Legal
No analytics. No tracking. No data sales.
Last updated: February 2026
This privacy policy applies to the hosted Clavitor service at clavitor.ai. If you self-host Clavitor, your data never touches our servers and this policy doesn't apply to you β your privacy is entirely in your own hands.
When you use hosted Clavitor, we store:
Fields protected by Identity Encryption are encrypted in your browser using a key derived from your WebAuthn authenticator β fingerprint, face, YubiKey, or any FIDO2 device β via the PRF extension. The encryption key never leaves your device. Our servers store only the resulting ciphertext. We cannot decrypt Identity fields, and no future policy change, acquisition, or legal order can change this β the mathematical reality is that we don't have the key.
When you create a hosted vault, you choose a region. Your data stays in that region. We don't replicate across regions unless you explicitly request it.
We use infrastructure providers (cloud hosting, DNS) to run the service. These providers process encrypted data in transit but do not have access to your vault contents. We do not use any analytics services, advertising networks, or data brokers.
If compelled by valid legal process, we can only provide: your email address, account creation date, and encrypted vault data. Credential fields are encrypted with your vault key (which we do not store). Identity fields are encrypted client-side. In practice, we have very little useful information to provide. The ZΓΌrich jurisdiction provides additional legal protections against foreign government requests.
You may cancel your subscription or delete your account at any time. Cancellation takes effect at the start of your next billing period; until that date, your service continues normally.
Deletion upon cancellation. When cancellation takes effect, your vaults are immediately and permanently deleted from our active systems. This deletion is instant and irreversible.
Compliance retention. To satisfy legal and regulatory requirements, we retain encrypted backups for a maximum of 30 days after deletion. These backups exist solely for compliance purposes and are not available for restoration. You cannot request your data from these backups. After 30 days, even these copies are permanently destroyed.
Your warning. We will email you 7 days before your cancellation takes effect, reminding you to export your vault data if you have not already done so. This is your final opportunity to preserve your information.
Immediate termination for cause. In cases of abuse, illegal activity, or security threats, we may terminate immediately without the 7-day warning. The same deletion and backup policies apply.
14-day regret period for annual renewals. As described in our Terms of Service Section 6, annual subscriptions that auto-renew carry a 14-day post-renewal cancellation window. If you did not intend to renew, cancel within 14 days of the renewal charge for a full refund.
Price for life. Your subscription rate will never increase as long as your subscription remains active. This commitment applies to the currency and tier at which you originally subscribed. See Terms of Service Section 5 for full details.
Self-hosted exception. This policy applies only to hosted (paid) service. Self-hosted Community Edition users manage their own data retention and deletion.
We'll notify registered users by email before making material changes to this policy. The current version is always available at this URL.
Questions about this policy? Email privacy@clavitor.ai.