Privacy Policy
TranVault is a zero-knowledge credential manager. This policy explains plainly what we can and cannot see, and the minimal data we process to run the service.
Your vault is end-to-end encrypted on your device with AES-256-GCM. Your master passphrase never leaves your device and is never sent to us. Only ciphertext is ever stored or synced.
Transcenda cannot read the contents of your vault — there is no master key on any server to decrypt it with. The trade-off is absolute: if you forget your master passphrase, your vault cannot be recovered by anyone, including us. That is by design.
01What this policy covers
This policy describes how Transcenda (Transcenda EST, Dubai, United Arab Emirates) — the operator and data controller — handles information in connection with TranVault, our zero-knowledge credential manager for iOS and Android.
It covers the data we process, why we process it, who processes it on our behalf, how long we keep it, and the rights you have over it. It does not cover the third-party websites or services whose credentials you choose to store inside your vault — those are governed by their own policies.
Last updated: June 2026
02The zero-knowledge model
TranVault is built so that a compromise of our infrastructure reveals nothing about your secrets. Encryption happens on your device before anything is stored or synced. Your master key is derived locally from your passphrase using PBKDF2-HMAC-SHA256 with 600,000 iterations, and each item is sealed with AES-256-GCM. We never receive your passphrase or any key derived from it.
What we cannot see
- Passwords and login secrets
- Passkeys and TOTP / 2FA secrets
- SSH keys, API keys, tokens and certificates
- Crypto wallet seeds and private keys
- Card numbers, Wi-Fi keys and secure notes
- The secret fields of every item — only ever stored as ciphertext
The minimal data we process
- Your account email address
- Per-item type and display name, in cleartext, so the list and search work
- The encrypted vault envelopes themselves (ciphertext blobs)
- A device identifier and your email, for the device-limit / entitlement service
03Data we process
To be precise about the four categories above:
Account credentials
Your email address and password are handled by Google Firebase Authentication. Firebase salts and hashes your password; we do not store it in plaintext and it is never used to derive your vault encryption key.
Per-item cleartext metadata
For each item we store its type (for example: login, passkey, SSH key) and its display name in cleartext. This is the minimum needed to render and search your vault list. Every secret value within the item is encrypted and is not readable by us.
Encrypted vault envelopes
The encrypted contents of your items are stored as sealed ciphertext blobs in Google Cloud Firestore, in the me-central1 (Doha) region.
Entitlement data
A device identifier and your email are sent to our License Server (activate.transcenda.io) to enforce device limits and your subscription tier.
04How we use it
- To authenticate you and protect access to your account.
- To sync your encrypted vault across your own devices.
- To display and search your items by their type and name on your device.
- To enforce device limits and your entitlement / subscription tier.
- To send you transactional email (see Email, below).
- To maintain the security and integrity of the service and prevent abuse.
We do not use your data to build advertising or behavioural profiles, and we do not use it to train machine-learning models.
05Storage & subprocessors
We rely on a small set of subprocessors to operate TranVault:
- Google Firebase — Authentication, Cloud Firestore and Cloud Functions. Your Firestore data (encrypted envelopes and item metadata) resides in me-central1 (Doha).
- Cloudflare — CDN and DNS for our domains.
- Transcenda License Server — entitlement, device-limit and tier checks at activate.transcenda.io.
We do not sell, rent or share your data with anyone for advertising.
06What we do not do
- No analytics SDKs.
- No advertising and no ad networks.
- No tracking, fingerprinting or cross-app identifiers.
- No in-app purchases.
- No selling, renting or sharing of your data.
A crash-reporting SDK (Sentry) is integrated in the app but is currently disabled and operates as a no-op — it sends nothing. If it is ever enabled, it is configured to strip all secret fields before any report leaves the device.
07Email
We send transactional email only — a welcome message, email verification and password reset. These are sent from no-reply@transcenda.io. We do not send marketing email.
08Data retention
We retain your account, item metadata and encrypted vault envelopes for as long as your account is active. When you delete your account, this data is purged immediately (see Your rights). Because the vault is stored only as ciphertext we cannot read, there is no readable copy of your secrets to retain in the first place.
09Your rights
You can exercise the following rights at any time:
- Access & correction — your vault and account details are available to you directly in the app.
- Export — you can export your data in-app (data portability, GDPR Art. 20).
- Deletion — you can delete your account in-app via Settings → Delete account. Deletion is instant and irreversible: it purges your encrypted vault, your account, your device registrations and your entitlement records.
If you no longer have access to the app, you can request deletion at tranvault.transcenda.io/delete-account or by emailing support@transcenda.io.
10Security
Your vault is end-to-end encrypted with AES-256-GCM, using a key derived on your device from your passphrase via PBKDF2-HMAC-SHA256 (600,000 iterations). Only ciphertext is synced. The app is protected by biometric or passphrase unlock, auto-lock when idle, and attempt lockout after repeated failures.
No security measure is perfect, and the zero-knowledge design means we cannot recover a vault whose passphrase has been lost. Keep your master passphrase safe — it is the only key.
11Children
TranVault is not directed to children under the age of 16, and we do not knowingly collect data from them. If you believe a child has provided us data, contact us and we will remove it.
12International transfers
Your Firestore vault data is stored in me-central1 (Doha). Some of our subprocessors — Google Firebase (authentication) and Cloudflare (CDN and DNS) — operate global networks, so parts of authentication and content delivery may be processed in other regions. This service is governed by the laws of the United Arab Emirates (Dubai).
13Changes to this policy
We may update this policy from time to time. When we do, we will post the revised version here and update the date above. For material changes, we will provide additional notice where appropriate.
14Contact
Transcenda EST · Dubai, United Arab Emirates.
Questions about this policy or your data: support@transcenda.io.