Privacy Policy

1. Introduction

At Arckeys, we prioritize your privacy and data security. This Privacy Policy details how we handle information in connection with our password manager and digital vault application, website, and browser extensions.

2. Zero-Knowledge Architecture

We operate under a zero-knowledge security model. All data stored in your vault (including usernames, passwords, credit card numbers, secure notes, and document attachments) is encrypted client-side on your device before sync. We do not have access to your decryption keys or master secrets. As a result, we cannot access, read, or share your vault data under any circumstances.

3. Information We Collect

We only collect the minimum information required to operate the service:

• Account Metadata: Your email address, account settings, and subscription status.
• Device & Session Data: Cryptographic identifiers of registered devices/extensions and session timestamps to prevent unauthorized access.
• Encrypted Blobs: The client-side encrypted vault payload (which is unreadable to us).

4. How We Use Information

We use account metadata solely to maintain your account status, authenticate your sign-in requests, process billing (via secure third-party processors), and provide customer support. We do not track, sell, or rent your personal metadata.

5. Data Sharing & Third Parties

Because your vault contents are encrypted with key material we do not possess, it is cryptographically impossible for us to share your passwords, cards, or notes with government agencies, law enforcement, or any other third parties.

6. Contact Us

If you have any questions or concerns regarding this privacy policy, please contact us at support@arckeys.com.