Privacy Policy

Overview

Privacy Guardian is a password manager built with privacy at its core. This policy explains what data we collect, how we use it, and how we protect it.

Data We Collect

• Account information: Email address for sign-in and account recovery.
• Encrypted vault data: Passwords, usernames, URLs, and notes are encrypted on your device before being stored. We cannot read or access your decrypted data.
• Extension usage: When you use "Save this login", the browser extension captures the URL, username, and password from the form you submitted. This is stored locally until you choose to save it to your vault.

Encryption

All vault entries are encrypted client-side using AES-256-GCM before being sent to our servers. Your master password is never transmitted. We do not have the ability to decrypt your vault.

How We Use Your Data

We use your data only to provide the password manager service: syncing your encrypted vault across devices, autofilling login forms when you choose to, and storing credentials you choose to save. We do not sell, rent, or share your data with third parties for marketing or advertising.

Browser Extension

The Privacy Guardian browser extension runs a content script on web pages to detect login forms and offer to save or autofill credentials. It only accesses form data when you submit a form (for save) or click "Fill" (for autofill). It does not record keystrokes, track browsing, or collect data beyond what is necessary for these features.

Third Parties

We use MySQL for database storage and deploy on standard hosting infrastructure. Encrypted data is stored there. We do not use third-party analytics, advertising, or tracking on our service.

Your Rights

You may delete your account and all associated data at any time. Contact us if you wish to exercise data access, correction, or deletion rights.

Contact

Questions about this policy? Reach us at [email protected] (or your preferred contact address).