Privacy Policy

1. Who We Are

CoCrypt is an application developed by Beyondend Dev, a company registered in Turkey at Zühtüpaşa, Rıfat Bey Sk. No:2 kat:3, 34724 Kadıköy/İstanbul. You can reach us at team@beyondend.dev.

2. What CoCrypt Is

CoCrypt is a multi-party file encryption application. It allows a file owner to encrypt any file so that all designated participants must physically approve — via NFC and biometric authentication — before the file can be decrypted. There is no server, no cloud storage, and no user account system. All operations are local or peer-to-peer.

3. Local Key Storage

When you register as a participant, CoCrypt generates an EC P-256 cryptographic key pair on your device. Your private key is stored exclusively in your device's secure hardware enclave — Android Keystore on Android devices, and iOS Keychain on Apple devices. This storage is enforced by the operating system and is not accessible to Beyondend Dev, to any other app, or to any remote server. We have no ability to read, retrieve, or recover your private key under any circumstances.

4. No Data Transmitted to Us

CoCrypt does not transmit any data to Beyondend Dev or to any third-party server. All key exchanges happen peer-to-peer over NFC — physically between users' devices, with no internet connection involved. Encrypted files (.cvl) are created and stored on your device and travel through whatever channel you choose (email, AirDrop, etc.). We receive nothing.

5. No Personal Data Collected

We do not collect any of the following:

• Names, email addresses, or contact information
• Device identifiers or hardware fingerprints
• Usage data, analytics, or crash telemetry
• Location data
• The content of any file you encrypt or decrypt
• Your cryptographic keys or any derived material

6. No Third-Party Services

CoCrypt uses no third-party analytics SDKs, advertising networks, crash-reporting services, or tracking tools. The only platform APIs used are the operating system's own NFC, biometric authentication (Face ID / Touch ID / fingerprint), and secure storage interfaces.

7. No Accounts Required

CoCrypt requires no account creation and no registration with Beyondend Dev. There is no login, no signup, and no user profile — which means there is no personal data associated with you in any system we control.

8. Biometric Data

CoCrypt uses your device's built-in biometric authentication (fingerprint or face recognition) to authorise unlock operations. Biometric data is processed entirely by the operating system's secure enclave. CoCrypt never has access to raw biometric data — we only receive a boolean success or failure result from the OS.

9. Data Loss Warning

Because your private key exists only on your device and we have no copy of it, losing your device or uninstalling the app without backup means losing your ability to participate in future unlock sessions. We strongly recommend keeping your device secure. We cannot recover lost keys under any circumstances.

10. Children's Privacy

Since we collect no data from anyone, there are no special concerns regarding children's privacy. No data is collected from users of any age.

11. Changes to This Policy

If we ever change our data practices, we will update this Privacy Policy accordingly and notify users through the app or our website. The date at the top of this page indicates when the policy was last revised.

12. Contact

If you have any questions about this Privacy Policy, you can contact us at:

Beyondend Dev
Zühtüpaşa, Rıfat Bey Sk. No:2 kat:3
34724 Kadıköy/İstanbul, Turkey
team@beyondend.dev