Privacy Policy

Effective Date: May 12, 2026

Introduction

LockLens (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we handle your data when you use the LockLens mobile application. LockLens is a private camera and encrypted photo vault designed to keep your sensitive photos on your device, away from the cloud, and free of metadata that could expose your location or device details.

Data Collection and Usage

  • Photos: Photos captured or imported through LockLens are stored exclusively on your device in an encrypted vault. No photo data is ever transmitted off your device.
  • EXIF and Location Metadata: LockLens strips all EXIF metadata — including GPS coordinates, device model, and timestamp — from photos at the moment of capture. This happens before the image is written to storage, so the metadata is never retained.
  • Biometric Data: If you enable biometric unlock, authentication is handled entirely by the Android BiometricPrompt API and the device's secure hardware. LockLens never reads, stores, or transmits biometric data.
  • Decoy PIN and Intruder Selfie: If you set up a decoy PIN or enable the intruder selfie feature (Pro), photos taken by the break-in detection are stored locally in the encrypted vault using the same AES-256-GCM encryption as all other vault content. These images are never uploaded or shared automatically.
  • Permissions:
    • CAMERA — Required to capture photos through the private camera flow.
    • USE_BIOMETRIC / USE_FINGERPRINT — Required to unlock the vault using your device's biometric hardware.
    • READ_MEDIA_IMAGES — Required only if you choose to import existing photos from your device gallery into the encrypted vault.
  • No Internet Permission: LockLens does not request the INTERNET permission. The app is architecturally blocked from transmitting any data over a network.

Data Sharing

We do not share, sell, or transmit any of your photos, metadata, or personal data to third parties or our own servers. Because LockLens has no internet permission, no data can leave your device through the app.

Data Security

  • Encryption: All photos in the vault are encrypted using AES-256-GCM. Encryption keys are managed by the Android Keystore and are backed by the device's secure hardware where available. Keys never leave the Keystore.
  • Metadata Stripping: EXIF data is removed at capture time before any image is written to disk or the encrypted vault. There is no intermediate step where unstripped images are stored.
  • Biometric Lock: The vault requires biometric or PIN authentication on every open or foreground event, depending on your settings. Authentication state is not persisted across app sessions.
  • Screen Security: LockLens uses FLAG_SECURE to prevent screenshots and to hide the app's content from the recent apps overview (task switcher), so vault contents are never exposed to screen capture tools or the system UI.
  • Backup Policy: Android's automatic cloud backup is disabled for LockLens to ensure that encrypted vault data and cryptographic keys are never uploaded to the cloud by the operating system.

Data Retention and Deletion

Your photos remain in the encrypted vault on your device until you delete them individually within the app or uninstall LockLens. Uninstalling the app removes all vault data and the associated encryption keys from the Android Keystore. We do not have access to your data and cannot recover it if lost.

App Access

  • Device Lock Requirement: LockLens requires a secure device lock (PIN, pattern, password, or biometrics) to be configured on the device. This is a prerequisite for the Android Keystore to generate hardware-backed encryption keys for the vault.
  • Decoy PIN (Pro): The decoy PIN feature presents an alternate vault with separate content when a secondary PIN is entered. The decoy vault is also AES-256-GCM encrypted and stored exclusively on-device.
  • Intruder Selfie / Break-in Selfie (Pro): If enabled, a failed authentication attempt triggers a silent front-camera capture. The resulting photo is stored in the encrypted vault and is only accessible to you. It is never transmitted anywhere.

Contact Us

If you have any questions about this Privacy Policy, please contact us at [email protected].

© 2026 RichfieldLabs LLC. All rights reserved.