Effective date: May 1, 2026
The short version: Your passwords never leave your device in unencrypted form. We do not have servers that store your data. We collect no analytics, no crash reports, and no personal information.
RabbitKey is a local-first password manager. All credential data is end-to-end (E2E) encrypted on your device using authenticated XChaCha20-Poly1305 before it is written to storage. We never have access to your master password, your encryption keys, or your vault contents.
We do not collect, transmit, or store:
Note: RevenueCat, our purchase verification provider, processes anonymous transaction data as described in In-App Purchases and Payment Processing. This does not include personally identifiable information.
RabbitKey stores the following data exclusively on your device:
RabbitKey supports optional sync via your own cloud storage account (for example, iCloud Drive, Google Drive, or a custom WebDAV endpoint). If you enable sync:
RabbitKey offers optional Pro features as a one-time in-app purchase through the Apple App Store. When the app launches on Google Play, the Mac App Store, and Microsoft Store, payment processing on those platforms will be handled by the respective platform store. We never receive or store your payment card details, billing address, or store account.
RevenueCat, a third-party subscription management service, is used to verify purchase status. RevenueCat may process: an anonymous app user ID, purchase transaction identifiers, product identifiers, and purchase timestamps. RevenueCat does not receive your name, email address, or Apple ID.
See RevenueCat's Privacy Policy at https://www.revenuecat.com/privacy for more information.
RabbitKey today ships on iOS and may request the following system permissions, used solely for the stated purposes:
When Android, macOS, and Windows builds ship, equivalent permissions (Android biometrics / macOS Keychain / Windows Hello, plus the platform autofill APIs) will be requested for the same purposes.
RabbitKey integrates no third-party SDKs for analytics, advertising, or crash reporting. Third-party involvement is limited to:
Our marketing website may be hosted on infrastructure operated by subprocessors listed in Subprocessors.
Because we hold no data about you, there is nothing for us to delete. To remove all RabbitKey data, uninstall the app — this removes the local database and clears the keychain entry on iOS/macOS. If you enabled sync, delete the vault file from your cloud storage separately.
For data processed by RevenueCat in connection with purchase verification, retention is governed by RevenueCat's policies; you may contact us at support@rabbitkey.app for guidance on exercising applicable rights.
We apply industry-standard practices throughout the app: end-to-end (E2E) encryption using authenticated XChaCha20-Poly1305, PBKDF2-HMAC-SHA256 key derivation (100,000 iterations, 32-byte salt, 256-bit key), platform secure storage APIs, and code obfuscation in release builds. However, no security measure is infallible — protect your master password and device.
Depending on where you live, you may have additional rights regarding personal data. RabbitKey is designed to minimize data collection; where a processor holds limited data (for example, RevenueCat for purchase verification), you may also exercise rights directly with that provider where they apply.
If you are in the EU or EEA, the General Data Protection Regulation (GDPR) may grant you rights including: access, rectification, erasure, restriction of processing, data portability, and objection to processing, where applicable. You may lodge a complaint with your local supervisory authority. To exercise rights related to data we control, contact support@rabbitkey.app.
California residents may have rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know, delete, and opt out of certain processing (we do not sell personal information). To submit a request, contact support@rabbitkey.app.
If you are in South Korea, the Personal Information Protection Act (PIPA) may grant you rights regarding access, correction, deletion, and suspension of processing of personal information, where applicable. Contact support@rabbitkey.app to exercise these rights with respect to information we control.
We rely on the following categories of subprocessors for specific functions:
| Subprocessor | Role |
|---|---|
| Apple App Store | iOS app distribution and in-app payment processing (Google Play, Mac App Store, and Microsoft Store will be added when those platforms launch) |
| RevenueCat | Purchase status verification |
| Cloudflare Pages | Hosting of the rabbitkey.app marketing site |
This list may be updated as our operations change; we will reflect material updates in this policy or an accompanying page.
RabbitKey is local-first: your encrypted vault is stored on your device and, if you choose, in your cloud account. We do not operate servers that store your vault contents.
RevenueCat and Cloudflare may process limited data in the United States or other countries where they operate. Their processing may involve cross-border transfers. Please review their privacy policies for details on safeguards and locations.
If we become aware of a security incident that materially affects personal information under our control (for example, data we hold in connection with this policy or our website), we will notify affected users and, where required, regulators without undue delay and, where feasible, within 72 hours of becoming aware, in line with applicable law.
If we make material changes to this policy, we will update the effective date above and post the revised policy at this URL. Continued use of the app after changes constitutes acceptance.
Questions about this policy? Email us at support@rabbitkey.app.