<tskulbru.dev/>

Privacy Policy for Mockingjay

Last updated: February 4, 2026

Overview

Mockingjay ("we", "our", or "the app") is committed to protecting your privacy. This Privacy Policy explains how we handle information when you use our secure video recording application. Mockingjay is designed for journalists, activists, and individuals who need tamper-proof video evidence.

Information We Collect

Mockingjay is designed with privacy as a core principle. We collect minimal information:

  • We don't require personal information like your name or email
  • We don't access your contacts or photo library
  • We cannot access or decrypt your recorded videos
  • Your PIN and encryption keys never leave your device

Video Recording and Encryption

Mockingjay uses strong encryption to protect your recordings:

  • AES-256-GCM encryption: All video chunks are encrypted on your device before upload
  • Secure Enclave: Your master encryption key is stored in Apple's hardware-protected Secure Enclave on your device
  • Passphrase never stored: Your passphrase is generated once, shown to you, and immediately discarded. We have no copy.
  • PIN never stored: Your PIN is used to derive a key, then discarded. It is not saved anywhere.
  • No recovery possible: Because we don't store your passphrase or PIN, we cannot recover them if lost. This is intentional.

Google Drive Storage

Your encrypted video chunks are stored in your own Google Drive account:

  • We use Google Sign-In to authenticate with your account
  • Videos are uploaded to a folder you control in your Drive
  • We only request permission to create and manage files in the Mockingjay folder
  • Google cannot decrypt your videos as they are encrypted before upload
  • You can revoke access to your Google account at any time

For information about how Google handles data, see Google's Privacy Policy.

Location Data

GPS metadata embedding is an optional premium feature:

  • Location tracking is off by default
  • You must explicitly enable GPS in settings
  • When enabled, coordinates are embedded in the encrypted recording manifest only
  • Location data is encrypted along with your video and never sent to our servers

Analytics and Crash Reporting

To improve the app experience, we use the following services:

Firebase Analytics

We use Firebase Analytics to understand general app usage patterns. This includes:

  • Feature usage statistics (anonymized)
  • App launch frequency
  • Recording completion rates
  • Device type and OS version

This data is anonymized and aggregated. We cannot identify individual users from this information. Analytics never include your video content, PIN, or encryption keys.

Firebase Crashlytics

We use Firebase Crashlytics to identify and fix app crashes. When the app crashes, it may send:

  • Device model and OS version
  • App version
  • Crash stack traces
  • Anonymous installation UUID

In-App Purchases

Mockingjay offers premium features through subscriptions. Purchase processing is handled by:

  • Apple App Store for all transactions
  • RevenueCat for subscription management

We don't store payment information. All transactions are processed securely by Apple and RevenueCat.

Third-Party Services

Mockingjay uses the following third-party services:

Security Features

Mockingjay includes several security features designed to protect your data:

  • PIN-only authentication: We deliberately do not use Face ID to prevent forced unlocking
  • Duress PIN: A secondary PIN that appears to work normally but protects your data
  • Real-time upload: Footage is preserved in the cloud even if your device is confiscated
  • Local key storage: All encryption keys are stored locally and never transmitted

Children's Privacy

Mockingjay is not intended for children under 13. We don't knowingly collect personal information from children. The app doesn't require any personal information to function.

Your Rights

You have control over your data:

  • Delete your account and associated data from within the app
  • Delete the app at any time to remove all local data and keys
  • Delete encrypted videos from your Google Drive at any time
  • Revoke Google Drive access in your Google account settings
  • Disable analytics collection in your device settings
  • Disable GPS tracking in the app settings

Account Deletion

You can delete your account at any time from Settings → Account → Delete Account. When you delete your account:

  • Your user profile and preferences are permanently removed from our servers
  • Your local encryption keys, PIN, and app settings are erased from your device
  • Your Firebase authentication account is deleted

Data Retained After Deletion: We retain records of your acceptance of our Terms of Service for legal compliance and audit purposes. These records are necessary to demonstrate regulatory compliance and to defend against potential legal claims. This retained data includes the date of acceptance, app version, and a user identifier. This retention is permitted under GDPR Article 17(3)(b) for the establishment, exercise, or defense of legal claims.

Note: Your encrypted recordings in Google Drive are not automatically deleted. You must delete these separately from your Google Drive account if desired.

Data Security

We take extensive measures to protect your information:

  • All video data is encrypted with AES-256-GCM before leaving your device
  • Encryption keys are stored in the Secure Enclave
  • All network transmission uses HTTPS encryption
  • No unencrypted video data is ever transmitted

Law Enforcement and Legal Requests

To be fully transparent, we distinguish between what is technically impossible for us to provide and what we commit to never providing.

What We Cannot Provide (Technically Impossible)

The following data does not exist on our systems. We literally cannot provide it even if legally compelled:

  • Your passphrase — generated once during setup, shown to you, then immediately discarded. Never stored.
  • Your PIN — never stored; exists only briefly in device memory when you enter it.
  • Your recordings — stored in YOUR Google Drive account, not on our servers.
  • Recording metadata, timestamps, or GPS coordinates — encrypted within your recordings, which we don't have.
  • Any link between users and their recordings — we have no database connecting users to their encrypted files.

Legal requests for your recordings must be directed to you or to Google regarding your Google Drive account — not to us.

What We Will Not Provide (Behavioral Commitment)

Your master encryption key exists on your device (in Apple's Secure Enclave and encrypted in the Keychain). The App accesses this key to encrypt and decrypt your recordings. A malicious app update could theoretically read and transmit this key.

We commit to never doing this. Specifically, we will not:

  • Log, capture, or transmit your master encryption key to any server
  • Capture or transmit your PIN when you enter it
  • Modify the App to exfiltrate credentials in response to legal demands
  • Provide law enforcement with tools or app updates to bypass encryption
  • Build "lawful intercept" or "exceptional access" capabilities

If we are ever legally compelled to compromise user security in ways that conflict with these commitments, we will cease offering the App in that jurisdiction rather than comply.

What We Can Provide If Legally Compelled

In response to valid legal process (subpoena, court order, or law enforcement inquiry), we can only provide information that exists on our systems:

  • Basic account information from Firebase (anonymous user ID, account creation date)
  • Anonymized, aggregated analytics data that cannot identify individual recordings
  • Crash reports (device type, app version, stack traces)
  • Subscription status through RevenueCat (if applicable)

Data Recovery Limitations

Important: Due to our zero-knowledge design, we cannot help you recover your data if:

  • You forget your PIN or passphrase
  • You lose your device without backing up your encryption keys
  • You use your duress PIN (which destroys local keys)
  • Your Secure Enclave data is corrupted or wiped

This is an intentional security feature, not a limitation. The same design that protects your recordings from unauthorized access also means we cannot bypass that protection for any reason. We strongly recommend keeping a secure backup of your passphrase.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last updated" date at the top of this policy.

Contact

If you have questions about this Privacy Policy or how Mockingjay handles data, please contact us through the App Store where you downloaded the app.

← Back to tskulbru.dev | Support | Terms of Service