VaultKeepR
English·Français

Privacy Policy

Last updated: May 2026

1. Overview

VaultKeepR is a zero-knowledge password manager. All encryption and decryption happens on your device. We have designed the Service to collect as little data as possible. This policy describes what data is processed when you use specific features.

2. Data we never have access to

By design, the following data never leaves your device and we cannot access or recover it:

  • Your master password.
  • Your wallet private keys or NFC hardware seed.
  • Your locally managed Passkey data.
  • The plaintext contents of your vault (passwords, usernames, secure documents, notes, TOTP secrets, identities, cards).
  • Websites you visit or credentials you autofill (the extension processes this 100% locally).
  • Your browsing history or page content.

3. Data we process (only when you use specific features)

We do not use cookies, analytics, or tracking. The only data we process is data you explicitly send to our server when you use one of the following features:

  • Vault sync (IPFS): if you enable sync, we store a mapping of your public wallet address to the latest IPFS content identifier (CID) and a timestamp. The vault itself is encrypted and stored on IPFS — we only keep the pointer, not the data.
  • Wallet signatures: when you update your vault CID or perform authenticated actions, we verify your wallet signature to confirm you are the address owner. Signatures are checked and discarded — they are not stored.
  • Email aliases: if you create forwarding aliases, we store the alias address, your real destination email, optional labels, and wallet linkage in our database so that mail can be routed. This is personal data.
  • Fragmented recovery: if you use fragmented backup, we store a recovery manifest keyed by a hash you provide, with references (CIDs) to encrypted shards. We cannot reconstruct your vault without your recovery information.
  • Premium payments: payments are handled entirely by Stripe or Apple. We receive only a customer identifier and subscription status from the payment processor — we never see your card details or billing address.
  • Secure Documents: documents are fragmented and encrypted locally before being uploaded to IPFS. We do not have access to your plaintext documents.
  • Scan tools and Breach Scanner: all scans operate locally or use k-anonymity to query public breach databases without revealing your passwords.
  • Contact form: if you contact us, we receive the information you choose to send.
  • Cloud storage (S3): if you use encrypted cloud storage, files are encrypted on your device before upload. We store encrypted blobs keyed by content-addressable identifiers. We cannot read, decrypt, or access your stored files. Storage quotas are enforced based on your subscription plan.
  • Quick Share: when you share credentials via Quick Share, an encrypted payload is uploaded with a random identifier. The payload is end-to-end encrypted and automatically expires. We cannot read the shared data.
  • TOS AI Analysis: when the extension detects a Terms of Service or Privacy Policy link on a page, it fetches the legal text and sends the extracted content to a lightweight AI model for summarization. Only the publicly available legal text is transmitted — no credentials, vault data, browsing history, or personal information is sent. The analysis results are displayed locally and are not stored.
  • Cryptocurrency payments: if you pay with crypto (BTC, ETH, SOL, USDC), we generate a unique deposit address from an HD wallet. We receive and verify the on-chain transaction. No personal information is collected or required for crypto payments beyond the blockchain transaction itself.

4. Browser extension

The extension accesses web pages to detect login fields and fill credentials. All processing is 100% local. No page content, credentials, browsing data, or autofill activity is ever sent to our servers. The only network requests the extension makes are those you explicitly trigger: vault sync, alias management, or premium features.

5. Decentralised storage (IPFS) and public networks

Content uploaded to IPFS or similar systems may be replicated across nodes and referenced by CIDs. Even when encrypted, metadata (timing, size, CID relationships) may be observable. You choose whether to use these features and should assess residual risks (e.g. future cryptanalysis, misconfiguration exposing keys).

6. Purposes and legal bases (EEA / UK)

Where GDPR applies, we rely on appropriate bases such as: performance of a contract (providing the Service you request); legitimate interests (security, abuse prevention, product improvement, analytics that do not override your rights); and consent where required (e.g. certain cookies or marketing, if offered). Payment processing is necessary to perform premium subscriptions.

7. Retention

We retain information only as long as needed for the purposes above, legal obligations, dispute resolution, and enforcement of agreements. Technical logs may be rolled on a short cycle. Wallet-linked registry data persists until you delete or overwrite it via the product flows. Alias and billing records may be retained longer where required for legal or accounting reasons.

8. Sharing and processors

We use subprocessors (hosting, database, email delivery, payment, blockchain RPC, IPFS infrastructure, error monitoring) who process data on our instructions. We do not sell your personal data. We may disclose information if required by law or to protect rights, safety, and integrity of the Service.

9. International transfers

Our providers may process data in countries outside your own, including outside the EEA. Where required, we use appropriate safeguards (e.g. Standard Contractual Clauses) in agreements with processors.

10. Your rights and Account Deletion

Depending on your location, you may have rights to access, rectify, erase, restrict, or port certain personal data, and to object to certain processing. You may withdraw consent where processing is consent- based.

Account Deletion: Account deletion is extremely easy and instant. You can delete your account and all associated data with a single click from the Settings menu in the app. No emails or support requests are required to delete your account.

To exercise other rights, contact us using the channels on the website or app. You may also lodge a complaint with a supervisory authority.

11. Children

The Service is not directed at children under the age where parental consent is required for data processing in your region. We do not knowingly collect personal data from such children.

12. Changes

We may update this Privacy Policy. The "Last updated" date will change. For material changes, we will provide notice as appropriate. Continued use after the effective date constitutes acceptance unless applicable law requires otherwise.

13. Operator

VaultKeepR is operated by an independent developer based in France. Detailed legal identification information is available upon explicit written request sent to the contact address below.

14. Contact

For privacy-related requests or questions, contact us at [email protected] or through the channels indicated on the main website.

Terms of ServiceDocumentationSecurity← Back to home