Overview
KLRHT Look it up is built on a simple principle: your data belongs to you and nowhere else. No account. No cloud. No server that knows your business. No subscription. Everything you enter stays on your device and absolutely nowhere else.
The app stores all your data locally on your device. We do not operate servers, we do not collect analytics, and we do not track you. The only network activity occurs when verifying in-app purchases (via RevenueCat) and when showing optional ads to free users (via Google AdMob) — both described below.
Data stored on your device
The following data is saved exclusively on your device using Apple's and Google's on-device storage. It never leaves your device.
- Cards — the reference cards you create, including all field values you enter (names, dates, numbers, URLs, phone numbers, and other text)
- Secret fields — values you mark as sensitive (e.g. PINs, passwords) are stored in your device's secure enclave via Apple Keychain / Android Keystore, separate from regular storage
- Custom templates — template structures you create yourself, stored in regular on-device storage
- Attachments — files and photos you attach to cards are stored in your app's local documents folder, never uploaded
- Image fields — photos you add to image-type fields are stored locally within the app
- App settings — preferences such as biometric protection and backup schedule
Deleting the app permanently removes all of this data from your device. There is no automatic cloud backup — we recommend using your device's built-in backup (iCloud / Google Backup) to preserve this data, or using the manual backup export available in the app's settings.
Sensitive fields & biometric protection
Fields you mark as sensitive (or fields of type "secret") are masked by default and stored in your device's secure storage (Apple Keychain on iOS, Android Keystore on Android). Viewing their contents requires biometric authentication (Face ID, Touch ID, or fingerprint) or your device PIN, depending on your settings.
Biometric data is processed entirely by your device's operating system. KLRHT Lookitup never has access to your biometric data itself.
Sensitive field values are never included in search results, card
exports, or widget displays — they always appear as •••• in
those contexts.
Camera & photo library
KLRHT Lookitup requests access to your camera and photo library only when you choose to add a photo to an image field or an attachment. Photos are saved locally within the app. We never access your photo library without your explicit action, and no images are transmitted anywhere.
File attachments
Files you attach to cards (documents, PDFs, images, etc.) are stored in your app's local documents folder using your device's file system. When you choose to open an attachment with an external app, your operating system's standard share mechanism is used — we do not transmit files to any server.
For full-text search, text content from documents and images (via on-device OCR) is indexed locally on your device and never sent anywhere.
Card sharing
When you choose to share a card, Look it up generates a plain-text or formatted summary of the card's visible field values and sends it via your device's standard share sheet (Messages, Mail, AirDrop, etc.).
Sensitive fields are never included in a shared card. Fields you have marked as sensitive, or fields of type "secret", are always omitted from any export or share output — they appear as nothing in the shared content.
Sharing is entirely opt-in and initiated by you. Look it up does not transmit card data to any server on your behalf — all sharing happens through your operating system's share mechanism.
Widgets
Look it up supports home screen and lock screen widgets that display
field values from your cards. Sensitive fields are never shown in
widgets — they always appear as •••• regardless of your
biometric settings. Widget content is rendered locally on your device
and not transmitted anywhere.
Date field reminders are delivered as local notifications, scheduled entirely on your device. No notification data is sent to external servers. You can revoke notification permission at any time in your device settings, which will disable reminder delivery.
Purchases (KLRHT Lookitup Pro & Template Packs)
In-app purchases are processed through Apple's App Store and Google Play. Payment information is handled entirely by Apple or Google — we never see or store your payment details.
Purchase verification is powered by RevenueCat. When you make or restore a purchase, RevenueCat receives an anonymous device identifier and your purchase receipt to verify entitlements. No personal information such as your name or email address is shared with RevenueCat. You can read their privacy policy at revenuecat.com/privacy.
Analytics & tracking
KLRHT Lookitup contains no analytics SDKs, no crash reporting services, and no advertising SDKs beyond what is required for the optional ad banner shown to free users (served via Google AdMob). AdMob may use an advertising identifier on your device; you can limit ad tracking in your device's privacy settings. The only other third-party SDK is RevenueCat, used solely for purchase verification as described above.
Children's privacy
KLRHT Lookitup is not directed at children under the age of 13. We do not knowingly collect personal information from children.
Changes to this policy
If we make material changes to this privacy policy, we will update the date at the top of this page and, where appropriate, notify you via an app update. Continued use of the app after changes constitutes acceptance of the updated policy.
Contact
Questions or concerns about this privacy policy?
Reach us at privacy@klrht.app.