Privacy Policy
Your privacy is the foundation of 2FA Vault.
Last updated: July 2026
🔒 2FA Vault does not collect, transmit, or share any personal data. Everything stays on your device.
Data We Collect
We collect no data. 2FA Vault operates entirely on your local device. We have no servers, no accounts, and no analytics.
How Your Data Is Stored
Your 2FA accounts and secrets are stored in an encrypted vault file on your computer. The vault is encrypted with AES-256-GCM using a key derived from your master password.
The vault never leaves your device unless you explicitly copy it yourself.
Camera Access
2FA Vault requests camera access to scan QR codes when adding new accounts. Camera data is processed locally in real time and is never stored or transmitted.
Screen Recording Access
2FA Vault can detect a QR code shown anywhere on your screen when you add an account. On macOS this uses the screen recording permission. Screen contents are analyzed locally, only while you are adding an account, and are never recorded or transmitted.
Import & Backup Files
Importing from another app and creating or restoring an encrypted backup all happen entirely on your device. You choose the files, and nothing is uploaded — encrypted backups are protected by a password you set.
Third-Party Services
2FA Vault does not use any third-party SDKs, analytics services, advertising networks, or cloud services.
Children's Privacy
2FA Vault does not collect any personal data from anyone, including children under 13.
Changes to This Policy
If we update this privacy policy, we will post the updated version here with a new effective date.
Contact
Questions about privacy? Email us at vault.apps.support@gmail.com.