Privacy Policy — Titan Password Vault

Bygurudevs.com

Effective date: 21-Aug-2025
App: Titan Password Vault (“App”)
Provider: Guru Devs intelligence (“we”, “us”, “our”)
Contact: support@gurudevs.com

Quick Summary (Plain English)

  • Offline-first: Your passwords live only on your device. We don’t run a cloud and we can’t see your vault.
  • No tracking/analytics: We do not collect analytics.
  • Crash reports are optional: If you opt in, the App may send diagnostic crash data to Firebase Crashlytics to help us fix bugs. It’s off by default, and you can switch it off anytime.
  • Backups are local: Export/import uses encrypted files you control.
  • No master password recovery: If you lose it, we cannot recover your data.

Scope

This Policy explains how we handle information when you use the App on Android or iOS. Because the App stores data locally and works offline, most information never reaches us. The only time data might leave your device is if you opt in to crash reporting, or if you contact us (e.g., email support).

Data We Do Not Collect

We do not collect, store, or process:

  • Your master password
  • Your vault contents (usernames, passwords, notes, categories, icons, etc.)
  • Behavioral analytics, advertising identifiers, or location data

We have no technical ability to access or recover your vault or master password.

On-Device Processing (Your Device, Your Control)

All encryption and decryption occur on your device:

  • Master password → Argon2id → KEK (Key Encryption Key)
  • KEK wraps a randomly generated Vault Key
  • Entries are encrypted with AES-256-GCM

We use the platform secure storage/keystore/keychain to hold wrapped keys. Clipboard copies auto-clear after ~10 seconds. Android blocks screenshots via FLAG_SECURE; iOS blurs the app-switcher snapshot. These measures reduce risk but cannot eliminate it.

Note: No method of security is 100% perfect; device compromise (malware, jailbreak/root) can defeat protections.

Data You May Choose to Share

1) Crash Reporting (Opt-In)

  • What: Diagnostic crash data (e.g., stack traces, app version, device model/OS version, timestamps, and non-sensitive logs).
  • Why: To identify and fix stability issues and improve reliability.
  • How: Sent to Firebase Crashlytics only if you opt in (during onboarding or in Settings).
  • Control: You can turn crash reporting off at any time.
  • Legal basis (EEA/UK): Your consent (withdraw any time in Settings).

2) Support Communications

  • What: Your email address and the content of your message (and any files/logs you choose to send).
  • Why: To respond to your request.
  • Legal basis (EEA/UK): Legitimate interests (to reply) or consent when you provide information voluntarily.

We do not combine support emails with crash data except to resolve your ticket.

Third Parties

If you opt in to crash reporting, diagnostic data is processed by:

  • Firebase Crashlytics (Google) — crash diagnostics only (not analytics events).

No advertising SDKs are used. No other data is shared or sold.

Permissions and Platform Features

  • Network: Only used for optional crash uploads and opening external links you request.
  • Storage / File access: To export/import encrypted backups that you initiate.
  • Secure Storage / Keychain / Keystore: To store wrapped keys.
  • Biometrics (Face ID/Touch ID, where enabled): To unlock your vault locally. Biometric data never leaves your device and is not accessible to us.
  • Clipboard: To copy fields you choose; the App clears clipboard contents after ~10 seconds.

Children’s Privacy

The App is not intended for children under 13 (or the age of digital consent in your region). We do not knowingly collect personal information from children.

Data Retention

  • On-device vault: Until you delete it.
  • Backups: You control the files; delete them when you wish.
  • Crash reports (if opted in): Retained by Crashlytics per their standard retention; we keep them only as long as needed for debugging.
  • Support emails: Retained as needed to manage your request and maintain records.

Your Rights

Depending on your region, you may have rights to access, correct, delete, or restrict processing of personal data we control (e.g., support emails or opted-in crash reports).
For on-device vault data, you control it directly on your device.

To exercise rights or withdraw crash-reporting consent, use in-app Settings or email support@gurudevs.com.

International Transfers

If you enable crash reporting or contact us, your data may be processed in countries other than yours (e.g., where our providers or email servers operate). We take steps consistent with applicable law to protect it.

Security

We use strong cryptography on device (Argon2id, AES-256-GCM) and platform secure storage. Still, no system is perfectly secure. You are responsible for maintaining device security, keeping your master password secret, and managing backups safely.

Changes to This Policy

We may update this Policy as the App evolves. We’ll update the “Effective date” and, where required, provide notice in the App.

Contact

Questions or requests: support@gurudevs.com
Legal notices: Guru Devs intelligence, [Registered Address], [Country]

Regional Notices (If Applicable)

  • EEA/UK (GDPR): Our legal bases are consent (crash reporting) and legitimate interests (support replies). You may lodge a complaint with your local supervisory authority.
  • California (CCPA/CPRA): We do not sell or share personal information for cross-context behavioral advertising. If you opt in to crash reporting, it is used only for diagnostics.
  • India (DPDP Act 2023): Where applicable, by opting in to crash reporting or contacting support, you consent to processing for those limited purposes and may withdraw consent at any time.

Similar Posts