TheOneSpy holds sensitive activity records. Call logs, message threads, GPS coordinates, screenshots. In the wrong hands, this becomes a problem. Three layers protect it. AES-256 encryption at rest. TLS 1.3 in transit. Per-account key isolation that survives single-tenant breaches. Same standards your bank uses for transaction data. Not because it's nice. Because we'd rather sleep at night.
⚖️ Use it legally. TheOneSpy is for devices you own, or company-issued equipment where employees have been given proper notice. Check your local laws first. See our Terms, Privacy, Disclaimers, and Abuse Policy.
Specific capabilities — not category promises. Here's what's on your dashboard after setup.
Files in our cloud sit behind AES-256 encryption. Same standard the US government uses for top-secret documents. Our engineers can't read your data without your credentials.
Data moving between device, cloud, and your dashboard rides TLS 1.3. The handshake protocol your bank uses. No fallback to weaker protocols ever.
Your encryption keys belong to your account alone. A breach affecting another customer doesn't touch your data. Multi-tenancy without shared risk.
Every 90 days, your keys rotate. Old data stays decryptable with old keys, new data uses fresh keys. Zero downtime, zero action required from you.
Every access to your data is logged: who, when, from where, what was viewed. If something looks off, you'll spot it before we do.
If we discover an incident, you hear from us within 72 hours per GDPR standards. Not 30 days later. Not via a press release. Direct email, with details.
It takes about five minutes the first time. After that, you control the device from your browser — forever.
If it's your own phone or your child's, you're set. For company-issued devices, make sure the employee has signed the standard monitoring notice. Two-minute check, then you're clear.
Grab the device for five minutes. Install TheOneSpy, sign in to your account, and grant the permissions it asks for. That's it — you won't need physical access again.
Open your TheOneSpy dashboard in any browser. The feature shows up under your devices and works without you touching the phone or computer again.
A few moments where this specific feature earns its place in the dashboard.
Multiple TheOneSpy accounts on one household phone, each with its own encrypted vault. Your sister-in-law can't see your monitoring data. You can't see hers. The hardware doesn't matter; the encryption boundary does.
Finance. Healthcare. Legal. Sectors with hard data-protection rules. Our security stack covers the standard frameworks: SOC 2 Type II, HIPAA-aligned controls, GDPR-compliant retention. Compliance officers approve without redlining.
Account takeover would be catastrophic. Two-factor authentication blocks 99.9% of credential-stuffing attacks. Anomaly detection flags logins from unusual locations. Emergency lockdown freezes everything with one click.
Coverage varies by operating system. Full parity isn't always possible — each OS handles third-party access differently.
If something else is on your mind, hit Contact Support — we usually reply within a few hours.
AES-256 for files at rest. TLS 1.3 for data in transit. RSA-4096 for key exchange. The same combination NIST recommends for government data classified at the Top Secret level.
You, via your dashboard login. Two senior engineers hold break-glass admin access for support emergencies. Their access is audited, logged, and reviewed monthly. Nobody else, not customer service, not sales.
AWS us-east-1 (Virginia), eu-central-1 (Frankfurt), and ap-southeast-1 (Singapore) by default. Enterprise customers can request specific regions, sovereign clouds, or on-premises deployments.
For stored data, effectively yes. Your dashboard decrypts blobs in your browser using session-derived keys. The server stores encrypted material it cannot read without your authentication.
We assume it will happen one day, and prepare accordingly. Encrypted-at-rest data is useless without keys. Keys are isolated per account. A successful intrusion exposes opaque blobs, not your activity logs.
Never. We don't run ads. We don't sell aggregate data. We don't share with third parties except under valid lawful subpoenas, which we challenge when scope is overbroad. Our transparency report is published annually.
Yes, available to Enterprise customers under standard NDA. Request through your account manager or support. Reports are issued annually with quarterly reviews.
Reset via email plus 2FA recovery codes set during onboarding. Without those, recovery isn't possible. The encryption protecting you from attackers also prevents us bypassing it. Save your recovery codes.
Plans from $18/mo. SOC 2 Type II available for Enterprise. Setup in 5 minutes.
