Privacy is part of the product, not a marketing toggle.

ALBA is designed around local-first storage and limited data collection. This policy explains what stays on your device, what leaves it when you use the web, and what is sent only when you ask for support.

Some vault-account, search, and bulk features require Pro. Current limits and pricing are shown inside the app.

Only save media you own or that the source explicitly authorizes you to download and keep. Availability depends on the page, format, and source rules. ALBA is not designed to bypass access controls or digital rights protections.

ALBA privacy policy

Last updated: July 17, 2026.

ALBA is a local-first file vault, account-isolated browser, web media saver, download manager, and offline player for iPhone. The developer does not operate a cloud account service for your vault and does not upload your vault files to third-party servers.

This policy covers ALBA 1.2, including Web Save and the on-device growth and review logic described below. Firebase Analytics is disabled and no third-party advertising SDK is used.

1. Local files and download work data

Completed files imported into or saved to the vault are stored in ALBA's app container and protected by ALBA's file-encryption format. The developer cannot view those files or recover your vault passcode.

To support downloading, resume, temporary playback, and finalization, ALBA first stores partial files, HLS segments, playlists, thumbnails, and job metadata in the app's Caches or temporary directory. Job metadata may contain source and referrer URLs, filenames, destination and temporary paths, sizes, status, errors, and poster or thumbnail data.

These work files are not wrapped in ALBA vault encryption before finalization and may remain for retry or recovery until the transfer is finalized, the download record is deleted, a temporary preview expires, or iOS removes cache data. Browser favorites and the main download list are kept in an encrypted state file for the current vault; active HLS job metadata and media work files are isolated by the iOS app sandbox but are not yet protected by ALBA vault encryption.

Folders, favorites, recent items, and encrypted file records remain local unless you use an Apple-managed device backup or intentionally export content. Video playback position is retained only for the current app session.

2. Web browsing and media requests

When you open a website, probe a page, or download media, your device communicates directly with the website and its delivery services. They may receive your IP address, user agent, cookies, referrer, request URLs, and other standard request information under their own privacy policies. ALBA does not operate a remote media-download proxy.

By default, cookies, cache, local storage, IndexedDB, and other WebKit website data persist in a data store isolated to the current local vault account so sign-in state can survive WebView recreation. This website data is not encrypted by ALBA. You can turn off Keep Website Login Status or use Clear Website Data for the current account. In nonpersistent mode, website data is used only for the current browser session. Account isolation does not make you anonymous to websites, network providers, or the operating system.

3. On-device growth and review counters

ALBA 1.2 stores the first and most recent open dates, active-day dates, coarse counts for onboarding and Web Save stages, D1 and D7 markers, review-prompt state, the last review version and date, and the last feedback date in local device settings. These values are not uploaded as behavioral analytics.

For review eligibility, ALBA keeps separate completed-download and played-item lists. Each list contains at most 200 one-way SHA-256 hashes derived from standardized local file paths. Raw paths are not stored in those lists, and the hashes are not uploaded. The current version has no separate control for clearing these counters; deleting the app's local data removes them, while existing iCloud backups remain subject to Apple's backup rules.

4. Optional iCloud Backup

If iCloud Backup is enabled for your device, Apple may include eligible app data in a device backup according to your iOS settings and Apple's terms. You control iCloud Backup through iOS. ALBA does not operate this service.

5. Feedback and support

When you open Feedback and approve network access, ALBA connects to third-party support services and synchronizes support history. Depending on device region and app configuration, support records may be processed by Firebase services or Feishu/Lark; message text is submitted only after you tap Send. To create, find, and respond to a support record, a submission may include the message, time and status, app-generated support identifiers, and limited local account context such as vault or user identifiers, a display name if set, language or region, and Pro status. Deletion options vary by support service, and some records or identities may require developer-side handling. Do not submit passwords, private files, confidential URLs, account credentials, or sensitive personal information.

6. Pro purchases and Apple

Pro is offered through Apple StoreKit. ALBA checks Apple-verified current entitlements and caches an unlocked or not-unlocked value on the device. Depending on the selected support service, Pro status may be included with a voluntary feedback record. ALBA does not send a transaction ID, receipt, price, complete purchase history, or payment information. Apple processes purchase and payment information under its own terms and privacy policy.

7. Advertising, tracking, and sale of data

ALBA does not use third-party advertising SDKs and does not sell personal information. The current release does not use remote behavioral analytics to build a profile of your browsing, downloads, or vault activity.

8. Your choices

You can delete local files from the app, disable persistent website data or clear the current vault account's website data, manage device permissions in iOS Settings, disable iCloud Backup for the app, and choose whether to submit feedback. Available support-record deletion options depend on the support service; some records or identities may require developer-side handling. Locking or signing out of a local vault does not delete its stored data.

9. This website

The generated ALBA website does not set its own cookies, use local or session storage, or load behavioral analytics. Google Firebase Hosting still processes standard request information such as IP address, user agent, and requested URL to deliver the site; Firebase states that Hosting retains IP data for a few months. Apple processes subsequent activity after an App Store link is opened.

10. Children, changes, and contact

ALBA is a general-purpose utility and is not directed to children. This policy may be updated when product behavior or legal requirements change. The effective date at the top will be updated when material changes are published.

For support and hosting processors selected by the developer, the developer requires data protection at least equivalent to this policy to the extent controlled by the applicable service agreement. Websites and services that you independently choose to visit operate under their own terms and privacy practices and are not covered by that commitment.

For privacy questions, use the feedback and support channel inside ALBA. This associates the request with the current anonymous support conversation; include the app and iOS versions manually when they are relevant.

Privacy and utility can work together.

Keep compatible downloads and personal files in one protected local-first space on your iPhone.

Download ALBA for iPhone