هذه الصفحة متاحة باللغة العربية — اقرأ بالعربية
🛡️ Privacy Is Our Foundation

Privacy Policy

Tijori is built on one principle: what is yours, stays yours — and only yours.

Last updated: March 2026
🚫
Zero Data Collected
No name, email, or phone number
📡
No Servers
Your photos never leave your device
🔐
AES-256 Encryption
Military-grade encryption standard
☁️
iCloud Optional
End-to-end encrypted, your account only
1Introduction

Tijori is a private photo vault application that operates entirely on your device. We built Tijori on a "privacy-by-design" foundation — we have not constructed any infrastructure to collect or store user data because we have no interest in knowing anything about you.

This policy applies to the Tijori iOS application and all future versions published under the same name. If you have any questions, you can reach us at the bottom of this page.

✅ The Short Version

Tijori collects no personal data. There is no server we own that receives your photos or your information. Everything stays on your device.

2What We Do Not Collect — Ever

The following is an explicit list of everything we do not collect:

  • Your name, email address, or phone number
  • Photos, videos, or any content stored in the app
  • Passwords, PIN codes, or Face ID / Touch ID data
  • Location data (except optionally for break-in logging — see Section 6)
  • Detailed usage data such as album names or timestamps
  • Device identifiers or IP addresses
  • Social network information
  • Credit card or payment data (handled entirely by Apple)
3Anonymous Analytics (TelemetryDeck)

We use TelemetryDeck for fully anonymous, privacy-preserving analytics. The sole purpose is to understand which features people use so we can improve the app.

🔍 What Is Sent to TelemetryDeck
  • App version and OS version
  • General device type (iPhone / iPad) with no unique identifier
  • Anonymous events such as "app opened" or "photo added" — with no personal details
  • A cryptographically derived anonymous identifier that cannot be linked back to you
✅ What Is Never Sent
  • Any photo, video, or personal content
  • Your name, email, or phone number
  • Your full IP address (truncated and never stored)
  • Your geographic location

TelemetryDeck's privacy policy is available at: telemetrydeck.com/privacy

4Local Storage & Encryption

All your data is stored locally on your device and is fully encrypted:

🔐 Encryption Details
  • Algorithm: AES-256-GCM — the standard used by governments and financial institutions
  • Encryption key: Derived from your PIN and protected by the iOS Secure Enclave
  • Data integrity: GCM mode ensures data integrity and detects any tampering
  • Theft protection: Photos cannot be accessed without your PIN even if a backup is obtained
5iCloud Backup (Optional)

Tijori optionally allows you to back up your data via your own iCloud account. This feature is disabled by default and will only be activated if you explicitly enable it.

☁️ How iCloud Backup Works
  • Your data is encrypted on your device before being uploaded
  • It is stored in your own iCloud account — not on any server we own
  • Even Apple cannot read the content because it is encrypted with your key
  • We, as the Tijori team, have zero access to your iCloud account

iCloud backup is also subject to Apple's iCloud Privacy Policy, available at: apple.com/legal/privacy

6App Permissions

Tijori requests only the following permissions, and only when needed:

Permission Purpose Status
📷 Camera Taking photos directly inside the app — photos are never transmitted anywhere When Used
🖼️ Photo Library Importing photos from your library into Tijori — read-only access On Import
🔑 Face ID / Touch ID Unlocking the app with biometrics — processing happens entirely on-device On Unlock
📍 Location Recording location of break-in attempts (intruder alert) — completely optional Optional
📍 Note on Location Permission

Location access is requested only if you enable the "Log Break-In Attempts" feature. In that case, the location is stored locally on your device alongside the photo captured of the person who entered an incorrect PIN. It is never transmitted to any server.

7Children's Privacy

Tijori is not intended for children under the age of 17. We do not knowingly collect any data from children. If you are a parent or guardian and believe your child is using the app, please contact us.

8Your Rights

Since we collect no personal data, your rights of access, deletion, and correction apply fully at the device level:

  • Right of access: All your data is on your device — you own it completely
  • Right to deletion: Delete the app to permanently erase all data
  • Right to portability: Export your photos from within the app at any time
  • Right to object: Revoke location or analytics permissions in iOS Settings

Under Saudi Arabia's Personal Data Protection Law (PDPL):

  • You have the right to know what data we hold about you (the answer: none)
  • You have the right to request deletion of any data relating to you
  • You have the right to file a complaint with the National Data Management Office (NDMO)

Under EU GDPR:

  • Legal basis for TelemetryDeck: legitimate interest (improving the application)
  • You may object to analytics via iOS Settings → Privacy & Security
  • We do not directly transfer any personal data outside the EU
9Security & Incident Response

Because Tijori operates without storage servers, the risk of external data breach is eliminated. The security of your photos depends on:

  • The strength of the PIN you choose — we recommend at least 6 digits
  • Enabling the auto-wipe feature after repeated incorrect attempts
  • Keeping iOS updated to receive the latest security patches
  • Not granting the app any permissions you do not need

Should we discover any security vulnerability in the application itself, we will release an emergency update and publish a notice on the app's App Store page.

10Changes to This Privacy Policy

If we make any material change to this policy, we will notify you via an in-app notification or on the App Store page. Continued use of the app after an update constitutes acceptance of the revised policy.

We always display the date of the last update at the top of this page.

11Governing Law

This policy is governed by the laws of the Kingdom of Saudi Arabia, including the Personal Data Protection Law (PDPL) issued by Royal Decree M/19. It also complies with GDPR requirements for EU users and Apple's App Store privacy guidelines.

Contact Us

Have a question about your privacy? We respond within 48 hours.

privacy@tijori.app