Privacy Policy

Last updated: 2026-04-04 · Alpha version

The short version

RESQD is a zero-knowledge vault. The entire product is designed around a single premise: we can't read what you store, so we can't sell, share, or lose it in a breach. This policy exists to put specifics behind that claim and to cover the small amount of information we do collect so the product can function.

Read the Security Model for the cryptographic details of how zero-knowledge is enforced.

What we collect

  • Email address. Used for login, password-free account recovery, and rare product emails (billing receipts, security notices). Not used for marketing spam.
  • Passkey public key. A WebAuthn credential created on your device and synced to your platform keychain. RESQD stores only the public half. The private half never leaves your authenticator.
  • Encrypted vault data. Ciphertext shards, wrapped per-asset keys, and encrypted metadata blobs. We cannot decrypt any of this.
  • Request metadata. Timestamps, IP addresses (briefly, for rate limiting and abuse detection), request sizes, HTTP methods. Standard server logs. Retained ≤ 30 days.
  • Canary commitments. 32-byte cryptographic fingerprints of your vault access history, written to a public blockchain. These are opaque — nothing in them identifies you or your data to an outside observer.
  • Billing information (future). When we turn on payments, card details are handled by Stripe; RESQD never sees card numbers. We store the subscription status and last-4 digits for support.

What we do NOT collect

  • Plaintext of your files. Physically impossible — it's encrypted in your browser before we see it.
  • Plaintext filenames. Same — filenames are encrypted in a separate metadata blob.
  • Your master key. It's derived from your passkey via the WebAuthn PRF extension and never transmitted.
  • Third-party analytics cookies, trackers, or ad-tech. This site uses zero third-party scripts.
  • Device fingerprints, telemetry, or behavioral profiling.
  • Social contacts, address books, or other identity graph data.

Who we share with

  • Cloud storage providers (AWS, Google Cloud, Azure): they hold your encrypted shards. They see ciphertext bytes and your asset IDs; nothing else. No single provider has a complete copy of any file.
  • Base L2 blockchain: canary commitments and asset ID hashes are written publicly. Anyone can read them. They are opaque hashes — you cannot derive a filename or a user from them.
  • Stripe (future): payment processing only.
  • Lawful court orders: if compelled by a valid court order in a jurisdiction we operate in, we will hand over what we have. What we have is encrypted data and account metadata. We cannot produce plaintext.

We do not sell your data. Ever. Not even "anonymized" or "aggregated" versions. The whole architecture prevents this.

How long we keep it

  • Encrypted vault data: as long as your account is active, plus 30 days grace after cancellation.
  • Account metadata: as long as your account is active.
  • Request logs: ≤ 30 days.
  • Backups: standard cloud provider backups with encryption retained per cloud provider defaults.
  • Blockchain anchors: forever (append-only by design — we cannot delete them).

Your rights

You can delete any asset at any time from the vault page. You can delete your account and all associated data by emailing privacy@resqd.ai. On account deletion we purge your user row, all wrapped keys, and all encrypted shards within 30 days. The on-chain canary history for your past assets remains forever — it's cryptographically opaque so it cannot be used to identify you, but we cannot delete it.

If you are in the EU, UK, or California, you additionally have GDPR/CCPA rights of access, correction, portability, and erasure. Contact privacy@resqd.ai and we'll process requests within 30 days.

Children

RESQD is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child under 13 has registered, email privacy@resqd.ai and we will remove the account.

Changes

Material changes to this policy will be announced via the email on your account with at least 30 days notice before taking effect.

Contact

privacy@resqd.ai