User Data Protection Policy

1. Data Collection

We only collect user-stored password data and basic account information, including:

• Account login credentials
• Password records and related notes
• Account categorization information
• Last update time

2. Data Encryption

We employ the following measures to protect your data security:

• End-to-end encryption technology
• AES-256 Advanced Encryption Standard
• Secure key derivation function
• Local data encryption storage
• On Android, you can enable the "Disable screenshots" option to reduce the risk of data leakage via screen captures. If you turn it off, screenshots and screen recordings that contain your passwords and other sensitive information should be handled with extra care.

3. Data Access

Access to user data is strictly controlled:

• Only the user can access their data
• All access requires authentication
• Biometric verification support
• All data is stored locally

4. Third-Party Sharing

We commit to:

• Not selling user data
• Not sharing data with third parties
• Not using data for commercial purposes
• Complying with relevant laws and regulations

5. User Rights

Users have the following rights:

• View all stored data
• Modify or delete personal data
• Export data copy

Backup & Security Tips

• Set a strong backup passphrase different from your login password, with at least 12 characters including upper/lowercase letters, numbers and symbols.
• Store .pbbak backup files in trusted locations such as encrypted cloud storage or local encrypted storage, and avoid sending them via chat apps or public drives.
• Regularly clean up outdated backup files to reduce potential leakage risks.
• If you suspect any backup file may be exposed, change important account passwords as soon as possible and generate a new backup.