Last Updated: 2025-10-27
Florentin Irimia (“I”, “me”, or “my”) operates the VaultKey mobile application (the “Service”). This page informs you of my policies regarding the collection, use, and disclosure of personal data when you use my Service.
The security and privacy of your data is the highest priority. VaultKey is designed as a local-first, privacy-focused application.
Local-Only Storage: All data you enter into VaultKey, including your Master Password, usernames, passwords, notes, and categories, is stored exclusively on your local device. This data is NEVER transmitted to or stored on any external server. I, the developer, have no access to your personal information.
Encryption: Your entire vault is encrypted on your device using the industry-standard AES-256 encryption algorithm. The key used to encrypt and decrypt your vault is derived from your Master Password using PBKDF2 with a unique salt. Your Master Password is never stored anywhere.
If you choose to enable Biometric Unlock (Fingerprint or Face ID), the application uses the native Android or iOS platform APIs to perform authentication. Your biometric data is not accessed, stored, or transmitted by the application. The application only receives a “success” or “fail” signal from the operating system.
The securely derived encryption key is stored in the device’s hardware-backed secure element (Android Keystore or iOS Keychain) for this feature to function.
I may update this Privacy Policy from time to time. I will notify you of any changes by posting the new Privacy Policy on this page.
If you have any questions about this Privacy Policy, please contact me at: florentinirimia@gmail.com