KeysArk

Privacy Policy

KeysArk is built so that we — and anyone else — only ever see ciphertext. This page explains what that means for your data in plain terms.

What we never see

  • Your recovery phrase.
  • The master key derived from it.
  • The plaintext of anything you store.

These exist only in your browser's memory and never leave your device — they are never sent to our servers, put in a URL, written to a log, or stored in a database.

What the server stores

Only the OAuth tokens needed to talk to your cloud drive on your behalf, keyed by provider and account. Your encrypted content lives in your own Google Drive or Baidu netdisk — not on our servers. We move opaque ciphertext between your browser and your drive; we do not keep a copy.

Cookies

  • A session cookie after you sign in, so your browser stays connected to your drive.
  • A small cookie remembering your theme (light/dark).
  • Your language is carried in the URL, not a cookie.

We do not use analytics or tracking cookies, and we do not profile you.

Third parties

Signing in uses Google or Baidu OAuth. How they handle your account and storage is governed by their own privacy policies.

Deleting your data

  • Sign out to clear the session on this device.
  • Delete the KeysArk files in your own cloud drive at any time.
  • Revoke KeysArk's access from your Google or Baidu account settings.

Changes

We will update this page if our practices change. Last updated: June 2026.