Privacy Policy

QMV ("Quantum Media Vault," "we," "us," or "our") is built on a single architectural principle: your private data must be mathematically inaccessible to everyone except you. This Privacy Policy explains exactly what we can and cannot see, what we collect, and why.

1. The Zero-Knowledge Guarantee

QMV is a strict zero-knowledge system. This means:

• We do not know your password. Your master password never leaves your device. It is used locally to derive your encryption keys via Argon2id.
• We do not have your encryption keys. Keys are generated on your device and, where supported, stored in hardware security enclaves (Apple Secure Enclave, Android Keystore, Windows TPM 2.0). They are never transmitted to our servers.
• We cannot view your photos, videos, or metadata. All media is encrypted client-side with XChaCha20-Poly1305 before it ever leaves your device. We have no mechanism to decrypt it.
• We cannot reset your password or recover your data. If you lose your master password and recovery key, your vault is permanently locked. This is by design, not a limitation.

2. 100% Local AI Processing

QMV's smart search and automatic photo tagging are powered by a local AI model (Qwen) that runs entirely on your device's GPU or NPU. This means:

• Your photos and videos are never sent to any cloud service for AI processing.
• We do not use OpenAI, Google Vision, Amazon Rekognition, or any third-party AI service.
• Your search queries (e.g., "sunset," "birthday") are processed locally against a local SQLite FTS5 index. They never leave your device.
• AI-generated tags and metadata are encrypted alongside your media and are equally inaccessible to us.

3. What Our Servers Actually See (QMV Pro Sync)

If you subscribe to QMV Pro and enable encrypted cloud sync, our servers facilitate the routing of data between your devices. Here is exactly what our servers receive:

• Indistinguishable encrypted binary blobs. We cannot determine file names, file types, file sizes of the original media, or any content whatsoever.
• Encrypted 1KB delta transaction packets. These are individually encrypted and cryptographically verified. We cannot read their contents.
• Your account email address (used solely for authentication and billing).
• Subscription status and billing metadata (processed by our payment provider).

We do not and cannot correlate encrypted blobs to individual photographs. We do not analyze traffic patterns to infer content.

4. Zero Advertising & Tracking

QMV's business model is subscriptions, not advertising.

• We do not use third-party tracking pixels, advertising identifiers, or behavioral analytics in any QMV application. Our website (qmv.app) uses a minimal, cookieless analytics service solely to measure aggregate page views and improve the site experience. No personal data is collected or shared with advertisers.
• We do not sell, share, or trade user data with any third party.
• We do not build advertising profiles or behavioral models.
• Our website (qmv.app) does not use cookies for tracking or advertising. We may use strictly necessary cookies for authentication.

5. Telemetry & Crash Reports

By default, QMV collects zero telemetry. If you explicitly opt in via Settings, we may collect:

• Anonymous crash reports (stack traces with no personally identifiable information, no media data, and no encryption keys).
• Aggregate, anonymized usage statistics (e.g., "number of app launches") to help us improve performance.

You can disable opt-in telemetry at any time. Crash reports never contain encrypted media, decryption keys, passwords, or file contents.

6. Data Retention & Deletion

• Your encrypted data is stored on our sync servers only for as long as your QMV Pro subscription is active.
• If you cancel your subscription, encrypted sync data is deleted from our servers within 90 days.
• You can request full account deletion at any time by contacting [email protected]. We will delete all account data and associated encrypted blobs.
• Local vault data on your device is always under your control and is not affected by subscription changes.

7. Law Enforcement & Government Requests

If we receive a valid legal request for user data, we can only provide what we have: an email address, subscription status, and encrypted binary blobs that we cannot decrypt. We cannot comply with requests for decrypted photos, videos, metadata, or encryption keys because we do not have them and never have. We will notify affected users of legal requests unless legally prohibited from doing so.

8. Children's Privacy

QMV is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at [email protected].

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via the QMV application or by email. Your continued use of QMV after changes are posted constitutes acceptance of the updated policy.

10. Contact

If you have questions about this Privacy Policy or our data practices, contact us at [email protected].