Last updated: April 5, 2026
Keydock is built with privacy as a core principle. Because of our zero-knowledge architecture, your API keys are encrypted on your device before reaching our servers. We cannot read them. This policy explains what other data we do collect and why.
| Data | Source | Purpose |
|---|---|---|
| Email address | You, on signup | Authentication, account communication |
| Encrypted key blobs | Your device | Storing your encrypted data (we cannot decrypt these) |
| Usage events | PostHog analytics | Understanding how features are used, improving the product |
| Payment info | Paddle (processor) | Billing — we never see or store card details |
Your API keys are encrypted with AES-256-GCM on your device before being sent to our servers. Keydock never has access to your unencrypted keys or your master password. Even in the event of a server breach, your keys remain unreadable.
We use the data we collect to:
We do not sell your data. We do not run ads. We do not share your data with third parties except those listed above to operate the Service.
We retain your account data for as long as your account is active. When you delete your account, all your data including encrypted key blobs is permanently deleted from our servers within 30 days.
You have the right to access, correct, or delete your personal data at any time. To exercise these rights, email us at support@keydock.cloud. If you are in the EU/EEA, you may also lodge a complaint with your local data protection authority.
We use only essential cookies required for authentication and session management. We do not use tracking cookies or advertising cookies.
We may update this policy from time to time. We will notify you via email for material changes. The latest version is always available at keydock.cloud/privacy.
Privacy questions? Email us at support@keydock.cloud