EN DE
VeilVault Logo

Documentation

Privacy & Permissions

← Back to Docs Back to VeilVault →

Privacy & Permissions

This document explains how VeilVault handles user data and which Android permissions it uses.

VeilVault is a security-first, offline-only password vault developed by CodeVeil.

Privacy in VeilVault is not a feature add-on.
It is a foundational design constraint.

Data Privacy Overview

VeilVault operates entirely on the user’s device.

  • No user accounts
  • No cloud storage
  • No remote servers
  • No telemetry or analytics
  • No tracking identifiers

All vault data remains on the device unless the user explicitly exports it.

Network Activity

VeilVault does not require internet access to function.

  • The app performs no background network requests
  • Vault data is never transmitted off-device
  • No third-party services are contacted for vault functionality

Any optional interactions with the Play Store (such as license verification) are handled by the platform and are separate from vault data handling.

Data Collection

VeilVault does not collect:

  • Usage analytics
  • Behavioral data
  • Crash reports containing secrets
  • Identifiers tied to user activity

No vault contents, passwords, or derived secrets are ever shared externally.

Diagnostic Data

In exceptional cases (such as startup crash recovery), VeilVault may generate local diagnostic information.

  • Diagnostics remain on the device
  • Diagnostics do not include plaintext secrets
  • Export of diagnostics requires explicit user action

Diagnostics exist solely to help the user understand or resolve local issues.

Android Permissions

VeilVault requests only the permissions necessary for its documented functionality.

Permissions are used conservatively and only when required by the platform.

Storage Access (User-Initiated)

Used when the user explicitly chooses to:

  • Export vault data
  • Import data from a file

VeilVault uses Android’s Storage Access Framework, which allows users to select specific files or locations without granting broad filesystem access.

Autofill Service

Used to provide password autofill and save functionality in supported apps and browsers.

  • Autofill is opt-in
  • Users must explicitly enable VeilVault as their preferred autofill service
  • Autofill data is processed locally

Biometric Authentication (Optional)

Used only if the user enables biometric unlock.

  • Biometrics are used as a convenience gate
  • They never replace the master password
  • Biometric data is handled by the operating system, not VeilVault

Permissions Not Used

VeilVault explicitly avoids requesting permissions commonly associated with data collection or tracking, including:

  • Location access
  • Contacts access
  • Camera access
  • Microphone access
  • SMS access
  • Call logs
  • Advertising identifiers

If a permission is not required for local vault operation, it is not requested.

User Control

  • Vaults can be exported manually
  • Vaults can be wiped locally
  • No remote actions can be performed on the vault
  • Uninstalling the app removes local vault data

There is no server-side copy to revoke or manage.

Transparency Commitment

VeilVault documents its privacy and permission usage so users can make informed decisions.

If a permission is requested, it is:

  • Explicit
  • Functionally justified
  • Limited in scope

VeilVault’s privacy posture is defined by absence of data collection, not by promises of responsible handling.

Summary

  • Your data stays on your device
  • No accounts, no tracking, no analytics
  • Permissions are minimal and purpose-driven
  • Control remains with the user at all times

Privacy is enforced by architecture, not policy.

← Back to Docs