WHY YOUR EMERGENCY APP SHOULDN'T TRACK YOU
Most emergency preparedness apps collect your location, contacts, and usage data. Shelter takes a different approach.
Emergency preparedness apps ask you to store some of the most sensitive information you own. Your home address and the addresses of family members. Your children's names and ages. Copies of passports and identity documents. Your medical history, prescriptions, and insurance details. Meeting points if your family gets separated. Escape routes from your neighbourhood. The nature of this information demands a level of care that most apps in this category simply do not provide. Location tracking, behavioural analytics, and cloud-synced databases are standard practice in the market. They should not be.
The risk is not abstract. A data breach at a preparedness app exposes not just your email address — it exposes where you live, who your family members are, and what documents you carry. Unlike a leaked password, that information cannot be changed. It can be used for targeted phishing, physical harm, and identity fraud in ways that persist for years. The aggregated behavioural profile built from your usage — what you are worried about, which scenarios you train for, how your household scores on readiness — is commercially valuable and legally accessible to law enforcement in jurisdictions with broad surveillance powers. This is not a theoretical concern. It is an engineering constraint.
GDPR Article 25 requires privacy by design and by default, not privacy as an afterthought bolted onto a data-collection business model. The practical implication is that personal data should not be collected at all if the product's core function does not require it. A preparedness app does not need to know where you are. It does not need to send your kit list to a server. It does not need to measure which features you use most often. All of these things can be done entirely on your device, with zero network access, with no account required.
Shelter is built on this principle at the architecture level. All business logic runs in a Rust library compiled directly into the app — no backend service involved in any core feature. Your document vault is encrypted with AES-256-GCM using a key derived from your PIN with Argon2id, and that key is never stored: it is derived fresh from your PIN each time you unlock. The vault contents never leave your device. There is no analytics SDK, no crash reporter that phones home, no advertising framework. This is zero-knowledge architecture: even if Shelter's servers were compromised, there is nothing there to take. There are no servers with user data.
Shelter helps you track all of this automatically — your kit, your plan, your vault — without ever seeing your data. Download Shelter — free