Privacy Policy
Last updated: May 31, 2026 · Version 1.0
Quick summary · Vaultix is built on one principle: we can't see your data. Nor do we want to. This policy tells you exactly what information we handle, how and why — without unnecessary legal jargon.
If you only have 30 seconds:
- Your passwords, cards, passkeys and notes live encrypted on your device. If you sync, they travel encrypted to Firestore with a key only you know.
- Your PIN, master password and family passphrase NEVER reach our servers. If you forget them, we cannot recover them — that's why the Recovery Kit exists.
- We only collect your email if you enable cloud sync. For nothing else.
- No ads. No data sales. No trackers. The business model is the Vaultix Pro subscription.
1. Who we are
Vaultix is an application developed by Vaultix, based in Valencia, Spain, complying with the EU General Data Protection Regulation (GDPR).
Data controller contact: info@transformtoapp.com
2. What data we collect and why
2.1 Data we NEVER collect
- Your PIN (stays only on your device, hashed)
- Your master password (of the sync account)
- Your family vault passphrase
- The content of your passwords, cards, notes, passkeys or any vault item
- Your location, contacts, browsing history, advertising identifiers (IDFA), your activity outside the app
2.2 Data we collect ONLY if you choose to enable cloud sync
For your vault to sync between devices we need:
| Data | Why | Where it's stored |
| Email | Identify your sync account | Firebase Auth |
| Authentication hash | Verify it's you when you sign in | Firebase Auth |
| Encrypted blob of your vault | Store it so you can download it on other devices | Cloud Firestore |
Key note: the "authentication hash" is what we send to Firebase Auth as your "password" from Firebase's perspective. It's the result of PBKDF2 over your master password with 210,000 iterations. We never see your master password.
The "encrypted vault blob" is your entire vault passed through AES-256-GCM with a key derived from your master password. The blob is impossible to decrypt without your master password, and that key never leaves your device.
2.3 Family Vault
If you activate the family vault, we generate a public ID (not secret) that serves to locate your vault in Firestore. The family vault passphrase is generated on your device and is NEVER sent to the server. Family items are encrypted with that passphrase before being uploaded.
2.4 In-app purchases (Vaultix Pro)
Subscription management is handled by Apple via StoreKit. Vaultix only receives from Apple an "active / not active" indicator via RevenueCat. We have no access to your card, nor to your purchase history outside the app.
2.5 Diagnostics / Crashes
Starting with v1.0, if the app crashes we send a report to Firebase Crashlytics. That report does NOT include the content of your vault, your PIN, your passwords, or any identifying data about you. It only includes the error trace (which line of code failed, which device, which iOS version). You can disable sending in Settings → Privacy → Diagnostics.
3. How we protect your data
- On the device: your SQLite vault lives in the app's private storage, protected by iOS hardware encryption (NSFileProtectionComplete). Your PIN is PBKDF2-hashed before being stored. The biometric key is tied to the device's Secure Enclave.
- In transit: TLS 1.3 mandatory for all communication with Firebase. Your master password never leaves your device in plaintext.
- At rest on the server: we only store ciphertext. There is no technical way to read its content without the key you keep.
- For Family Vault: PBKDF2 derivation (210k iterations) + AES-256-GCM. The server only sees nonces and ciphertext.
4. Do we share your data with third parties?
To make the app work:
- Apple (StoreKit): manages Pro subscriptions. Apple receives your purchase, not us.
- Google (Firebase): hosts the ciphertext of your vault and account data for sync. Firebase cannot decrypt what it stores. They have their own privacy policy: firebase.google.com/support/privacy
- RevenueCat: tells us if you have an active Pro subscription. Nothing more.
For nothing else:
- We NEVER sell data to advertisers or data brokers.
- We NEVER share data with third parties for advertising.
- We do NOT use third-party analytics.
5. How long do we keep your data?
- While you have a sync account: we keep your encrypted blob until you delete it or delete the account.
- When you delete your account (Settings → Sync → Delete my account): the blob disappears from Firestore in less than 24 hours and your Auth account is deleted immediately.
- If you stop using the app without deleting your account: after 12 months of inactivity, we send you a reminder email. After 24 months of inactivity, we delete your blob automatically.
6. Your rights (GDPR)
As an EU / EEA resident you have the right to:
- Access: ask us what data we have about you.
- Rectification: change your email from the app itself.
- Erasure: Settings → Delete my account (immediate effect).
- Portability: export your vault at any time from Settings → Export.
- Objection to processing: contact info@transformtoapp.com.
- Complaint to a supervisory authority: the Spanish Data Protection Agency (aepd.es).
7. Minors
Vaultix is not directed at children under 13. We do not knowingly collect data from minors. If you discover that a child under 13 has created a sync account, contact us and we will delete it.
8. Changes to this policy
If we change this policy, we will notify you inside the app before it takes effect. The "last updated" date above always reflects the current version.
9. Contact
Email: info@transformtoapp.com
Postal address: Valencia, Spain
Data Protection Officer: info@transformtoapp.com