Privacy policy

Summary

NT² Vault is designed so that we cannot read your vault contents. Your master password and encryption keys stay on your device. This policy describes what happens on your device, on our optional cloud services, and on this marketing website.

Data on your device

Vault data (items, attachments, and vault metadata including salt and public Key DID material) is stored in your browser using encrypted SQLite and IndexedDB. We do not receive your master password, derived keys, or decrypted payloads when you use the vault offline or without enabling cloud features.

Optional cloud sync (Premium)

If you enable sync, only ciphertext and non-sensitive sync metadata are transmitted to our edge infrastructure. We store a key-derivation salt and public signing keys to authenticate your vault—never your master password. Cloud sync remains optional; local-only use is fully supported.

Billing

Premium subscriptions are processed by Lemon Squeezy (merchant of record). A receipt email may be collected for tax and invoicing; it is not your vault identity. Vault access uses a Vault Key DID, not your email address.

This website (nt2.me)

This marketing site does not load third-party analytics or advertising trackers by default. Server logs at our CDN may include standard request metadata (IP address, user agent) for security and operations.

No password recovery

If you lose your master password, NT² cannot recover your data. Use a .nt2vault backup file to move your vault to another device.

Contact

Questions about privacy: Contact or email privacy@nt2.me.