Privacy Policy

BlackVault is designed with privacy as a core principle. This policy explains what data we collect, how we protect it, and what we do (and don't do) with it.

Account Data

• Email address (via Clerk authentication)
• Display name, bio, and GitHub URL (optional, user-provided)
• Account creation date

Vault Data

• Encrypted API keys (AES-256-GCM, per-user derived keys — we cannot read the plaintext)
• Key metadata: provider name, label, active status, creation date
• Key prefix (first few characters) for identification in the UI

Proxy Data

• Proxy session metadata: label, creation date, expiry, active status
• Token hash (SHA-256 — the plaintext token is never stored)
• Per-request logs: provider, model, endpoint, HTTP status, token counts, estimated cost, latency
• IP address and User-Agent of proxy requests (for device info display and security)

Activity Data

• Audit log of actions taken in the Service (key created, session killed, etc.)

• Plaintext API keys (encrypted at rest, decrypted only in-memory during proxy forwarding)
• Request/response bodies of proxied API calls (only metadata like token counts)
• Conversation content, prompts, or completions from your AI API calls
• Third-party analytics, advertising trackers, or fingerprinting data

Encryption

• API keys: AES-256-GCM with per-user derived keys using HMAC-SHA256 (HKDF pattern)
• Each key has a unique IV (initialization vector)
• The master key is stored as a server-side environment variable, never in code or database

Proxy Tokens

• Tokens are cryptographically random (32 bytes)
• Only the SHA-256 hash is stored — the plaintext token is shown once at creation
• Session lookup is cached in Redis with a 60-second TTL for fast revocation

Infrastructure

• Database: Neon Postgres (encrypted at rest, TLS in transit)
• Cache: Upstash Redis (TLS, encrypted at rest)
• Authentication: Clerk (SOC 2 compliant)
• Hosting: Vercel (SOC 2 compliant, encrypted in transit)

• To provide the Service: encrypting keys, proxying requests, tracking usage
• To display your dashboard: cost summaries, activity feed, session status
• To enforce security: rate limiting, session revocation, kill switch

We do not use your data for advertising, profiling, or selling to third parties.

• Account data: retained while your account is active
• Encrypted vault keys: retained until you delete them or your account
• Proxy logs: retained for 90 days, then automatically purged
• Activity logs: retained for 90 days

When you delete a vault key, all associated proxy sessions and logs are cascade-deleted from the database.

We use the following third-party services:

• Clerk — authentication (receives your email)
• Neon — database hosting (stores encrypted data)
• Upstash — Redis cache (stores session lookup cache)
• Vercel — hosting and deployment

When you use the proxy gateway, your requests are forwarded to the AI provider you selected (OpenAI, Anthropic, Google AI). Those providers' privacy policies apply to the content of your API calls.

• Access: You can view all your data in the dashboard
• Deletion: You can delete individual keys, sessions, or your entire account
• Export: Your activity and usage data is visible in the dashboard
• Revocation: You can instantly revoke all proxy sessions via the kill switch

We may update this policy as the Service evolves. Continued use after changes constitutes acceptance. We will notify users of material changes via the Service.

For privacy questions or data deletion requests, contact us via GitHub at github.com/venkat22022202/black-vault.