Privacy Policy

Last updated July 8, 2026

This policy explains what Secure Folder: Incogni Vault collects, why, and what you can do about it. Secure Folder is an iOS app operated by Mehmet Ali Kısacık, an individual based in Istanbul, Turkey, who acts as the data controller for the purposes of this policy.

In short: the photos, videos, and files you put in your vault are stored only on your device. There is no account, and your content is never uploaded to us or anyone else. The app collects anonymous usage analytics so we can improve it, and Apple processes any purchases. We do not show third-party ads, sell your data, or use it for targeted advertising.

Does Secure Folder upload my photos?

No — under no circumstances. Secure Folder does not upload your photos, videos, files, or notes anywhere. The app has no storage server: content is saved inside the app's protected local storage on your iPhone and never leaves it. Your PIN, decoy PIN, and biometric settings are stored on-device only, and Face ID itself is handled by iOS — the app never sees biometric data. Intruder alert photos, taken when someone enters a wrong PIN, are also stored only on your device, in your local intruder log. The only information that ever leaves your phone is a set of anonymous usage event counts — for example, that a feature was opened — sent to Firebase Analytics to help us improve the app. Those events contain nothing from inside your vault.

Information stored on your device

Your vault content

The photos, videos, notes, and files you import into Secure Folder are stored locally on your iPhone, inside the app's protected storage. They are not uploaded to our servers — we don't operate storage servers — and we cannot see, access, or recover them.

Your PIN and biometric settings

Your PIN (and decoy PIN, if you set one) is stored on your device. Face ID and Touch ID checks are performed by iOS itself; the app never sees your biometric data.

Intruder alert photos

If you enable intruder alerts, photos captured after failed PIN attempts are stored on your device, in your intruder log. They are not transmitted anywhere.

Information processed online

Usage analytics

The app sends anonymous usage events to Google Firebase Analytics — for example, that a feature was opened or an onboarding step was completed. These events describe app usage, not your content: they never include your photos, videos, files, PINs, or anything from inside your vault. We use them to understand which features matter and to improve the app. Firebase Remote Config is used to adjust app configuration and run product experiments; it receives the same kind of anonymous identifiers, not your content.

Purchases

Incogni Pro is sold through the Apple App Store and StoreKit. Apple processes the payment; we do not receive your card number, billing address, or full payment details. The app checks your purchase status with Apple to unlock Pro features.

Crash and diagnostic data

Apple may share standard, aggregated crash and diagnostic reports with us if you have opted in to sharing analytics with app developers in your iOS settings.

What we never collect

Data retention and deletion

Because your content lives only on your device, deleting the app deletes your vault and everything in it. Please export anything you want to keep first — we have no copy and cannot restore it. Anonymous analytics events are retained by Firebase under its standard retention settings and cannot be traced back to you.

Your choices

Children

Secure Folder is not directed at children under 13, and we do not knowingly collect personal information from children.

Changes to this policy

If we change this policy in a meaningful way, we will update the date at the top of this page. Continued use of the app after a change means the updated policy applies.

Contact

Questions about this policy or your data? Email incognivault@gmail.com or use the contact page.