Last updated 22 June 2026. Vestyn is self-hosted — your vault data lives on infrastructure you control, not ours.
This policy covers the vestyn.app website, the Vestyn macOS application, the Vestyn browser extension (Chrome, Firefox, Safari), and the Vestyn server software. It describes what data Vestyn’s developer ("we", "us") collects — which is very little — and how each component handles your information.
Vestyn is self-hosted. We do not operate a cloud service that stores your vault data. When you run a Vestyn server, you (or whoever operates that instance) are the data controller for the accounts on it. We have no access to your server, your database, or the encrypted data on it. This policy governs only the data that passes through infrastructure we operate — the vestyn.app website and the update-check mechanism.
Vestyn is designed so that your secrets are end-to-end encrypted on your device before they leave it. Your master password is never transmitted. The server stores only authenticated ciphertext — opaque blobs it cannot decrypt. Even the self-hosted server operator cannot read your vault contents. See the security architecture for the full technical model.
The website is a static site with no user accounts, no analytics, no advertising trackers, no cookies, and no fingerprinting. Standard HTTP server logs (IP address, user agent, requested URL, timestamp) are generated by the hosting provider as part of normal web serving. These logs are transient and are not used for tracking or profiling.
All fonts are self-hosted. No third-party font services are loaded.
Application binaries (the macOS .dmg) are served from Cloudflare R2 object storage. Downloading a file exposes your IP address and user agent to Cloudflare as part of normal HTTP delivery. We do not attach identifiers to downloads and do not track which IP downloaded which version.
The macOS app uses Sparkle to check for updates. Periodically (approximately once per hour), the app fetches a small XML file (appcast.xml) from vestyn.app. This request exposes your IP address, macOS version, and app version to our web server, as part of standard HTTP traffic. We do not log, store, or process this information beyond normal server log retention.
The browser extension communicates only with your self-hosted Vestyn server — never with vestyn.app or any other remote service. It does not collect telemetry, usage analytics, or crash reports. Session data (tokens, cached vault items) is stored in the browser using chrome.storage.session and is cleared when the browser session ends or when you sign out. If you enable biometric unlock, an encrypted restore blob (wrapped authentication token and session key) is stored persistently in chrome.storage.local until you disable biometric unlock or remove the extension. The extension accesses page content (form fields) solely to provide autofill functionality and does not transmit page content anywhere other than your own server.
The macOS app communicates only with your self-hosted Vestyn server. It stores authentication tokens and an encrypted session key in the macOS Keychain, local to your device. Vault data is decrypted in memory only while the app is unlocked. Touch ID biometric data is handled entirely by macOS — Vestyn never accesses or stores fingerprint data.
The Vestyn server stores account emails, encrypted vault data, and basic metadata (timestamps, item counts) needed for sync. All of this data resides on infrastructure you operate. We never receive, access, or process it. Your server may generate its own logs (IP addresses of connecting clients, for example) — those are under your control and your responsibility.
| Service | Purpose | Data exposed |
|---|---|---|
| Cloudflare (R2) | Hosts .dmg downloads | IP address, user agent (standard HTTP) |
| Web hosting provider | Serves vestyn.app + appcast.xml | IP address, user agent (standard HTTP) |
| Extension stores | Browser-extension distribution, once published | Subject to each store’s own privacy policy |
| Apple notarization | macOS Gatekeeper verification on first launch | Subject to Apple’s privacy policy |
We do not use advertising networks, analytics providers, crash reporting services, or social media SDKs.
Vestyn is not directed at children under 13 (or under 16 in jurisdictions where GDPR applies). We do not knowingly collect personal information from children. If you believe a child has provided data to a Vestyn instance, contact that instance’s operator.
Under GDPR, CCPA, and similar regulations you may have rights to access, correct, delete, or port your personal data.
Vestyn is open-source software (source code). You can inspect exactly what data the software collects, stores, and transmits. The claims in this policy are verifiable against the source.
We will update the "last updated" date at the top of this page when this policy changes. Material changes will be noted in the changelog. Continued use of the website or software after a change constitutes acceptance.
Questions or requests regarding this policy: [email protected].