Privacy Policy for Family Digital Locker

Last Updated: December 2025

This Privacy Policy explains how Fibly: Family Digital Locker ("we," "us," or "our") collects, uses, and discloses your information. By using our application, you agree to the collection and use of information in accordance with this policy.

1. The "Zero-Knowledge" Architecture

Fibly is designed with privacy as its core principle. We utilize a Zero-Knowledge encryption architecture (AES-256 and RSA). This means:

  • Your sensitive data (passwords, bank details, files) is encrypted on your device before it is sent to our servers.
  • The decryption keys are derived from your Master Password, which is known only to you.
  • We cannot access, read, or recover your encrypted data. If you lose your Master Password, we cannot recover your data for you.

2. Information We Collect

A. Account Information (Visible to Us)

To create an account and manage the service, we collect limited personal information that is not end-to-end encrypted:

  • Email Address: Used for authentication, account recovery (password reset), and communication.
  • Display Name: Used to identify you to family members you connect with.
  • Device Information: We may collect device model, OS version, and IP address for security and analytics purposes.

B. Encrypted Vault Data (Not Visible to Us)

All data stored inside your vaults is encrypted. We host this data on our servers (via Google Firebase), but we see it only as meaningless gibberish (ciphertext). This includes:

  • Bank account numbers, credit card details, and IDs.
  • Uploaded files, images, and documents.
  • Notes and passwords.

3. Permissions We Request

The app requires specific permissions to function correctly:

  • Biometrics (FaceID/Fingerprint): Used solely for local authentication to unlock the app quickly. Biometric data never leaves your device.
  • Camera & Photo Library: Used only if you choose to attach photos/documents to your vault records.
  • Contacts: Used optionally to help you easily find and invite family members to share vaults.
  • Notifications: Used to alert you about family invitations or security events.

4. Third-Party Services

We use trusted third-party services to operate the app:

  • Google Firebase: Used for authentication, database storage, and file hosting. Google Privacy Policy.
  • Google AdMob: We may display advertisements provided by Google AdMob. AdMob may collect data to provide personalized ads.

5. Data Retention & Deletion

We retain your encrypted data as long as your account is active. You have the right to delete your account at any time within the app settings (Settings > Danger Zone > Reset/Delete). Upon deletion, all your data is permanently removed from our servers.

6. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: [contact@byteleapllp.com]