OneckPassOneckPass
FeaturesPricingSecurityBusinessAbout
LoginGet Started Free
OneckPassOneckPass

Zero-knowledge password manager. Your data stays yours.

TwitterLinkedInInstagram

Product

  • Features
  • Pricing
  • Security
  • Download

Company

  • About
  • Blog
  • Careers
  • Contact

Support

  • FAQ
  • Help Center
  • Sitemap

Legal

  • Terms of Service
  • Privacy

Β© 2026 OneckPass. All rights reserved.

Made with love in BrazilπŸ‡§πŸ‡·
πŸ”’Legal

Privacy Policy

Last updated: January 2026

This Privacy Policy describes how we collect, use, store, and protect your personal information, in compliance with the Brazilian General Data Protection Law (LGPD - Law No. 13.709/2018).

🏒

1. Data Controller

OneckPass Tecnologia Ltda.

Email:privacidade@oneckpass.com
DPO:dpo@oneckpass.com
πŸ“Š

2. Data We Collect

Data Provided by You

  • Email: For authentication and communication
  • Name: For service personalization
  • Payment data: For purchase processing

Automatically Collected Data

  • IP address: For security and fraud detection
  • Device type: For compatibility and support
  • Access date/time: For security and auditing

Vault Data (Encrypted)

πŸ”

IMPORTANT: Your passwords, secure notes, cards, and identities are encrypted on your device. We do not have access to this data in plain text. We store only encrypted blobs.

🎯

3. How We Use Your Data

βœ“Provide the service
βœ“Process payments
βœ“Send service communications
βœ“Security and fraud detection
βœ“Improve the service (anonymous analytics)
βœ“Comply with legal obligations

βœ•What We Do NOT Do

  • We do NOT sell your data
  • We do NOT share for advertising purposes
  • We do NOT access your encrypted data
  • We do NOT profile for marketing
🀝

4. Data Sharing

We share data only with:

  • Payment processor (for billing)
  • Infrastructure provider (hosting)
  • Authorities (when legally required)

Even in case of a court order, your vault data remains encrypted and unreadable.

πŸ›‘οΈ

5. Data Security

πŸ”’AES-256-GCM encryption for vault data
πŸ”’Argon2id for key derivation
πŸ”’TLS 1.3 for transmission
πŸ”’At-rest encryption in database
πŸ”’Encrypted backups
πŸ—“οΈ

6. Data Retention

  • Account data: While account is active
  • Security logs: 2 years
  • Payment data: 5 years (tax obligation)
  • Data after deletion: 30 days (backup)
βš–οΈ

7. Your Rights (LGPD)

Under LGPD, you have the right to:

β˜…Confirmation and Access: Know if we process your data and obtain a copy
β˜…Correction: Correct inaccurate data
β˜…Anonymization/Deletion: Request anonymization or deletion
β˜…Portability: Receive your data in structured format
β˜…Revocation: Revoke consent at any time

To exercise your rights, email privacidade@oneckpass.com. We will respond within 15 days.

πŸͺ

8. Cookies

  • Session: For authentication (duration: session)
  • Preferences: For settings (duration: 1 year)
  • Analytics: For product improvement (duration: 1 year)
πŸ”

9. Zero-Knowledge Architecture

Our architecture means that even in case of:

βœ“Court order: We hand over only encrypted blobs
βœ“Server breach: Unreadable data
βœ“Malicious employee: No access to content
πŸ”„

10. Changes

We may update this Policy. Significant changes will be communicated by email and notice in the application.

πŸ“§

Contact

Privacy questions:

πŸ“©privacidade@oneckpass.com

Data Protection Officer (DPO):

πŸ“©dpo@oneckpass.com

ANPD:

If you are not satisfied with our response, you can contact the National Data Protection Authority at

πŸ”—gov.br/anpd