Privacy Policy for Cryptkey

Your privacy and data security are the foundation of Cryptkey. This policy explains how we handle your data with zero-knowledge architecture.

1. Zero-Knowledge Philosophy

Cryptkey is designed as a zero-knowledge password manager. This means we never have access to your passwords, your master PIN, or your encryption keys. Your data is encrypted using your PIN, and only you hold the key to decrypt it.

2. Encryption & Security

  • Industry-Standard Encryption: All vault data is secured using AES-256 encryption. Encryption keys are derived using PBKDF2 with a unique local salt, making them resistant to brute-force attacks.
  • Local Master PIN: Your encryption PIN is stored only on your device. It is never transmitted to us or any third party.
  • Biometric Security: If enabled, Cryptkey uses your device's native secure enclave (Face ID, Touch ID, or Fingerprint) to unlock your master PIN. Biometric data remains entirely within your device's secure hardware.

3. Data Storage & Sync

  • Local Storage: By default, all data is stored locally on your device using the Hive database, encrypted at rest.
  • Google Drive Backup (Opt-in): If you choose to enable cloud sync, Cryptkey creates an encrypted backup file on your own Google Drive.
    • Data is encrypted locally with your PIN before it leaves your device.
    • Google only sees the encrypted ciphertext (.ck file); they cannot read your passwords.
    • Cryptkey only requests access to its own specific backup folder, not your entire Google Drive.
  • No Central Servers: Cryptkey does not use centralized servers to store user data. Your data stays between your device and your personal cloud storage.

4. Data Loss & Recovery

  • PIN Responsibility: Because of our zero-knowledge architecture, we cannot "reset" your PIN if you forget it. Your PIN is the only key to your data. If you lose your PIN, your data cannot be recovered.
  • Offline Use: If you use Cryptkey without cloud sync, your data exists only on your device. Deleting the app or factory resetting the device without a backup will result in permanent data loss.

5. Data Control

  • Export: You can export your encrypted vault to a portable file at any time from the Settings menu.
  • Deletion: You can delete all your data and reset the app at any time. This action is irreversible.

6. Contact & Support

For questions regarding this policy or technical support, please contact us at:

cryptkey@rohankarn.com.np

7. Policy Updates

We may update this policy to reflect changes in our security practices. The latest version will always be available within the app and on our official website.