How your data is protected

The short version

N78-Ops protects your business data with well-known, standard encryption that runs entirely on your phone. Nivo78 operates no server that receives your clients, quotes, or money. By default, your personal and customer data stays on this device—nothing syncs to Nivo78 in the background. Here is exactly what is used, and what each part does for you.

Protect your phone first

Start with your phone. Turn on a screen lock (PIN, password, pattern, or biometrics) in your device Settings before you store clients and quotes here. That is the first gate—someone needs to unlock the phone before they can open N78-Ops, change Settings, or uninstall the app. No app can replace your phone lock.

Then inside N78-Ops: a master password protects encrypted backups and exports and is required before factory reset when you set one.

Uninstalling N78-Ops removes all app data on this phone. Keep password-protected backups somewhere safe off this device so you can restore after a new install.

On your device, not our servers

Clients, quotes, schedules, and invoices live in Android's private app sandbox on this phone. Other apps cannot read them under standard Android rules, and Nivo78 does not store your business database.

When data can leave — only because you choose

See When data leaves the device for the full list (email, text, hosted HTML on nivo78.com for 30 days when that toggle is on, backups, exports, optional Drive, Play Billing, and feedback). Summary:

  • Email or text a customer — draft opens in your mail or messaging app; content leaves when you send.
  • Hosted view links in emailoff by default; optional upload with 30-day server retention when enabled.
  • Share PDF, backups, exports — files go where you save or share them.

Encrypted at rest — AES-256-GCM via the Android Keystore

Your local business data is sealed with Google's Jetpack Security EncryptedFile using AES-256-GCM (the AES256_GCM_HKDF_4KB scheme), and secure settings use EncryptedSharedPreferences (AES-256-SIV for keys, AES-256-GCM for values). The keys live in the Android Keystore, which is hardware-backed on supported devices—so a lost or stolen phone does not hand over readable data.

Secure storage (Pro and Premier)

On Pro and Premier, Settings → Secure → Secure storage holds extra secrets you choose to store (license numbers, account keys, and similar). Each value is sealed with a separate AES-256-GCM Android Keystore key—distinct from everyday registry encryption. Client private notes on a client profile are also a paid-plan feature: they stay hidden until you unlock the session.

Unlock with fingerprint, face unlock, or your device PIN, pattern, or password when your phone supports it—or use your master password instead. The Keystore key is invalidated when you enroll a new fingerprint or face, so ciphertext from before that change cannot be decrypted under the new biometric set. Secure-storage entries are not included in standard portable backups; export them separately when you need to move vault secrets to another device.

Your master password is never stored

Only a one-way PBKDF2-HMAC-SHA256 verifier is kept on the device, compared in constant time. The password itself is never written to disk or sent anywhere. That is also why no one—including Nivo78—can recover it for you; protect it like a key to your business.

Strong export encryption — PBKDF2 at 600,000 iterations

Password-protected portable backups and exports are encrypted with AES-256-GCM, using a key stretched by PBKDF2-HMAC-SHA256 at 600,000 iterations, so a captured file resists brute-force guessing. Accountant ZIPs (Professional and Premium) use AES-256 WinZip-standard entry encryption. One honest exception: a password-protected CSV for Windows uses the older ZipCrypto format for compatibility—weaker than AES; the app tells you this at export time, and plain exports always show a short risk reminder first.

What forgetting the password does and does not cost you

Because everyday data rides the Android Keystore (not your master password), the installed app keeps working if you forget the password. What you cannot recover are password-protected backups and exports you already made, and restoring one on a new phone or after reinstalling—those need that exact password.

Related topics: When data leaves the device, Protecting exports & sensitive data, Troubleshooting: Email quote delivery, Copy me on client texts and emails, Data files & backups, Manual Backups & JSON Snapshots.

← All N78-Ops help topics