keevo
Sign in Get Keevo
Legal

Privacy Policy

Effective March 1 2026. Last updated May 5 2026. Plain English first; if you need the formal text, scroll to the end.

Contents

  1. The 60-second summary
  2. What we collect
  3. App Privacy Disclosure
  4. Your vault data
  5. Third parties
  6. Retention
  7. Your rights (GDPR / CCPA / VN PDPL)
  8. Contact

1 — The 60-second summary

We can't read your vault, so we can't sell, lose, or surrender it. We collect only what is needed to run Keevo: account identifiers, encrypted vault blobs, device and sync security metadata, billing data if you're on Pro, and opt-in or platform-provided diagnostics. We don't run ads, don't track you across apps or websites, and don't sell your data.

2 — What we collect

Account data

  • Email address (required to log in and receive sync).
  • A password-derived authentication verifier. We never receive or store your Master Password.
  • An ed25519 public key per device for sync authentication.

Billing data (Pro only)

  • Stripe handles credit cards. We see only the last 4 digits, the country, and Stripe's internal customer id.
  • Invoices for the past 7 years (legal requirement). They live in our accounting database.

Operational logs

  • Sync request timestamps + a hashed device id, kept for 14 days, used to debug sync issues.
  • Network metadata such as IP address may be processed temporarily for security, abuse prevention, and service operation. We do not use it for advertising or tracking.
  • Crash reports (opt-in only). They include a stack trace and an OS version, never vault data.

3 — App Privacy Disclosure

This section maps Keevo's practices to App Store Connect App Privacy disclosures.

Data not collected

  • Vault plaintext, plaintext passwords, your Master Password, your Secret Key, decrypted logins, notes, cards, API keys, or recovery kit contents.
  • Contacts, precise location, advertising identifiers, browsing history outside Keevo, or ad interaction data.

Data collected for app functionality

  • Email address or account identifier for sign-in, account security, service notices, and support.
  • Encrypted vault blobs/ciphertext and encrypted item metadata needed for sync.
  • Device identifier, public key, and device name for device authorization and encrypted sync.
  • Sync timestamps and security logs for abuse prevention, reliability, and account security.
  • Diagnostics and crash logs only when you opt in, when the platform makes them available, or when needed to diagnose a support request; never vault plaintext.

No tracking

  • No ads, no sale of data, and no tracking across apps or websites.
  • We do not use collected data for third-party advertising, advertising measurement, or data brokerage.

4 — Your vault data

Vault items are encrypted on your device with a key derived from your Master Password and Secret Key. The encrypted ciphertext is what we store. We have no decryption capability — not in production, not in development, not under court order.

5 — Third parties

The complete list of subprocessors. We never share with anyone else.

  • Hetzner Online GmbH — sync relay hosting, Frankfurt
  • Stripe Payments Europe — card billing
  • Postmark — transactional email (account verification, receipts)
  • Cloudflare — DNS + WAF for keevo.tuanle.dev and vault.keevo.tuanle.dev
  • Sentry (self-hosted) — opt-in crash reports only

6 — Retention

Account + vault: as long as your account exists. Delete your account and we wipe both within 30 days, including backups. Operational logs: 14 days. Billing: 7 years (legal). Crash reports: 90 days.

7 — Your rights

Under GDPR, CCPA, and Vietnam's PDPL you have the right to access, correct, delete, port, and object to processing your personal data. Email legal@keevo.tuanle.dev and we'll respond within 30 days.

8 — Contact

Keevo Co., Ltd · 16 Phố Nhà Thờ, Hoàn Kiếm, Hà Nội, Việt Nam · legal@keevo.tuanle.dev