Privacy Policy

Your privacy is our top priority. Learn how we protect your data.

Last updated: October 23, 2025

Our Privacy Commitment

Zero Knowledge Architecture

We cannot see, access, or decrypt your passwords and personal data.

End-to-End Encryption

All your data is encrypted on your device before reaching our servers.

No Data Sharing

We never share, sell, or monetize your personal information.

Information We Collect

Account Information

  • Email Address: Used for account creation, authentication, and important security notifications
  • Account Preferences: Settings and preferences you configure in your account
  • Subscription Information: Billing details for premium features (processed securely by our payment partners)

Encrypted Vault Data

  • Password Vault: Your encrypted passwords, notes, and secure information
  • Vault Metadata: Encrypted folder structures and organization data
  • Device Information: Device names and types for sync purposes (encrypted)

Important: All vault data is encrypted with AES-256 encryption using your master password. We cannot decrypt or access this information.

Usage Analytics

  • App Usage: Anonymous feature usage statistics to improve our service
  • Performance Data: Crash reports and performance metrics (no personal data included)
  • Security Events: Login attempts and security-related activities for your protection

How We Use Your Information

Service Delivery

  • Provide password management services
  • Sync your encrypted data across devices
  • Process your account requests

Security & Protection

  • Detect and prevent security threats
  • Monitor for unauthorized access
  • Send security alerts and notifications

Service Improvement

  • Analyze usage patterns (anonymized)
  • Improve app performance and features
  • Fix bugs and technical issues

Communication

  • Send important service updates
  • Provide customer support
  • Deliver security notifications

How We Protect Your Data

On Your Device

Your master password is used to encrypt all data locally using AES-256 encryption before it leaves your device.

During Transit

All data is transmitted over secure HTTPS connections with TLS 1.3 encryption for additional protection.

On Our Servers

Data remains encrypted at rest in our ISO 27001 certified data centers with military-grade security.

Zero Knowledge

We never have access to your master password or decryption keys. Only you can decrypt your data.

Data Sharing & Third Parties

Your Privacy Rights

Access Your Data

Request a copy of all personal data we have about you

Correct Your Data

Update or correct any inaccurate information in your account

Delete Your Data

Request complete deletion of your account and all associated data

Export Your Data

Download your data in a portable format to move to another service

Restrict Processing

Limit how we process your personal information

Withdraw Consent

Opt out of data processing where we rely on your consent

Data Retention

Active Accounts

We retain your encrypted data as long as your account is active and you continue using our service.

Inactive Accounts

Accounts inactive for more than 2 years may be deleted after appropriate notice.

Account Deletion

When you delete your account, all data is permanently removed within 30 days.

Legal Requirements

Some data may be retained longer if required by law or for legitimate business purposes.

Children's Privacy

Age Restriction

PassEnc is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

International Data Transfers

Global Service

PassEnc operates globally and your encrypted data may be stored and processed in various countries where we have servers and data centers.

Protection Standards

Regardless of location, your data is always protected by the same high standards of encryption and security measures outlined in this policy.

Contact Us

Privacy Questions

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: privacy@passenc.com
  • Privacy Officer: privacy-officer@passenc.com

Response Time

We are committed to addressing your privacy concerns promptly:

  • General inquiries: Within 48 hours
  • Data requests: Within 30 days
  • Security issues: Within 24 hours

Policy Updates

Notification of Changes

We may update this Privacy Policy from time to time. When we make significant changes, we will:

  • Notify you via email (if you have an account)
  • Display a notice in the app
  • Update the "Last Updated" date at the top of this policy

Your Continued Use

Your continued use of PassEnc after any changes to this Privacy Policy constitutes your acceptance of the updated policy. If you disagree with any changes, you may delete your account at any time.