Privacy Policy
Last updated: May 2026
At FadeKey, your privacy and data security are built into the code. We utilize zero-knowledge architecture: sensitive data is encrypted in your browser before ever reaching our servers, meaning we can never access your plaintext keys or contents.
1. What We Collect
We minimize data to the absolute minimum. When sharing a secret, only the encrypted ciphertext, metadata (expiry and max views), and initialization vector are stored in our secure Redis cache. Decryption keys are never transmitted. For SaaS accounts, we store your email address and authentication hashes.
2. Security & Erasure
Secrets reside in memory (Redis) and self-destruct instantly when the view limit is reached or the expiration time passes. Deletion is immediate and irreversible; we perform no backups of transient secrets. Encryption uses standard AES-GCM-256.
3. Self-Hosted Instances
When self-hosting FadeKey, all databases, servers, and configurations reside under your direct control. We do not track, collect, or upload telemetry or usage details from your custom self-hosted installations.
4. Rights & Contact
You retain full control over your credentials and cloud account. If you wish to delete your account or have questions, please reach out to our team.