Privacy Policy

At Stealth, privacy isn't a feature - it's the foundation. This document explains exactly what data we collect, how we handle it, and what we don't do. The short answer: we log nothing, we save nothing, and everything is encrypted in a way that makes it impossible for us to access your data even if we wanted to.

Our Privacy Commitment

Stealth is designed with a zero-knowledge architecture. This means:

  • We cannot see your data. All encryption is end-to-end with keys that never leave your device.
  • We cannot decrypt your data. Even with full server access, your encrypted data remains unreadable to us.
  • We do not log your activity. No browsing history, no connection logs, no timestamps of when you connect.
  • We do not store your conversations. StealthChat messages are encrypted and never stored on our servers.
  • We do not track you. No analytics, no tracking pixels, no behavioral profiling.

What We Don't Collect

To be completely clear, here's what we explicitly do not collect or store:

VPN Activity

  • No browsing history or visited websites
  • No connection timestamps or session duration
  • No IP addresses (yours or destination servers)
  • No bandwidth usage per session
  • No DNS queries or domain lookups
  • No traffic content, headers, or metadata

StealthChat

  • No message content (encrypted end-to-end)
  • No conversation logs
  • No contact lists or friend relationships
  • No voice call recordings or metadata
  • No file transfer logs
  • No read receipts or typing indicators stored

Stealth Transfer

  • No file contents (encrypted before upload)
  • No file names or metadata
  • No download logs or access records
  • Files are automatically deleted after expiration

Stealth Vault

  • No password data (encrypted locally only)
  • No vault contents ever transmitted to servers
  • No master password or recovery keys

General Usage

  • No application usage statistics
  • No feature usage tracking
  • No device identifiers or hardware information
  • No location data
  • No crash reports with personal data

What We Do Collect (Minimal Service Data)

To provide the service, we must collect a minimal amount of data. Below is a complete list of what we collect and the specific purpose for each type of data:

Account Information

Data Collected:

  • Email address
  • License key and activation status
  • Subscription status and expiration date

Purpose: This information is collected to validate your license, manage your subscription, and provide customer support. Your email address is used solely for account-related communications (license validation, subscription updates, support responses).

How We Use It: Account information is stored securely on our servers and used exclusively for license validation and support purposes. It is never shared with third parties or used for marketing purposes.

Google OAuth Data (Optional)

Data Collected: If you choose to use the optional Google Drive sync feature for Stealth Vault, we request access to:

  • Your Google account email address
  • Your Google profile information (name, profile photo)
  • Google Drive file access (limited to Stealth Vault sync files only)

Purpose: This data is requested exclusively to enable optional cloud synchronization of your encrypted password vault through Google Drive. This feature is completely optional - you can use Stealth Vault entirely locally without any Google integration.

How We Use It: Google account information is used only to authenticate with Google Drive and access the encrypted vault sync file. We do not store your Google credentials. The vault file stored on Google Drive is encrypted with your master password before upload, so Google cannot access your vault contents. We do not use your Google data for any other purpose.

Google's Privacy Policy: When you use Google OAuth, Google's privacy policy applies to the authentication process. You can revoke access at any time through your Google account settings.

Technical Diagnostics (Optional)

Stealth offers two optional diagnostic features to help troubleshoot issues:

Bug Reports

Data Collected: If you choose to submit a bug report, you can optionally include:

  • System information (OS version, hardware specifications)
  • Application logs (technical errors only, no personal data)
  • Error messages and stack traces

Purpose: This information is collected solely to diagnose and fix technical issues you encounter with the application.

How We Use It: All bug reports are reviewed by you before submission - you control exactly what information is included. Bug reports are stored securely and used exclusively for troubleshooting and improving the application. They are never used for marketing or shared with third parties.

Debug Logging

Data Collected: If you enable debug logging for support or troubleshooting, the following information may be collected:

  • Technical application logs (connection status, feature usage, error events)
  • System information relevant to troubleshooting
  • Timestamps of events

Purpose: Debug logging is collected to help our support team diagnose and resolve technical issues you may be experiencing. This feature is designed to provide detailed technical information that helps identify problems quickly.

How We Use It: Debug logs are sent to our servers for a limited time period while the feature is enabled. The debug logging feature automatically shuts off after a set duration, so you don't need to remember to disable it. Logs contain only technical diagnostic information - no browsing activity, messages, personal data, or sensitive information is included. Debug logs are stored securely and used exclusively for troubleshooting purposes. They are never used for marketing, analytics, or shared with third parties.

