Privacy Policy

Our Commitment to Your Privacy

At Password Split, your privacy is our top priority. This service is designed with privacy-by-design principles, ensuring that your sensitive data never leaves your device.

How Password Split Works

Password Split operates entirely within your web browser using client-side JavaScript. When you enter a password:

• All cryptographic operations happen locally on your device
• No passwords or sensitive data are transmitted to our servers
• No passwords are stored, logged, or cached anywhere
• The splitting and reconstruction process uses Shamir's Secret Sharing algorithm entirely in your browser

Data Collection

We collect minimal personal information only during the checkout process for payment processing. Specifically:

• No password data: Your passwords never leave your browser
• Checkout information only: We collect PII (name, email, billing address) solely during checkout for payment processing
• No data resale: We never sell, share, or distribute your personal information to third parties
• Limited retention: Personal information is only retained as necessary for payment processing and support
• No usage tracking: We don't track how you use the service
• No tracking cookies: We don't use tracking cookies or similar technologies
• No analytics: We don't use Google Analytics or similar services

Technical Implementation

Our service uses proven cryptographic methods:

• Shamir's Secret Sharing: Industry-standard algorithm for splitting secrets
• Client-side processing: All operations run in your browser
• Split password flow: Completely client-side with no server interaction
• Reconstruct password flow: Completely client-side with no server interaction
• License purchase: Requires interaction with payment provider (Stripe) for checkout processing
• Open source: Our code is transparent and auditable

Server Logs

Like most websites, our web server may collect basic technical information such as:

• IP addresses for security and performance purposes
• Browser type and version for compatibility
• Page access times for performance monitoring

This information is used solely for maintaining service security and performance. It cannot be used to identify individual users and is not linked to any passwords or sensitive data.

Third-Party Services

Password Split does not integrate with any third-party analytics, advertising, or tracking services. We only use the following third-party services:

• Stripe: Used solely for payment processing during checkout
• Cloudflare: Used for hosting and content delivery

These services do not have access to your password data, which remains entirely within your browser.

Security Recommendations

For maximum security when using Password Split:

• Use the service on a trusted device and network
• Clear your browser's memory/cache after use if on a shared device
• Store the generated fragments securely and separately
• Consider using the service offline after the initial page load

Changes to This Policy

If we make changes to this privacy policy, we will update the "Last updated" date at the top of this page. Since we don't collect contact information, we cannot notify users directly of changes.

Open Source Transparency

Password Split is open source software. You can review our code, verify our privacy claims, and even run the service yourself. This transparency ensures that our privacy commitments are verifiable.

Contact

If you have questions about this privacy policy or our privacy practices, you can contact us through our project repository or website.