← Back to Avent Horizon
Privacy Policy
Last updated: November 2024
TL;DR: We don't collect, store, or transmit your data. Everything happens locally in your browser.
Our Privacy Promise
Avent Horizon Vault is designed with privacy as a core principle. We believe your data belongs to you and only you.
Data Processing
All cryptographic operations (hashing, encryption, decryption) are performed entirely client-side in your web browser using the Web Crypto API. This means:
- No server processing: Your files and data never leave your device
- No uploads: We don't have servers that receive your data
- No storage: Your vault data is stored only in your browser's IndexedDB
- No transmission: Nothing is sent over the internet
Local Storage
We use your browser's IndexedDB to store your vault items locally. This data:
- Remains on your device only
- Is not accessible to us or any third party
- Can be exported or deleted at any time by you
- Will be lost if you clear your browser data
Analytics
We do not currently use any analytics or tracking. If we add privacy-friendly analytics in the future, it will:
- Not use cookies
- Not track individuals
- Not collect personal information
- Only provide aggregate, anonymous statistics
Third-Party Services
We do not integrate with any third-party services that would have access to your data. The application is self-contained and works offline after initial load.
Security
We implement industry-standard security practices:
- AES-GCM encryption with 256-bit keys
- PBKDF2 key derivation with 600,000 iterations (OWASP 2024+ recommended)
- Cryptographically secure random number generation
- Content Security Policy headers
- HTTPS-only access
Your Rights
Since we don't collect your data, traditional data rights (access, deletion, portability) are already in your hands:
- Access: Your data is already in your browser
- Export: Use the export feature anytime
- Delete: Clear your browser data or use the delete feature
- Portability: Export as JSON and import elsewhere
Children's Privacy
Our service is not directed at children under 13. Since we don't collect personal information, we don't knowingly collect data from children.
Changes to This Policy
We may update this policy occasionally. Significant changes will be communicated through the application.
Contact
Questions about this policy? Open an issue on our GitHub repository.