Privacy Policy
Last updated: March 1, 2026
The short version: Your vault data never leaves your Mac. We don't collect it, we can't see it, and we don't want it. The only network call OpsVault makes is license validation.
1. What We Collect
OpsVault is a local-first application. We collect the absolute minimum data required to operate the licensing system:
- License activation code — the code you enter to unlock the app.
- Device hash — a one-way, non-reversible identifier derived from your Mac's hardware. This is used to bind your license to your device. We cannot identify your Mac from this hash.
- License metadata — plan type, activation date, expiration date, and license status.
2. What We Do Not Collect
- Your name, email address, or any personal identifiers.
- Any vault data: passwords, SSH keys, API keys, hostnames, or credentials of any kind.
- Usage analytics, telemetry, crash reports, or behavioral data.
- IP addresses (we do not log them on our license server).
- Browsing history, clipboard contents, or filesystem access.
3. How Your Vault Data Is Stored
All credential data is stored exclusively on your Mac:
- Passwords and secrets are stored in the macOS Keychain with
kSecAttrAccessibleWhenUnlockedThisDeviceOnlyprotection. - Vault structure is stored in a local SwiftData database on your machine.
- Encryption keys are derived using the Secure Enclave — a hardware-isolated cryptographic processor on your Mac.
- Data is encrypted with AES-256-GCM. Even if your disk is cloned, the vault cannot be opened on another machine.
4. Network Communication
OpsVault contacts our server for exactly one purpose: license validation.
- License activation: sends your activation code and device hash to
api.myopsvault.com. - Periodic license revalidation: sends your license ID and device hash to verify your subscription is active.
All communication uses HTTPS with TLS 1.3. No vault data is ever transmitted.
5. Third Parties
We do not share, sell, or transfer any data to third parties. We do not use analytics services, advertising networks, or tracking pixels on our website or in the app.
6. Cookies
Our website does not set any cookies. The app does not use cookies.
7. Data Retention
License records (activation code, device hash, plan metadata) are retained on our server for the duration of your subscription plus 90 days. After that, records are permanently deleted.
Your vault data is stored only on your Mac. If you delete the app, your Keychain entries and SwiftData store are removed with it.
8. Your Rights
You can request deletion of your license data at any time by emailing [email protected]. Since we don't collect personal identifiers, there is typically nothing to delete beyond the license record itself.
9. Children
OpsVault is not directed at children under 13. We do not knowingly collect data from children.
10. Changes to This Policy
If we update this policy, we will post the revised version here with an updated date. Material changes will be communicated through the app or our website.
Contact
Questions about this policy? Email us at [email protected].
© 2026 blgn labs. All rights reserved.