1. Summary
Zen Passwords is designed so your master password and decrypted vault never leave your device. We do not receive, store, or have the ability to recover your master password. Vault data is encrypted on your device before any optional sync.
2. What we collect
The app may process data you enter (logins, notes, card metadata, attachments, etc.) locally on your device. If you enable optional iCloud sync, encrypted data may be stored in your private CloudKit database associated with your Apple ID, subject to Apple's terms and your iCloud settings. We do not operate our own servers for your vault contents.
3. Encryption
Zen Passwords uses strong on-device encryption (including AES-256-GCM) and Argon2id for key derivation, as described in the app and on our marketing pages. Without your master password, encrypted data cannot be meaningfully read.
4. Analytics and ads
Zen Passwords is built without ads and without selling your vault. Any product analytics, if used, are limited to what is described in the app settings and App Store privacy details and do not include your decrypted passwords or secure note contents.
5. Contact
Questions about this policy: hello@zenproducts.ai