Privacy Policy
At Gvardian Vault, we believe privacy is a fundamental human right. Our service is built on Zero-Knowledge architecture, meaning your data is yours alone.
1. Our "Zero-Knowledge" Commitment
Local Encryption
All files, passwords, and documents are encrypted on your device before they are transmitted. We never see the plaintext content.
No Master Key Storage
We do not store your master password or unencrypted recovery keys. We cannot reset your password.
"If we were ever compelled by a third party to provide your data, we could only provide an encrypted 'blob' that is unreadable without your private key."
2. Information We Collect
We collect only the minimum data necessary to provide our services:
3. Cookies and Tracking
We use only Essential Cookies required for the technical operation of the vault. We do not use third-party tracking pixels, marketing cookies, or behavioral advertising.
4. Third-Party Subprocessors
- StorageAWS / SUPABASE
- PaymentsSTRIPE / REVENUECAT
5. Regional Rights
We comply with the Texas Data Privacy and Security Act. You have the right to request access to, correction of, or deletion of the personal data we hold about you.
Our legal basis for processing your data is the performance of the contract. Data is stored in high-security environments with adequate protection.
7. Retention & Deletion
Account Deletion
Your encrypted vault data is permanently purged from our active servers within 30 days of deletion.
Inactive Accounts
Accounts inactive for more than two years may be purged following multiple email notifications.
CRITICAL: User Responsibility
Because we do not have your master password, we cannot reset it. If you lose your master password and your emergency recovery kit, your data is lost forever.
Gvardian Vault is not responsible for data loss resulting from forgotten credentials. Security is a shared responsibility.