This Privacy Policy explains how PassVault ("we", "us", the "App") handles
your information. PassVault is a password manager designed so that your
sensitive data stays private — including from us.
The short version: Your vault is end-to-end encrypted on
your device with your master password. We store only the encrypted result
and cannot read it. We never sell your data.
1. Information We Collect
- Account information. Your email address and, for
password-based accounts, a securely hashed version of your account
password. We never store your account password in plain text.
- Sign in with Apple. If you sign in with Apple, we
receive a unique Apple account identifier and your email address — which
may be an Apple "private relay" address that forwards to your real inbox.
We never receive your Apple password, and Apple-based accounts have no
password stored with us.
- Vault data (encrypted). The entries you save (logins,
notes, etc.) are encrypted on your device using a key derived from your
master password before they are sent to our servers. We store only this
ciphertext. Your master password and encryption key never leave
your device, so we cannot read, recover, or decrypt your vault.
- Subscription status. Purchases are processed by Apple.
Through our subscription provider (RevenueCat) we receive your subscription
state (e.g. active or expired) and a pseudonymous account identifier. We do
not receive your full payment-card details.
- Technical data. Standard server logs such as IP
address and request timestamps, used to operate and secure the service.
2. How We Use Your Information
- To create and authenticate your account.
- To store and synchronize your encrypted vault across your devices.
- To manage your subscription and premium features.
- To maintain the security, integrity, and reliability of the service.
3. How Your Data Is Protected
- End-to-end encryption of vault contents (encrypted on-device).
- Account passwords stored only as salted hashes.
- All data transmitted over encrypted connections (HTTPS/TLS).
4. Sharing and Disclosure
We do not sell your personal information. We share data only with service
providers strictly necessary to run the App:
- Hosting provider — stores your account and encrypted vault.
- Apple — processes subscription payments and, if you
choose it, provides Sign in with Apple authentication.
- RevenueCat — manages subscription entitlements.
We may also disclose information if required by law.
5. Data Retention and Deletion
We retain your data while your account is active. You can permanently
delete your account and all associated data at any time from within the app
(Settings → Delete Account), or by contacting us at the email below. Because
your vault is encrypted with your master password, deletion permanently
removes the only stored copy from our servers.
6. Your Rights
Depending on your location, you may have the right to access, correct,
export, or delete your personal data. To exercise these rights, contact us at
the address below.
7. Children
PassVault is not directed to children under 13 (or the minimum age
required in your country), and we do not knowingly collect their data.
8. Changes to This Policy
We may update this Policy from time to time. Material changes will be
reflected by updating the "Last updated" date above.
9. Contact
Questions or privacy requests:
hilalbalci604@gmail.com