Privacy Policy
Short version: Encrypt RSA collects no personal data whatsoever. There are no servers, no accounts, and no analytics. Everything stays on your device.
1. Who we are
Encrypt RSA is a mobile application developed by Modex Apps (modex-page.pages.dev). This policy describes how the app handles information when you use it.
2. Data we collect
We collect nothing. Specifically:
- No name, email address, or any identifier.
- No messages — encrypted or otherwise — are transmitted to any server controlled by Modex Apps.
- No usage analytics, crash reports, or diagnostic data.
- No advertising identifiers (IDFA, GAID).
- No location data.
- No device fingerprinting.
3. Biometric data
The app uses Face ID and fingerprint authentication to gate the decryption function. Biometric data is processed entirely by the device's operating system (iOS Secure Enclave or Android TrustZone). Modex Apps never receives, stores, or transmits biometric data in any form.
4. Network requests
The app makes exactly one type of network request: a lightweight call to Cloudflare's time service (https://1.1.1.1/cdn-cgi/trace) to obtain the current trusted time when verifying message expiry. This request:
- Contains no identifiable information about you or your message.
- Is governed by Cloudflare's privacy policy.
- Falls back to your device clock if the request fails or times out.
5. Local storage
The app maintains a no-trace policy. No messages, keys, shares, or other sensitive data are written to device storage, iCloud, Google Drive, or any cloud service. All sensitive state is held in memory only and is wiped when you leave the screen, after 10 minutes of inactivity, or when you tap Clear All.
6. Clipboard
When you copy a key share or decrypted message, the app automatically clears your clipboard after 60 seconds to prevent accidental exposure.
7. Screen capture
The app blocks screenshots and screen recording at the operating-system level to prevent sensitive information from being captured by other apps or system features.
8. Third-party SDKs
The app uses the following libraries. None of them send data to external servers:
- node-forge — RSA/AES cryptography, runs entirely on-device.
- expo-local-authentication — biometric authentication, delegates to OS APIs only.
- expo-clipboard — clipboard read/write, no remote calls.
- expo-screen-capture — screen capture prevention, no remote calls.
- expo-device — device type detection, no remote calls.
9. Children's privacy
The app is not directed at children under 13 years of age. We do not knowingly collect any information from children.
10. Changes to this policy
We may update this policy from time to time. Changes will be reflected by an updated date at the top of this page. Continued use of the app after changes constitutes acceptance of the revised policy.
11. Contact
Questions about this policy? Reach us at modex-page.pages.dev.