Cyh Cipher is a local file-encryption utility for macOS. This policy explains, in plain terms, what the app does and mostly doesn't do with your data. There is very little to explain: the app has no server.
01What we collect
Nothing, on any server we operate, because none exists. Cyh Cipher has no account system, no sign-in, and no analytics or crash-reporting SDK of any kind. We have no way to know the app is installed, let alone how it's used.
02Your files
The files you encrypt or decrypt never leave your Mac. Cyh Cipher runs inside Apple's App Sandbox with exactly one entitlement: read/write access to the file you explicitly choose, by dropping it on the window or picking it from the system's file dialog. No other files, folders, or locations are ever touched, and nothing is uploaded anywhere.
03Your password
Your password exists only in memory for as long as it takes to derive an encryption key with Argon2id. It is held in a locked memory buffer that never touches disk swap, and it is zeroed as soon as it's no longer needed. It is never written to disk, never logged, and never transmitted anywhere. If you forget it, we cannot recover it. Nobody can. See the Terms for what that means in practice.
04Third parties & tracking
There are no advertising networks, no analytics, and no tracking SDKs in the app. Nothing about your usage is profiled, shared or sold. Because of the sandbox entitlement described above, the app has no network access to send anything anywhere, even if it wanted to.
05Your control
Since nothing is stored outside your Mac, there is nothing for us to delete on request. Removing the app removes it and its settings from your device; the files you've encrypted or decrypted are yours to manage as with any other file.
·Changes to this policy
This policy may be updated from time to time; please review it periodically. Changes take effect as soon as they're posted on this page.
·Contact
Questions or suggestions about this document are welcome. Reach us at mcebrian (at) ik.me.