EN FR

Privacy Policy

Last updated: February 11, 2024

Karnet Vault is designed with privacy as its core principle. This policy explains how we handle your data — or more accurately, how we don't.

Local-Only Data Storage

All your health records, documents, and personal information are stored exclusively on your device. We do not operate any servers or cloud services that store your data. Your information never leaves your phone unless you explicitly export it.

No Cloud, No Servers, No Accounts

Karnet Vault does not require an account to use. There is no sign-up process, no email collection, and no password to remember (other than your local PIN). We have no servers that could be hacked because your data simply isn't there.

No Analytics, Tracking, or Third-Party SDKs

We do not include any analytics tools, tracking pixels, or third-party advertising SDKs in Karnet Vault. We cannot see how you use the app, what records you create, or any of your personal information. There are no ads.

Device Permissions

Karnet Vault may request the following permissions, all of which are used exclusively for local functionality:

  • Camera: To scan and photograph health documents
  • Biometrics: To enable fingerprint or face authentication
  • Notifications: To send vaccination reminders (optional)
  • File System: To create and manage encrypted backups

AES-256 Encryption

All data stored by Karnet Vault is encrypted using AES-256, the same encryption standard used by banks and governments. Your encryption keys are stored in your device's secure enclave (iOS) or Android Keystore, protected by your device's hardware security.

PIN & Biometric Authentication

Access to your data requires authentication every time you open the app. You can use your PIN, fingerprint, or face recognition depending on your device capabilities and preferences.

User-Controlled Encrypted Backups

When you create a backup, it is encrypted before being saved. You control where backup files are stored — your device, your cloud storage account (like iCloud or Google Drive), or an external drive. We never have access to your backups.

No Data Sharing

We do not share, sell, or transfer any of your data to third parties because we don't have access to it. The only way data leaves your device is when you explicitly export a PDF to share with a healthcare provider.

Children & Dependents

You can add health records for children and dependents. These records follow the same local-only, encrypted storage model as all other data in the app.

Data Deletion

To delete your data, you can either delete specific records within the app, or uninstall the app entirely which removes all data from your device. Since we don't store anything on servers, there's no server-side data to delete.

Contact

If you have questions about this privacy policy, please contact us at:

karnetvault.fznta@simplelogin.com