Stronghold Privacy Policy
In short: Stronghold is a local-first encrypted vault. Your photos, videos, documents, and notes stay on your device. We do not operate servers, cloud accounts, analytics, or advertising. We do not collect or sell your personal data.
This Privacy Policy describes how Stronghold (“the App”), developed by F8 Digital (“we”, “us”, or “our”), handles information when you use the App on your iPhone or iPad.
1. Our approach
Stronghold is designed so that your private content remains under your control. The App:
- Stores vault contents locally on your device
- Encrypts vault data on your device using industry-standard cryptography
- Does not sync to the cloud
- Does not require an online account
- Does not transmit your vault contents to us or to third parties
- Does not include advertising or cross-app tracking
2. Information you provide
When you use Stronghold, you may store the following types of information in your encrypted vaults:
- Photos and videos
- Documents and other files you import
- Secure notes you create
- Vault names, collection names, and organization metadata
- PINs and master codes used to unlock the App and individual vaults
This information is processed only on your device to provide the App’s functionality. We do not receive copies of your vault contents.
3. Device permissions
Stronghold may request access to:
- Photo Library — so you can import photos and videos into your vault. Imported items are encrypted and stored locally. We do not upload your library to any server.
- Camera — so you can capture photos directly into your vault. Captured images are encrypted and stored locally.
You can deny or revoke these permissions in iOS Settings. Some features may not work without the relevant permission.
4. How data is stored and protected
Vault contents are encrypted on your device before being written to local app storage. Authentication data (such as PIN hashes and related credentials) is stored using Apple’s Keychain and other secure on-device mechanisms.
Stronghold uses standard encryption provided through Apple’s operating system (including CryptoKit). Your master code and vault PINs are not stored in plain text.
Important: If you forget your master code or a vault PIN, we cannot recover it for you. This is by design to protect your privacy.
5. Data we do not collect
We do not collect, sell, rent, or share personal information for advertising or marketing purposes. In particular, we do not collect:
- Analytics or usage tracking data
- Advertising identifiers
- Contact lists, location data, or browsing history
- Vault contents or decryption keys
- Account registration data (no accounts are required)
6. Purchases
Stronghold is offered as a one-time purchase with no subscription. Payment processing is handled entirely by Apple through the App Store. We do not receive your payment card details. Apple may process transaction information according to its own privacy policy.
7. Third parties
We do not integrate third-party analytics, advertising, or social networks into the App. The only third party involved in a typical purchase or device backup scenario is Apple (App Store, iOS, and optional iCloud device backup — see below).
8. iCloud and device backups
Stronghold does not provide its own cloud sync. However, if you enable iCloud Backup or device backups on your iPhone or iPad, Apple may include app data in those backups according to your device settings and Apple’s policies. Encrypted vault data may therefore exist within backups you control. We do not have access to those backups.
9. Data retention and deletion
Your vault data remains on your device until you delete it within the App or remove the App from your device.
- Deleting items or vaults inside the App removes that encrypted data from app storage.
- Uninstalling the App removes the App’s local data from your device.
- Some authentication data stored in the iOS Keychain may persist in certain reinstall scenarios until cleared by the system or the user. The App includes safeguards to reduce orphaned keychain data after a fresh install.
10. Children’s privacy
Stronghold is not directed at children under the age of 13 (or the minimum age required in your country). We do not knowingly collect personal information from children.
11. Your rights
Because your data is stored locally on your device and is not collected by us, you maintain direct control over it. Depending on where you live, you may have rights under privacy laws (such as the GDPR or CCPA) to access, correct, or delete personal information. For Stronghold, exercising those rights generally means managing or deleting data within the App or on your device.
If you have questions about your rights, contact us using the details below.
12. International users
Stronghold is developed in Sweden. Because we do not collect or transfer your vault contents to our servers, your encrypted data ordinarily remains on your device in your country of use.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Effective date” at the top of this page. Continued use of the App after changes take effect constitutes acceptance of the updated policy.
14. Contact us
If you have questions or concerns about this Privacy Policy or Stronghold’s privacy practices, contact:
F8 Digital
Email: info@f8digital.se
Website: f8digital.se