Privacy Policy
Effective date: July 10, 2026
Linkeeper (App Store: “Linkeeper - Bookmark Saver”, bundle ID com.vanthuongdao.linkeep) is a local-first bookmark-saving app: every link, tag, and collection is stored in an embedded SQLite database right on your device.
The short version: your data stays on your device by default. Signing in with Apple or Google is optional and only enables cross-device sync.
Local, on-device data
While signed out, every link, tag, collection, read/favorite state, and hidden-vault item is stored in a WatermelonDB (SQLite) database on your device. We operate no server that receives or reads this data in that state.
The hidden vault is locked with a PIN you set yourself, unlockable with Face ID/Touch ID via your device's Keychain. We never store or receive this PIN.
Optional sync (Sign in with Apple/Google)
If you choose to sign in with Apple or Google, that sign-in is exchanged for a Supabase session, and the following is two-way synced to our Supabase (Postgres) server:
- Email address and User ID from your sign-in provider.
- User-generated content (links, tags, collections) — “Other User Content”.
- Display name, if provided by your sign-in provider.
This data is used only to sync across your own devices. You can sign out any time (local data remains), or permanently delete your account and all server-side data via Settings → Delete account.
Anonymous usage analytics
Linkeeper uses Firebase Analytics (Google) to understand which features get used most — for example, app opens, screens viewed, and generic events like “saved a link” or “changed the theme”. This data:
- Is tied to a random per-install identifier, never your name or email.
- Never includes link content, titles, or anything stored in the hidden vault.
- Is never used for advertising or sold to third parties. The app uses no IDFA and shows no App Tracking Transparency prompt.
Google's privacy policy governs how it processes this data: policies.google.com/privacy.
Device permissions
Linkeeper only requests a permission when you use the feature that needs it:
- Face ID — only to unlock the hidden vault biometrically, instead of re-typing your PIN.
- Notifications — to send the daily read reminder, which you can toggle in Settings.
You can decline or revoke any of these in your device Settings; the related feature simply won't be available.
In-app browser
The in-app browser loads the web pages you visit directly from your device to that site; those sites are governed by their own privacy policies.
Backup & restore
You can export your whole link/tag library to a JSON file (saved to your own Files/iCloud) any time, independent of whether you're signed in. This file is entirely under your control — we never receive a copy.
No ads
The current version shows no advertisements and integrates no ad/tracking SDKs. If that ever changes, we will update this policy and the App Store's privacy information before it takes effect.
Children
Linkeeper is not directed to children and we do not knowingly collect data from them.
Changes
We may update this policy; the effective date above will change accordingly.
Questions or support requests? Email vanthuong.dao2004@gmail.com.