Draft — pending legal review. This page is a factually-grounded starting point, not a lawyer-reviewed legal document. Do not treat it as final before launch.
Privacy Policy
Last updated: Draft
The short version
Credensy is built so that we technically cannot read the contents of your vault — not your passwords, not your notes, not your keys. Everything inside your vault is encrypted on your device before it's ever sent to us, using a key that's derived from your master password and never leaves your device. We store and sync encrypted data; we do not, and cannot, decrypt it.
What we do collect
Outside your encrypted vault contents, we collect a limited set of account and device information:
- Your email address, used to identify your account.
- Cryptographic material needed to verify your identity and unwrap your vault key — a salted hash, never your actual password.
- Device metadata: a device identifier, name, platform, and the approximate IP-based location (country/city) of recent logins, used to show you your own device list and to flag logins from unfamiliar locations.
- Basic operational logs (timestamps, request outcomes) for security monitoring and abuse prevention.
What we never see
- Your master password.
- The contents of any vault item — logins, notes, keys, wallet seed phrases, or anything else you store.
- Your Recovery Key.
How we use what we collect
Account and device information is used solely to operate the service: authenticating you, syncing your encrypted vault across your devices, showing you your device list, and detecting suspicious account activity (like a login from a new location). We do not sell your information, and we do not run advertising or analytics tracking on this data.
Third parties
Location information is derived entirely from a local, offline IP-geolocation database we run ourselves — your IP address is never sent to a third-party geolocation service. The one optional exception in the product is the breach-check tool in Tools, which is opt-in and sends only the first 5 characters of a SHA-1 hash of a password you're checking to a third-party API — never the password or the full hash, and never anything from your saved vault items unless you explicitly paste it in to check.
Data retention and deletion
Your encrypted vault data and account information are retained for as long as your account is active. Deleting your account removes your account record and vault data from our systems.
Contact
Questions about this policy can be sent to support@credensy.io.