Privacy Policy

The short version

Lyfos is built so that we cannot read your vault contents. Your data is encrypted on your device with a key derived from your passphrase before it ever leaves the browser. During the Beta, your encrypted vault does not leave your browser at all.

The only data we receive about you is what we explicitly describe below — basic anonymous analytics, error reports if they happen, and any information you choose to send us by email.

1. Data you create inside the vault

The names, secrets, account numbers, attachments, balance-sheet entries, nominee details, and audit log inside your vault are encrypted on your device using AES-256-GCM with a key derived from your passphrase using PBKDF2-SHA-256.

During the current Beta:

• This encrypted blob is stored in your browser's local storage on this device only.
• It does not sync to our servers. We do not have a copy.
• Clearing this browser's data (or losing the device without an export) deletes the vault permanently.

A future release will add encrypted cloud sync so you can use Lyfos on more than one device. When it does, the data we store will remain ciphertext that we cannot decrypt — your passphrase and the derived encryption key will not be transmitted to or stored by us.

2. Account data

During the Beta there are no Lyfos accounts. If you contact us by email, we receive your email address and the contents of your message. We use this only to reply.

3. Analytics

We use Plausible Analytics to understand how the Service is used. Plausible does not use cookies and does not collect personal data. The data points we collect are:

• Anonymous page view counts and referrer.
• Anonymous device class (desktop, mobile, tablet) and browser.
• Country (derived from IP at request time; the IP itself is not stored).

No identifier follows you between sessions. No vault contents are sent to Plausible — they could not be, because they are encrypted before they would ever leave the device.

4. Error monitoring

If we enable Sentry for error monitoring, only stack traces and minimal browser context will be sent — never vault contents, attachments, passphrases, recovery keys, or personally-identifying user input. We aggressively scrub PII from any error payload at the source.

5. Service worker and local storage

Lyfos installs a service worker so the app loads quickly on repeat visits and works briefly offline. The service worker caches the app's code, not your data. Your data lives in encrypted form in localStorage until you choose to export it.

6. Your rights (DPDPA, GDPR, and similar)

Because we hold almost no personal data about you, the practical exercise of your rights is straightforward:

• Right to access: we have nothing about you that isn't already on your device. Open Settings → Backup encrypted vault to get a copy.
• Right to erasure: open Settings → Delete this local vault to remove your data from this device. Email us at hello@lyfos.signorvale.com if you also want any support correspondence with us deleted.
• Right to portability: the encrypted backup file is a portable JSON envelope you can hold and move yourself.
• Right to object / withdraw consent: stop using the Service. There is no server-side profile to deactivate during the Beta.

If you are in the EU/UK, you also have the right to lodge a complaint with your local data protection authority.

7. Data residency

Currently, your data resides on your device. When cloud sync ships, encrypted blobs will be stored in India (AWS Mumbai region) by default. EU users will be given the option of an EU region (AWS Frankfurt) before any data is transferred outside the EU.

8. Children

The Service is not intended for children under 18. If you believe a child has used the Service, contact us and we will delete any related data.

9. Changes to this policy

We may update this Policy. Material changes will be communicated through the Service. The "Last updated" date at the top will always reflect the current version.

10. Contact & Grievance Officer

For privacy questions, contact hello@lyfos.signorvale.com.

Per India's Digital Personal Data Protection Act 2023 §13, our designated Grievance Officer is the founder, reachable at grievance@lyfos.signorvale.com. We will respond to all grievances within the statutory 30-day window. For breach reports, write to security@lyfos.signorvale.com — see our responsible disclosure policy.

For a complete list of sub-processors and their locations see /legal/sub-processors.html. A formal Data Protection Officer will be appointed if Lyfos is classified as a Significant Data Fiduciary by the Data Protection Board.