TokenKeeper-Vault

TokenKeeper Vault Privacy Policy

Effective Date: April 6, 2026

Overview

TokenKeeper Vault is a Chrome Extension that provides secure local storage for API tokens and passwords. This privacy policy explains how we handle your data.

Data Collection

We do not collect any personal data.

TokenKeeper Vault operates entirely on your local device:

• All tokens are encrypted using the Web Crypto API before storage
• Data is stored only in Chrome’s local storage (chrome.storage.local)
• No data is transmitted to external servers
• No analytics or tracking is implemented

Data Storage

Encryption

• All sensitive data is encrypted using AES-GCM with a key derived from your master password
• Encryption keys are never stored in plain text
• Your master password is never stored; only a hash is kept for verification

Storage Location

• All data remains on your local device
• Data is stored in Chrome’s local storage, which is isolated per extension
• No cloud sync or remote storage is used

Permissions

The extension requests the following permissions:

Permission	Purpose
storage	To save encrypted tokens locally
clipboardWrite	To copy tokens to clipboard when you click “Copy”
activeTab	Future feature: detect token input fields
downloads	To export encrypted token backups
notifications	For auto-lock warnings
alarms	For auto-lock timer functionality
clipboardRead (optional)	Future feature: detect tokens from clipboard

Third-Party Services

TokenKeeper Vault does not use any third-party services, APIs, or external libraries that transmit data.

Data Sharing

We do not share, sell, or transfer any data to third parties. There is no data to share.

Security

• All cryptographic operations use the browser’s native Web Crypto API
• The extension uses Manifest V3 for improved security isolation
• Content script has minimal permissions and only responds to ping messages
• No external network requests are made

Your Rights

Since all data is stored locally on your device:

• You can delete all data by uninstalling the extension
• You can export your data at any time using the built-in export feature
• You maintain full control over your information

Changes to This Policy

If we make changes to this privacy policy, we will update the effective date and notify users through the extension’s update notes.

Contact

For questions or concerns about this privacy policy, please open an issue on our GitHub repository.

---

This privacy policy was last updated on April 6, 2026.