Home → Security
Security
Short answer: Safemii's safest design choice is simple: clean private files before they leave your phone. The app does not need a Safemii server to scan text, strip photo metadata, or redact a PDF. That reduces the amount of private data that can be copied, logged, reviewed, or leaked somewhere else.
Security model
- Process text, photos, and PDFs on the device.
- Avoid accounts for core cleanup.
- Avoid file uploads to Safemii.
- Save a clean copy rather than changing the original without review.
- Let the user review what was found before sharing.
Nothing-Fake redaction
Safemii is built around the idea that a privacy tool should not only look safe. If a PDF redaction only paints a rectangle over words, the words may still be recoverable. Safemii's PDF redaction path is designed to remove covered text from the saved file where supported, then draw the cover-up.
Public security references
Safemii does not claim NIST certification, audit status, or formal compliance. The site references NIST language because it gives users a clear way to understand the security goal: private data should not merely be hidden in a preview; it should be removed or made inaccessible in the saved copy where the file type allows it.
- NIST SP 800-88 is a public reference for media sanitization concepts: reducing practical access to data remnants for a given level of effort.
- NIST SP 800-122 is a public reference for personally identifiable information, or PII, and the need to protect it from inappropriate access, use, and disclosure.
For Safemii, the consumer version of that idea is simple: remove personal details before sharing, uploading, or asking an AI tool to process a file. The app is built to support that habit with local cleanup, clear review, and clean-copy saving.
Trust boundaries
The safest boundary is the phone. Safemii's core cleanup flow is designed around on-device processing, no account requirement for cleanup, and no file upload to Safemii servers. Store downloads and payments, once available, will still be handled by Apple or Google; that is separate from the private file cleanup flow.
Airplane-mode check
The core cleanup flow is meant to work with internet access switched off. That gives users a simple way to test the privacy promise: clean a file in airplane mode and confirm the app still works.
What users should still verify
- Open the clean copy before sharing it.
- Search for removed names, account numbers, or case numbers in PDFs.
- Check that photos no longer contain private location metadata.
- Review screenshots for notification bars, tabs, profile photos, and background details.
- Do not treat any automatic detection as a substitute for final human review.
Responsible launch status
Public store listing URLs, Apple Universal Link credentials, Android App Link fingerprints, and app screenshots are intentionally still pending. They will be added only when they are real and verifiable.