how Cipher handles your data:
Email: app@cipher-app.org
Website: cipher-app.org
© 2026 Cipher Tracker LLC. All rights reserved.