1. Purpose of Processing Personal Information

'KeyVault' (hereinafter referred to as 'the App') is a tool designed for the secure management of your sensitive password data. Under no circumstances is any sensitive data, such as passwords or account information entered by the user, transmitted outside the device or collected/stored on a server. All data processing occurs 100% locally within the user's smartphone device.

2. Items of Personal Information Collected

The App does not collect any personal information from the user (such as name, email, contact information, or device identification values). All ID and password data entered into the App by the user is encrypted and stored exclusively within the internal storage of the user's own smartphone (local environment).

3. Information on Device Access Permissions (Optional)

The App does not collect or transmit sensitive personal information and does not request any dangerous permissions (such as location, camera, or contacts) required by the Android system. However, to provide its core functionality, it interacts with the following device features:

• Biometric Recognition (Optional): Uses the built-in fingerprint or face recognition sensors of the device solely for the purpose of unlocking the App. Biometric information is processed only within the secure area of the device; the App only receives the result of the authentication (success/failure) and cannot access the biometric data itself.
• Storage Space (Optional): Acts only to invoke the device's default file explorer when the user wishes to backup or restore data. The App can only access specific backup files directly selected by the user and does not have permission to arbitrarily read from or write to the device's entire storage.
• No Internet Permission: The App does not have the internet communication function (INTERNET permission) itself within its code. This ensures a physical environment where no data can be sent to an external server.

4. Provision of Personal Information to Third Parties

The App does not collect personal information separately, and because there is no function to transmit stored data to an external server, it is physically impossible to provide or share the user's personal information or password data with third parties.

5. Destruction of Personal Information

All data entered by the user exists only in the local storage of the smartphone. Therefore, all data is permanently destroyed from the device as soon as the user executes the 'App Data Reset' function or deletes (uninstalls) the App from the smartphone.

6. Data Security and Encryption Method

Data within the device is encrypted based on the user's Master Password using strong international standard encryption algorithms (such as AES). No one, including the developer, can decrypt or view the content of the stored data without knowing the user's Master Password.

7. Person Responsible for Privacy Protection

• Name: Jaejun Yu (유재준)
• Contact (Email): windy9300@gmail.com

This Privacy Policy is effective as of February 24, 2026.