PassVault Privacy Policy
PassVault respects your privacy. This Privacy Policy explains how the PassVault Android application ("PassVault", "the App", "we", "us", or "our") accesses, processes, stores, uses, shares, and protects user data. PassVault is designed as a local-first password vault: it does not request the Android INTERNET permission, does not provide a developer-hosted cloud sync account, does not integrate advertising SDKs, and does not integrate analytics or crash reporting SDKs. Core vault data is stored on your device by default and encrypted at rest.
- Developer and Contact
- Types of Data We Process
- Data We Do Not Collect or Share
- Permissions
- Prominent Autofill Disclosure
- Data Security and Encryption
- Data Retention and Deletion
- Backups, Imports, and User-Initiated Sharing
- Your Privacy Rights (GDPR, UK GDPR, CCPA/CPRA)
- Children's Privacy
- Third-Party Services
- International Users
- Google Play Data Safety Disclosure
- Updates to This Policy
- Contact Us
1. Developer and Contact
This Privacy Policy applies to the app named PassVault on Google Play. The data controller for the limited data described below is the developer of PassVault. Privacy questions, data subject requests, and child privacy concerns may be sent to:
- Email: ruiwanghello@gmail.com
To help us respond efficiently, please include the app name (PassVault), your device model, your Android version, and a clear description of your request.
2. Types of Data We Process
PassVault processes data locally on your device when you enter, import, generate, copy, back up, restore, or save it through autofill. Except for platform services such as Google Play Billing, the App itself does not upload your vault data to developer servers.
| Data type | Purpose | Storage and sharing |
|---|---|---|
| Vault entries: item names, usernames, passwords, URLs, app package names, notes, categories, and icon identifiers | To save, search, display, copy, autofill, and back up your password records | Encrypted at rest in a local SQLCipher database on your device; not uploaded by the App to developer servers |
| Master password verification data and database key material | To unlock your local vault and protect the local database | The master password is never stored in plaintext or transmitted off-device. Verification uses a key derivation function (PBKDF2/Argon2-class) and Android Keystore-protected key wrapping. We cannot recover your master password. |
| Biometric unlock setting and system authentication result | To unlock the App via Android BiometricPrompt after you enable it | The App never receives or stores raw fingerprint, face, or other biometric templates. Biometric data is managed by the Android system and never leaves the device's secure hardware. |
| Autofill-related form structure: field hints, website domains, app package names, and the username/password fields you choose to fill or save | To identify login forms, match vault entries, fill credentials, generate passwords, or save new credentials after your confirmation | Processed transiently in-memory on your device; written to your local vault only when you confirm saving |
| Password generator settings and generation history | To generate random passwords and let you view or reuse local generation history | Stored locally on your device; not uploaded by the App to developer servers |
| Subscription status, product identifiers, purchase time, purchase token, and related information returned by Google Play Billing | To verify and display Pro entitlement, restore purchases, and manage subscription state | Google Play processes the payment; the App stores the minimum subscription state needed to gate Pro features locally. Payment and account data are handled by Google under Google's policies. |
| App settings: theme, auto-lock duration, biometric unlock toggle, autofill toggle, and backup preferences | To remember your local preferences and provide App features | Stored locally on your device |
3. Data We Do Not Collect or Share
The App does not declare the Android INTERNET permission. The App does not send your vault contents, master password, generated passwords, autofill fields, usage analytics, crash logs, advertising identifiers, contacts, SMS, call logs, precise location, camera data, microphone data, or installed-app inventory to developer servers.
We do not sell or "share" (as defined under California law) personal or sensitive user data, do not use your vault data for advertising, do not use your vault data to train models, and do not share your personal data with data brokers.
4. Permissions
- Autofill service (BIND_AUTOFILL_SERVICE): Used only after you enable PassVault as your Android autofill service in system settings. Lets the App read login form structure to suggest, fill, or save credentials.
- Biometric (USE_BIOMETRIC): Used only after you enable biometric unlock to invoke Android BiometricPrompt. PassVault never receives raw biometric data.
- Billing (com.android.vending.BILLING): Used to offer in-app purchases and subscriptions through Google Play Billing.
- POST_NOTIFICATIONS (Android 13+): Used only to deliver local reminders such as auto-lock notices. No remote push.
- No INTERNET permission: The current version does not declare
android.permission.INTERNET, which means the App itself cannot use standard Android networking APIs to send data to developer servers.
5. Prominent Autofill Disclosure
When you enable autofill, PassVault accesses login form structure, field hints, website domains, or app package names while you interact with login forms. This enables PassVault to find matching vault entries, fill usernames and passwords, generate passwords, or save new login credentials after your confirmation. This data is used solely to provide on-device autofill and autosave features and is not uploaded by the App to developer servers. You can disable autofill at any time through Android system settings.
6. Data Security and Encryption
PassVault stores vault data in an encrypted local SQLCipher database (AES-256 in CBC/HMAC mode) keyed from your master password through a memory- and CPU-hard key derivation function. Key material is additionally protected using Android Keystore-backed wrapping where supported by the device. Encrypted preferences are used for sensitive small-value settings.
