keeholder-mkt

Privacy Policy — KeeHolder

Last updated: 2026-04-26.

KeeHolder does not collect personal data. There is no analytics SDK, no telemetry on database contents, and no network call from the cryptographic or database-handling code. This document explains what little data the app does touch, and where it lives.

What the app stores

For databases opened via the iOS Files app, the KDBX file is not copied or stored by the app — it stays where you put it, and the app holds a security-scoped bookmark (a filesystem handle, not a copy).

For databases opened via the built-in OneDrive, Google Drive, or Dropbox integration, the app caches the encrypted .kdbx file locally (in the App Group container) for offline access. The cached file is the same encrypted blob your cloud provider stores — it is never decrypted on disk. OAuth refresh tokens for cloud providers are stored in the shared iOS Keychain.

What the app does not store

Network access

On-device diagnostics

iOS’s MetricKit framework writes crash reports, hang traces, and aggregated performance metrics to a directory inside the app’s App Group container (group.com.surfcx.kppoc/diagnostics/). These payloads contain system-level signals only — never decrypted database content. The app does not upload them. If you want to share a diagnostic payload with the maintainers, you can export it yourself via the Files app.

The directory is capped at 5 MB; older payloads are deleted to keep the cap.

Children

The app is rated 4+. It does not collect personal information from anyone, including children.

Changes to this policy

Material changes will be noted in the GitHub repo’s release notes. The current canonical version of this policy lives at docs/launch/privacy.md.

Contact

Security issues: see SECURITY.md. General questions: Contact.