Security Policy

Our Commitment to Security

Security and privacy are fundamental to our mission of data ownership. We build our applications with security-first principles.

Data Privacy

Our applications are designed to keep your data on your device. We do not:

• Collect or store your personal data on external servers
• Share your information with third parties
• Track your usage

Reduced Attack Surface

Because our apps store data locally and we do not operate backend servers for them, common attack patterns against centralized services do not apply:

• No user database to breach
• No API to compromise
• No aggregated data to exfiltrate

The trust boundary is your device.

Distribution and Code Signing

Our applications are distributed through Apple's App Store and Google's Play Store. Some macOS apps may use other distribution channels when they require capabilities the App Store does not permit; any such releases will be code-signed with our Apple Developer ID and notarized by Apple. In all cases, signing (and notarization, where it applies) ensures the binary you install has not been tampered with after we ship it.

Security Updates

Security fixes are released through the App Store and Google's Play Store update channels. Critical issues are prioritized. We recommend enabling automatic updates so you receive security patches promptly.

Reporting Security Issues

If you discover a security vulnerability in any of our applications, please report it to us before disclosing it publicly so we can investigate and ship a fix.

Email: contact@appiary.dev

Please allow reasonable time for us to investigate and ship a fix through the App Store or Google's Play Store before public disclosure. We do not currently offer a bug bounty, but we appreciate responsible disclosure and will credit researchers who request it.

Updates

This security policy was last updated on April 30, 2026.