Privacy Policy

Last updated: 2026-05-26 · Applies to Guddle Keep for Android, all versions.

The short version

Guddle Keep collects nothing. There is no account, no server, no analytics, no advertising SDK. Your notes, your encryption key, and your usage patterns never leave your device. We have no way to read, recover, or report on anything you write.

What stays on your device

• Notes content — encrypted with AES-256 GCM, stored in the app's private sandbox.
• Encryption key — generated on first launch, sealed inside the Android Keystore. The key never leaves the secure hardware.
• Identity (npub) — your local public identifier, used only inside the app for sharing flows.
• Recovery QR — generated on demand when you choose to back up. The QR is shown on screen for you to print or photograph. We never receive it.

What we do not collect

• No personal information (name, email, phone, location).
• No device identifiers (Android ID, advertising ID, IMEI).
• No usage analytics or crash reports.
• No content of notes, titles, tags, or attachments.
• No backup uploads. Backup is local-only via QR.

Network access

Guddle Keep does not declare the INTERNET permission in its Android manifest. The app cannot open a socket, make an HTTP request, or contact any server. You can verify this by inspecting the APK or by running it inside an Android profiler.

Permissions explained

• Biometric (USE_BIOMETRIC) — to gate app entry behind fingerprint or face. Authentication happens entirely on the Android system; we receive only a yes / no result.
• Camera (CAMERA) — only requested when you tap "Restore from QR" to scan a backup code. Frames are processed in memory and discarded.
• No other runtime permissions are requested.

Sharing a note

When you tap "Share" on a note, Guddle Keep hands the encrypted note off to the Android system share sheet (or to your chosen target app). What happens after that is governed by the app you shared into. Guddle Keep does not perform any network call as part of sharing.

Children

Guddle Keep is a general-purpose notes app. It does not knowingly collect any data from anyone, including children. Because we collect nothing, no special handling is required.

Changes to this policy

If the privacy posture of the app ever changes — for example, if a future version were to add an optional sync feature — this page will be updated and the change will be called out in the in-app release notes. Existing on-device data will not be uploaded retroactively.

Contact

For privacy questions, write to privacy@guddle.me. We do not run a support helpdesk; replies are best-effort.