Information We Collect
When you create an account, we collect your email address and an encrypted version of your vault. The encryption key is derived from your password on your device and never sent to our servers. We do not collect any personal information beyond what is necessary to provide the service.
How We Use Your Information
Your email is used solely for authentication and to associate your encrypted vault with your account. Your encrypted vault data is stored on our servers solely for the purpose of cloud backup and restoration across your devices.
Data Storage and Security
All vault data is encrypted end-to-end using AES-256-GCM before leaving your device. The encryption key is derived from your password using Argon2id and never transmitted. We have no ability to access your vault contents.
Data Sharing
We do not sell, trade, or share your personal information with third parties. Encrypted vault data may be stored on Supabase infrastructure for cloud backup functionality.
Your Rights
You may delete your account and all associated data at any time. Contact us to request data deletion. You can export your vault data at any time from the app settings.
Changes to This Policy
We may update this Privacy Policy from time to time. Users will be notified of material changes through the app.
Contact
If you have questions about this Privacy Policy, please open an issue on our GitHub repository.