Privacy Policy

Privacy Policy

Last updated 22 June 2026. Vestyn is self-hosted — your vault data lives on infrastructure you control, not ours.

1. Scope

This policy covers the vestyn.app website, the Vestyn macOS application, the Vestyn browser extension (Chrome, Firefox, Safari), and the Vestyn server software. It describes what data Vestyn’s developer ("we", "us") collects — which is very little — and how each component handles your information.

2. Who controls your data

Vestyn is self-hosted. We do not operate a cloud service that stores your vault data. When you run a Vestyn server, you (or whoever operates that instance) are the data controller for the accounts on it. We have no access to your server, your database, or the encrypted data on it. This policy governs only the data that passes through infrastructure we operate — the vestyn.app website and the update-check mechanism.

3. Zero-knowledge encryption

Vestyn is designed so that your secrets are end-to-end encrypted on your device before they leave it. Your master password is never transmitted. The server stores only authenticated ciphertext — opaque blobs it cannot decrypt. Even the self-hosted server operator cannot read your vault contents. See the security architecture for the full technical model.

4. What we collect

4a. The vestyn.app website

The website is a static site with no user accounts, no analytics, no advertising trackers, no cookies, and no fingerprinting. Standard HTTP server logs (IP address, user agent, requested URL, timestamp) are generated by the hosting provider as part of normal web serving. These logs are transient and are not used for tracking or profiling.

All fonts are self-hosted. No third-party font services are loaded.

4b. Software downloads

Application binaries (the macOS .dmg) are served from Cloudflare R2 object storage. Downloading a file exposes your IP address and user agent to Cloudflare as part of normal HTTP delivery. We do not attach identifiers to downloads and do not track which IP downloaded which version.

4c. Automatic update checks (macOS app)

The macOS app uses Sparkle to check for updates. Periodically (approximately once per hour), the app fetches a small XML file (appcast.xml) from vestyn.app. This request exposes your IP address, macOS version, and app version to our web server, as part of standard HTTP traffic. We do not log, store, or process this information beyond normal server log retention.

4d. Browser extension

The browser extension communicates only with your self-hosted Vestyn server — never with vestyn.app or any other remote service. It does not collect telemetry, usage analytics, or crash reports. Session data (tokens, cached vault items) is stored in the browser using chrome.storage.session and is cleared when the browser session ends or when you sign out. If you enable biometric unlock, an encrypted restore blob (wrapped authentication token and session key) is stored persistently in chrome.storage.local until you disable biometric unlock or remove the extension. The extension accesses page content (form fields) solely to provide autofill functionality and does not transmit page content anywhere other than your own server.

4e. macOS app (beyond update checks)

The macOS app communicates only with your self-hosted Vestyn server. It stores authentication tokens and an encrypted session key in the macOS Keychain, local to your device. Vault data is decrypted in memory only while the app is unlocked. Touch ID biometric data is handled entirely by macOS — Vestyn never accesses or stores fingerprint data.

4f. Self-hosted server software

The Vestyn server stores account emails, encrypted vault data, and basic metadata (timestamps, item counts) needed for sync. All of this data resides on infrastructure you operate. We never receive, access, or process it. Your server may generate its own logs (IP addresses of connecting clients, for example) — those are under your control and your responsibility.

5. Data we do NOT collect

  • We do not collect, store, or have access to your master password.
  • We do not collect, store, or have access to your vault contents (passwords, notes, cards, identities, TOTP secrets).
  • We do not collect analytics or telemetry from the app or extension.
  • We do not use cookies or tracking pixels on the website.
  • We do not sell or share data with third parties for advertising or profiling.

6. Third-party services

ServicePurposeData exposed
Cloudflare (R2)Hosts .dmg downloadsIP address, user agent (standard HTTP)
Web hosting providerServes vestyn.app + appcast.xmlIP address, user agent (standard HTTP)
Extension storesBrowser-extension distribution, once publishedSubject to each store’s own privacy policy
Apple notarizationmacOS Gatekeeper verification on first launchSubject to Apple’s privacy policy

We do not use advertising networks, analytics providers, crash reporting services, or social media SDKs.

7. Data retention

  • Website server logs: transient; retained only as long as the hosting provider’s default log rotation (typically days, not weeks).
  • App and extension data: stored locally on your device; removed when you uninstall the software or clear browser data.
  • Self-hosted server data: retained as long as the instance operator keeps it. We have no role in this.

8. Children

Vestyn is not directed at children under 13 (or under 16 in jurisdictions where GDPR applies). We do not knowingly collect personal information from children. If you believe a child has provided data to a Vestyn instance, contact that instance’s operator.

9. Your rights

Under GDPR, CCPA, and similar regulations you may have rights to access, correct, delete, or port your personal data.

  • For vestyn.app website data: We hold essentially no personal data about visitors (no accounts, no cookies, no analytics). For any request, contact [email protected].
  • For data on a self-hosted instance: Direct requests to whoever operates that server — they are the data controller.
  • For extension store data: Refer to the respective store’s privacy policy (Google, Mozilla, Apple).

10. Open source

Vestyn is open-source software (source code). You can inspect exactly what data the software collects, stores, and transmits. The claims in this policy are verifiable against the source.

11. Changes

We will update the "last updated" date at the top of this page when this policy changes. Material changes will be noted in the changelog. Continued use of the website or software after a change constitutes acceptance.

12. Contact

Questions or requests regarding this policy: [email protected].