User Control: Debug logging is completely optional and must be explicitly enabled by you. You can disable it at any time through the application settings. The feature automatically disables after the configured time period to ensure it doesn't remain active indefinitely.

Aggregate Statistics

Data Collected: We maintain aggregate, anonymized statistics:

  • Total bandwidth usage across all users (not per-user)
  • Server capacity and load metrics
  • General connection success rates

Purpose: These statistics are collected to monitor service health, plan server capacity, and ensure reliable service delivery.

How We Use It: These statistics are completely anonymized and cannot be used to identify individual users or their activity. They are used exclusively for operational purposes and are never shared with third parties.

Encryption Architecture

All data in Stealth is encrypted using industry-standard algorithms. More importantly, the encryption is designed so that we cannot decrypt your data even with full system access.

VPN Traffic

All VPN traffic uses WireGuard encryption:

ProtocolWireGuard with ChaCha20-Poly1305
Key ExchangeCurve25519 (keys never transmitted)
Server AccessServers cannot decrypt your traffic

VPN servers only see encrypted packets. They cannot determine what websites you visit, what data you send, or what services you use.

StealthChat Messages

All messages are encrypted end-to-end:

EncryptionAES-256-GCM with per-message keys
Key ManagementDevice-based keys, never stored on servers
Server StorageMessages stored encrypted, servers cannot decrypt

Messages are encrypted on your device before transmission. Servers store only encrypted blobs that cannot be decrypted without your device keys.

Stealth Transfer Files

Files are encrypted before upload:

EncryptionAES-256-GCM
Key DistributionDecryption key in shareable link only
Server AccessServers cannot decrypt file contents

Files are encrypted client-side before upload. The decryption key is only in the shareable link, not stored on our servers.

Stealth Vault

Vault data never leaves your device:

EncryptionAES-256-CBC with PBKDF2 key derivation
StorageLocal device only, never synced to servers
Master PasswordNever stored, used only to derive encryption key

Your vault is encrypted and stored entirely on your device. We have no access to vault contents under any circumstances.

Data Retention

Account Data

Account information (email, license status) is retained for the duration of your subscription and for a reasonable period after cancellation for support purposes. You can request account deletion at any time.

StealthChat Messages

Messages are stored on servers only temporarily for delivery. Once delivered to all recipients, messages are deleted from servers. We do not maintain message archives.

Stealth Transfer Files

Files are automatically deleted after the expiration period you set (default 7 days). Expired files are permanently removed and cannot be recovered.

VPN Connection Data

We do not store VPN connection data. No logs are created, so there is nothing to retain or delete.

Third-Party Services

Stealth uses minimal third-party services, all chosen for their privacy-respecting policies:

Payment Processing

Payment processing is handled by Stripe. We do not store credit card information. Stripe's privacy policy applies to payment data.

Email Services

Account emails (verification, password resets) are sent through a secure email service. Email addresses are used only for account-related communications.

DNS Providers

When using DNS features, queries may route through Cloudflare, Google, or Quad9 DNS servers. These providers have privacy-respecting policies, but their privacy policies apply to DNS queries.

Google Services (OAuth & Drive)

If you use the optional Google Drive sync feature, authentication is handled through Google OAuth. Google's privacy policy applies to the authentication process. We only request the minimum permissions necessary (Drive file access for vault sync). You can revoke access at any time through your Google account settings. We do not store your Google credentials or use your Google data for any purpose other than vault synchronization.

Your Rights

You have complete control over your data:

  • Access. Request a copy of all data we have about you (which is minimal - just account information).
  • Deletion. Request deletion of your account and all associated data.
  • Correction. Update your account information at any time.
  • Export. Export your Stealth Vault data (it's already on your device).
  • Opt-out. Choose not to submit bug reports or diagnostic data.

To exercise these rights, contact us through the support system in the application or via email.

Legal Compliance

Stealth operates under strict privacy principles. However, we may be required to comply with legal requests:

  • We will notify you of any legal requests for your data (unless legally prohibited).
  • We will challenge overly broad requests.
  • Due to our zero-logging architecture, we typically have no data to provide even if legally compelled.

Because we don't log activity, connection data, or message content, we cannot provide information we don't have.

Children's Privacy

Stealth is not intended for users under 13 years of age. We do not knowingly collect information from children. If you believe a child has provided us with information, contact us immediately and we will delete it.

Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. Significant changes will be communicated through the application or via email. The current version is always available in the application under Settings → Privacy Policy.

We will never make changes that reduce your privacy protections without clear notification and your consent.

Contact

For privacy-related questions or concerns, contact us through the support system in the application. We take privacy seriously and will respond promptly to all inquiries.

Last Updated: December 2024