Privacy Policy

Last Updated: January 25, 2026

🔐 Zero-Knowledge Architecture

AegisZero is built on a zero-knowledge architecture. This means we fundamentally cannot access your passwords, secrets, or sensitive data. All encryption and decryption happens on your device before any data reaches our servers.

Even if our servers were compromised, your encrypted data would remain completely secure and unreadable without your master password.

1. Information We Collect

1.1 Account Information

Email Address: Used as your account identifier and as cryptographic salt for key derivation
Authentication Password Hash: A hashed version of your password (using Argon2) for server authentication only. This is NOT your master encryption password
RSA Public Key: Your public key for enabling secure sharing with other users
Encrypted RSA Private Key: Your private key, encrypted with your master password before storage

1.2 Encrypted Data (We Cannot Read This)

Vault Items: Titles, passwords, usernames, URLs, notes, and custom fields - all encrypted client-side
File Attachments: Encrypted file data (up to 1MB per file)
Personal Notepad: Your encrypted scratchpad content
2FA Secrets: TOTP secrets and backup code hashes, encrypted with your master password

1.3 Technical & Security Data

IP Addresses: Logged for security monitoring and fraud prevention
Device Information: Device name (optional, user-provided), device type (auto-detected from User-Agent)
Session Data: Active login sessions with timestamps and activity tracking
Audit Logs: Security events including login attempts, 2FA usage, share operations, and account changes
KDF Settings: Your key derivation function preferences (PBKDF2 or Argon2id parameters)

1.4 Data We Explicitly Do NOT Collect

Your master password (never transmitted to our servers)
Your encryption keys (derived on your device only)
Plaintext passwords, secrets, or notes
Browsing history outside of the AegisZero application
Third-party analytics or tracking cookies

2. How We Use Your Information

2.1 Essential Service Operations

Authentication: Verifying your identity when you log in
Data Storage: Storing your encrypted vault items, shares, and settings
Sharing Features: Enabling secure zero-knowledge sharing between users via public key cryptography
Session Management: Tracking active login sessions across your devices

2.2 Security & Fraud Prevention

Rate Limiting: Preventing brute force attacks (5 requests/minute on authentication endpoints)
Account Lockout: Auto-locking accounts after 5 failed login attempts
Audit Logging: Tracking security events for monitoring unauthorized access attempts
IP Monitoring: Detecting suspicious login patterns

2.3 Service Improvements

Performance Optimization: Analyzing system performance metrics (not user data)
Security Updates: Implementing security best practices and patches

3. Data Sharing & Disclosure

We do not sell, rent, or trade your information to third parties. Ever.

3.1 User-Initiated Sharing

When you explicitly share a vault item with another AegisZero user:

The item data is encrypted with a random symmetric key
This key is then encrypted separately with both your and the recipient's RSA public keys
We store these encrypted blobs but cannot decrypt them
You can revoke access at any time

3.2 Legal Requirements

We may disclose encrypted data if required by law, court order, or government regulation. However, due to our zero-knowledge architecture:

We cannot decrypt your vault data
We can only provide encrypted blobs and account metadata
Your data remains protected by your master password

4. Data Retention

Active Accounts: Data retained as long as your account is active
Deleted Accounts: All data permanently deleted within 30 days of account deletion
Expired Sessions: Automatically cleaned up every 24 hours
Blacklisted Tokens: Removed after expiration (7 days for refresh tokens)
Audit Logs: Retained for 90 days for security monitoring

5. Your Rights & Controls

5.1 Data Portability (GDPR Compliance)

You can export all your account data at any time:

Navigate to your account settings and select "Export Data"
Receive a timestamped ZIP file containing all your information
Includes vaults, items, shares, sessions, audit logs, and more
All encrypted data remains encrypted in the export

5.2 Account Deletion

You can delete your account at any time:

Self-service deletion available in account settings
All data (encrypted and metadata) permanently deleted
Shares you created will be revoked
Shares received from others will be removed
No grace period - deletion is immediate and irreversible

5.3 Session Management

View all active sessions across your devices
Revoke individual sessions remotely
Revoke all sessions except current (security feature)
Rename device sessions for easier identification

5.4 Security Settings

Enable/disable two-factor authentication (2FA)
Generate new 2FA backup codes
Update KDF settings for stronger encryption
Review audit logs of account activity

6. Security Measures

6.1 Client-Side Encryption

AES-256-GCM: Industry-standard authenticated encryption for all data
PBKDF2: 600,000+ iterations (OWASP 2025 compliant) for key derivation
Argon2id: Optional memory-hard, GPU-resistant key derivation
RSA-2048: Public key cryptography for secure sharing

6.2 Server-Side Protection

HTTPS/TLS: All communications encrypted in transit
JWT Tokens: Secure, rotating authentication tokens
Token Blacklisting: Instant revocation of compromised tokens
PostgreSQL: Secure, reliable database with proper access controls
Rate Limiting: Protection against brute force attacks
Account Lockout: Automatic protection after failed login attempts

6.3 Infrastructure Security

Self-hosted on secure, monitored servers
Regular security updates and patches
Automated daily backups (encrypted data only)
Firewall protection and intrusion detection

7. Cookies & Tracking

AegisZero does not use cookies for tracking or analytics.

No third-party analytics (Google Analytics, etc.)
No advertising networks or trackers
No social media pixels
Authentication handled via JWT tokens (not cookies)

8. Children's Privacy

AegisZero is not intended for use by individuals under the age of 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

9. International Data Transfers

AegisZero is self-hosted and data is stored on servers located in the United Kingdom. If you access our service from outside the UK:

Your encrypted data will be transferred to and stored in the UK
All data remains encrypted with keys we don't possess
We comply with GDPR and international data protection standards

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

The "Last Updated" date at the top will be revised
Material changes will be communicated via email
Continued use of the service constitutes acceptance of changes

11. Contact Us

If you have questions about this Privacy Policy or your data:

Email: privacy@aegiszero.co.uk
Data Protection: Your right to privacy is our top priority

🛡️ Our Commitment to Your Privacy

Zero-knowledge architecture isn't just a feature - it's our fundamental design principle. We built AegisZero so that even we cannot access your secrets. Your master password never leaves your device, and your data remains encrypted at all times.

Your privacy is not negotiable. It's guaranteed by mathematics.

AegisZero - Zero-Knowledge Secrets Manager