Privacy Policy

Last Updated: February 2026

The Short Version

We don't collect user data. We don't have accounts, analytics, or telemetry. Your portfolio is encrypted on your device and never leaves it.

What We Collect

Nothing. No accounts, no email addresses, no names, no device identifiers, no usage analytics, no crash reports, no telemetry. We have no database of users and no servers that store user data.

What Stays on Your Device

  • Portfolios and holdings — encrypted with AES-256-GCM
  • Watchlists — encrypted, stored locally
  • Price alert details — encrypted, stored separately from the app database
  • PINs — hashed and stored in the iOS Keychain, never transmitted
  • Settings and preferences — stored locally

None of this data is backed up to iCloud or included in iTunes backups. It exists only on your device.

Price Data

Darkfolio needs current prices to calculate portfolio values. We use a privacy-preserving approach called k-anonymity:

  1. Your app requests prices for all 6,000+ supported assets from our proxy server
  2. The server returns the same complete price list to every user
  3. Your device extracts only the prices it needs locally

Because every user makes the same request and receives the same response, the server cannot determine which assets you hold.

What the Server Sees

  • Your IP address (unless Tor is enabled)
  • That someone requested prices
  • The time of the request

What the Server Cannot See

  • Which assets you hold
  • How much you hold
  • Your portfolio value

Tor Routing (Pro)

Pro users can route all price requests through the Tor network via a built-in client, which hides your IP address from our server. Tor is enabled by default for new users.

Encryption

Portfolio data is protected with multiple layers:

  • AES-256-GCM encryption — Portfolios, watchlists, and alert details are stored in encrypted files, separate from the app's standard database
  • iOS Data Protection — All files are additionally protected by iOS's built-in file-level encryption
  • iOS Keychain — PINs and encryption keys are stored in hardware-backed secure storage

Ghost Mode

Ghost Mode provides two separate PINs that open two separate encrypted vaults. This is designed for everyday privacy — shared devices, personal boundaries, or simply keeping your finances private.

Both vaults use the same encryption, the same file structure, and the same storage format. The app behaves identically regardless of which PIN is entered.

Notifications

Price alert notifications display only generic text ("Price Alert"). No asset symbols, prices, or directions are included in notification content.

Siri Shortcuts

We support Siri Shortcuts for actions like refreshing prices and toggling Quiet Mode. We do not support shortcuts that return financial data, because Siri responses pass through Apple's servers.

Widgets

Our widget displays only Darkfolio branding and launches the app when tapped. No prices, symbols, or values are shown, because widget data is stored in unencrypted shared storage.

Third-Party Services

Our proxy server aggregates prices from third-party data providers (including Binance, CoinGecko, Alpaca, Yahoo Finance, and Finnhub). These providers see requests from our server, not from individual users. Apple handles all subscription and payment processing via StoreKit.

Children's Privacy

Darkfolio is not designed for children under 13. We do not knowingly collect any information from children.

Changes to This Policy

If we update this policy, we'll update the date above. Since we don't collect data, changes are rare.

Contact

darkfolioapp@proton.me

Summary

Question Answer
Do you collect my email?No
Do you track what I do?No
Can you see my portfolio?No
Do you sell data?We have no data to sell
Do you use analytics?No
Is my data backed up?No — it exists only on your device