Privacy Policy

VaultX is designed so your data stays private. Encryption happens entirely on your device. We cannot read your files, recover your password, or decrypt your keys.

What we collect

• Account information: name, username, email.
• Encrypted keys: your master key and private key after local encryption.
• Encrypted files: all uploaded content is stored only as ciphertext.
• Basic metadata: file sizes, timestamps, technical logs required for service operation.

What we do not collect

• Your plaintext files.
• Your unencrypted master or private key.
• Your password (it never leaves your device).
• Browsing or activity unrelated to VaultX usage.

How your data is used

Stored data is used only to provide account access, file sync, and core functionality. We do not sell or share user data with advertisers or external analytics providers.

Analytics

VaultX uses self-hosted Umami for anonymous analytics. It does not use cookies and does not collect personal information.

Security

• Encryption occurs on your device.
• Files are encrypted with AES-GCM.
• Keys are derived using Argon2id.
• Master and private keys are encrypted before upload.

Password recovery

VaultX cannot recover forgotten passwords. With a zero-knowledge design, losing your password means losing access to your encrypted data.

Data retention

You control your files. You may delete your data at any time. Deleted files are removed from the server and cannot be restored.

Contact

For questions about privacy, email [email protected].