Privacy Policy

This policy describes what KeyStackz collects, why, and what we will never do with it. Short version: we run a secrets manager, so we collect as little as possible and encrypt what matters most.

What we collect

• Account data — your name and email, handled through our auth provider, Clerk, so you can sign in.
• Your secrets — the API keys you paste, stored only as AES-256-GCM ciphertext. We cannot read them in plaintext in our logs or analytics, because they never appear there.
• Service metadata — which integrations you've connected and toggled, so pulls resolve correctly.
• Billing data — payments are processed by Stripe; we never see or store full card numbers.

What we never do

• We never sell your data. To anyone. Ever.
• We never log secret values or display them after entry.
• We never send your secrets to an AI model or chat window.
• We never fetch or create credentials in your provider accounts.

Your controls

You can revoke any token instantly, delete any connected service, or delete your entire account from Settings — which permanently erases your encrypted keys and tokens. Questions or data requests: privacy@keystackz.com.