Backup files are produced only when you explicitly export them and are encrypted with the backup password you choose. Sensitive screens use FLAG_SECURE screenshot protection and recent-tasks masking where practical to reduce exposure through screenshots or system previews. Clipboard copies of sensitive values are auto-cleared on a short timer.
No security measure is absolute. Your overall security depends on your device security, operating system version, device unlock method, master password strength, backup handling, and third-party app environment.
7. Data Retention and Deletion
Vault data, settings, and generation history remain on your device until you delete them in the App, overwrite them through import, uninstall the App, clear App data, or the operating system removes them. PassVault does not provide a developer-hosted cloud account, so there is no remote vault for us to delete on your behalf.
How to delete your data
- Per-entry: Delete individual entries in the App.
- All app data: Android Settings → Apps → PassVault → Storage → Clear data.
- Full removal: Uninstall PassVault from your device.
Before deletion, confirm whether you need an encrypted backup. After deletion, we cannot recover your local vault. Because the App does not send data to our servers, no separate request to the developer is required for data deletion; for completeness, you may still email us at ruiwanghello@gmail.com to confirm there is no server-side data to delete in your case.
8. Backups, Imports, and User-Initiated Sharing
When you export a backup, the backup file is created on your device and you choose where to store or share it. If you upload the file to cloud storage, send it to someone, store it externally, or import it into another environment, that handling may be governed by the third-party service or system location you choose. Please protect both backup files and backup passwords carefully — anyone with both can decrypt your vault.
9. Your Privacy Rights (GDPR, UK GDPR, CCPA/CPRA)
Because PassVault stores data locally on your device and does not transmit personal data to developer servers, you maintain direct control over the data at all times. To the extent applicable laws grant you rights such as the right to access, rectify, delete, restrict, port, or object to processing, you can exercise most of these rights yourself by viewing, editing, exporting, or deleting data within the App.
Legal basis (EEA/UK): Where any limited processing applies, our legal bases are (i) performance of the agreement to provide the App (Article 6(1)(b) GDPR), (ii) your consent for optional features such as autofill and biometric unlock (Article 6(1)(a)), and (iii) our legitimate interest in securing and improving the App (Article 6(1)(f)).
California residents (CCPA/CPRA): We do not sell or share personal information for cross-context behavioral advertising. We have not "sold" personal information in the preceding 12 months. Categories of personal information processed are limited to those listed in Section 2 above.
You have the right to lodge a complaint with your local data protection authority. To exercise rights or ask questions, email ruiwanghello@gmail.com. We do not discriminate against users who exercise their privacy rights.
10. Children's Privacy
PassVault is intended for general users aged 13 and older who need to manage their own credentials. It is not directed to children under 13, and we do not knowingly collect personal information from children under 13 (or the equivalent minimum age in your jurisdiction). If a parent or guardian believes a child has provided personal information through the App, please contact ruiwanghello@gmail.com and we will assist with appropriate steps.
11. Third-Party Services
The App uses Google Play Billing for subscriptions and one-time purchases. Payment, taxes, refunds, account information, and payment details are processed by Google Play and are subject to Google's terms and privacy policies (see policies.google.com/privacy). PassVault does not directly receive your full card number, payment account credentials, or payment credentials.
The App is built with open-source Android libraries (such as AndroidX, Jetpack Compose, Hilt, SQLCipher). These libraries run on-device and do not transmit personal data to the developer.
12. International Users
Because core App data is stored locally on your device by default, we generally do not transfer your vault data across borders. If you use Google Play, device backup, cloud storage, or other third-party services, related data processing and international transfers may be determined by those services. For users in the EEA, UK, or Switzerland, where Google or you transfer data internationally, appropriate safeguards (such as the EU Standard Contractual Clauses) are applied by the relevant provider.
13. Google Play Data Safety Disclosure
For alignment with the Google Play Data Safety form, we summarize:
- Data collected by the developer: None. The App does not transmit personal or sensitive user data off the device.
- Data shared with third parties: None by the App. Google Play independently processes purchase information you submit during checkout.
- Data processed on-device only: Vault entries (account credentials), app activity related to autofill, and app preferences — as detailed in Section 2.
- Encryption in transit: Not applicable; the App does not transmit your data.
- Encryption at rest: Yes — local database encrypted with SQLCipher (AES-256), key material protected by Android Keystore where supported.
- Data deletion: Users can delete all data on-device at any time (Section 7).
- Independent security review: The encryption stack relies on widely reviewed open-source components (SQLCipher, AndroidX Security Crypto, Android Keystore).
14. Updates to This Policy
We may update this Privacy Policy due to product changes, security requirements, legal requirements, or Google Play policy changes. Updated policies will be posted on this page and identified by the effective date above. If a material change affects your core privacy rights, we will make reasonable efforts to provide notice through the App, the store listing, or another appropriate channel before the change takes effect.
15. Contact Us
If you have questions about this Privacy Policy, data handling, or local data deletion, please contact:
- Email: ruiwanghello@gmail.com