Privacy Policy

Last updated: February 2025 · Modex Apps

Short version: Encrypt RSA collects no personal data whatsoever. There are no servers, no accounts, and no analytics. Everything stays on your device.

1. Who we are

Encrypt RSA is a mobile application developed by Modex Apps (modex-page.pages.dev). This policy describes how the app handles information when you use it.

2. Data we collect

We collect nothing. Specifically:

No name, email address, or any identifier.
No messages — encrypted or otherwise — are transmitted to any server controlled by Modex Apps.
No usage analytics, crash reports, or diagnostic data.
No advertising identifiers (IDFA, GAID).
No location data.
No device fingerprinting.

3. Biometric data

The app uses Face ID and fingerprint authentication to gate the decryption function. Biometric data is processed entirely by the device's operating system (iOS Secure Enclave or Android TrustZone). Modex Apps never receives, stores, or transmits biometric data in any form.

4. Network requests

The app makes exactly one type of network request: a lightweight call to Cloudflare's time service (https://1.1.1.1/cdn-cgi/trace) to obtain the current trusted time when verifying message expiry. This request:

Contains no identifiable information about you or your message.
Is governed by Cloudflare's privacy policy.
Falls back to your device clock if the request fails or times out.

5. Local storage

The app maintains a no-trace policy. No messages, keys, shares, or other sensitive data are written to device storage, iCloud, Google Drive, or any cloud service. All sensitive state is held in memory only and is wiped when you leave the screen, after 10 minutes of inactivity, or when you tap Clear All.

6. Clipboard

When you copy a key share or decrypted message, the app automatically clears your clipboard after 60 seconds to prevent accidental exposure.

7. Screen capture

The app blocks screenshots and screen recording at the operating-system level to prevent sensitive information from being captured by other apps or system features.

8. Third-party SDKs

The app uses the following libraries. None of them send data to external servers:

node-forge — RSA/AES cryptography, runs entirely on-device.
expo-local-authentication — biometric authentication, delegates to OS APIs only.
expo-clipboard — clipboard read/write, no remote calls.
expo-screen-capture — screen capture prevention, no remote calls.
expo-device — device type detection, no remote calls.

9. Children's privacy

The app is not directed at children under 13 years of age. We do not knowingly collect any information from children.

10. Changes to this policy

We may update this policy from time to time. Changes will be reflected by an updated date at the top of this page. Continued use of the app after changes constitutes acceptance of the revised policy.

11. Contact

Questions about this policy? Reach us at modex-page.pages.dev.