Privacy Policy

Last Updated: July 3, 2026

Welcome to KeySafe. Your privacy and data security are our top priorities. This Privacy Policy explains how we collect, use, and protect your information when you use our mobile application.

1. Information We Collect

KeySafe is designed to minimize data collection. We categorize the data handled as follows:

  • Sensitive Personal Data: This includes your passwords, bank account details, government IDs, secure notes, saved locations, and memories. All such data is encrypted locally on your device using AES-256-GCM encryption before being saved.
  • Location Data (Optional): If you use the Location feature and tap "Use current location", the app reads your device's current GPS coordinates (latitude, longitude, and altitude) solely to fill in a location entry you are creating. This happens only at your explicit request — we never collect your location in the background or track your movements. Like all other vault data, these coordinates are encrypted on your device and are never transmitted to us or any third party. You may also enter or edit coordinates manually without granting location access.
  • Authentication Data: We use Google Sign-In for authentication and to facilitate cloud backups.
  • Cookies (Web Application): We use strictly necessary cookies exclusively for authentication and session management to keep you securely logged in to the web application. We do not use cookies for tracking, analytics, or advertising purposes.
  • Device Information: We may collect non-identifiable device information (such as OS version and device model) to improve app performance and for crash reporting via Firebase.

2. Data Encryption and Storage

We follow a "Zero-Knowledge" architecture:

  • Local Storage: Your data is stored in a secure Room database on your device, protected by the Android Keystore system.
  • Encryption: Data is encrypted with a master key derived from your secure PIN. We do not store your PIN on any server.
  • Cloud Backup: If you enable the backup feature, encrypted vault files (including keysafe_data.enc) are uploaded to a keysafe_backup folder in your private Google Drive account. We cannot access the contents of these files.

3. Third-Party Services

KeySafe uses the following third-party services which may collect information used to identify you:

  • Google Play Services: Used for app functionality and authentication.
  • Google Drive API: Used exclusively for storing and retrieving your encrypted backup file.
  • Google AdMob: We show advertisements to keep the app free. AdMob may use device identifiers to serve personalized or non-personalized ads based on your consent settings.
  • Firebase Analytics/Crashlytics: Used to monitor app stability and usage patterns to provide a better user experience.

4. Your Rights and Control

You have full control over your data:

  • Access and Export: You can view all your stored data within the app.
  • Deletion: You can delete individual items or clear all data by uninstalling the app. You can also manually delete the keysafe_backup folder from your Google Drive at any time.
  • Permissions: You can revoke camera, storage, or location permissions via your device or browser settings at any time. The location permission is used only when you tap "Use current location"; revoking it simply means you enter coordinates manually.

5. Children's Privacy

KeySafe does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13.

6. Changes to This Policy

We may update our Privacy Policy from time to time. You are advised to review this page periodically for any changes. Changes are effective immediately after they are posted on this page.

7. Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at:
Email: hello@graypact.com