Privacy Policy
Effective July 13, 2026
Keyline is built so we know as little as possible. This page lists what we do hold, why, and your rights. The controller is Keyline, operated by a sole proprietor based in Bulgaria. Contact: support@keyline.sh.
1. What we never see
Your secret values. Encryption happens on your machine before upload. Our servers store ciphertext and per-device wrapped keys. We hold no key that can decrypt them. A breach of us is not a breach of you.
2. What we store
- Account data: email, optional display name, workspace role.
- Device keys: the public half of each enrolled device's keypair. Private keys never leave your machine.
- Metadata: workspace, project, and environment names. Secret names appear in audit events when you rotate one. Values never do.
- Encrypted bundles: your secrets as ciphertext, versioned.
- Audit events: who did what and when (pushes, pulls, invites, revokes), kept tamper-evident for your team.
- Logs: short-lived technical logs (IPs, request paths) for security and debugging.
3. Billing
Paid plans are sold through Paddle, our merchant of record. Paddle collects your payment and billing details under its own privacy policy. We never see your card number. From Paddle we receive subscription status and what's needed for accounting.
4. Cookies and analytics
No tracking cookies. No ad tech. The dashboard keeps a short-lived session token in your browser's localStorage and has no analytics at all. The marketing site uses Plausible, a cookieless, EU-hosted analytics service: aggregate page counts, no cookies, no personal profiles, no cross-site tracking.
5. Who processes data for us
- Vercel (hosting, USA/EU)
- Neon (database hosting)
- Paddle (payments, merchant of record)
- Resend (transactional email: invitations, sign-in links)
- Sentry (error monitoring, EU region, scrubbed before send)
- Plausible (cookieless site analytics, EU, marketing pages only)
- Google Fonts (web fonts on this site, loaded from Google's servers)
We do not sell your data. We share it only with the processors above, or if the law requires it. Business customers: our Data Processing Agreement covers this in GDPR terms.
6. Retention
Account and workspace data stays while your account is active. Delete your workspace and we delete its data from our systems. Backups expire on a rolling basis. Technical logs are kept briefly.
7. Your rights (GDPR)
You can ask for access, correction, export, or deletion of your personal data. Your secrets you can export yourself at any time with keyline pull. Email support@keyline.sh. You can also complain to your local data protection authority. Ours is the Bulgarian CPDP.
8. Security
Client-side AES-256-GCM encryption, TLS everywhere, hashed access tokens, per-environment access control, and a tamper-evident audit log. The encryption design is public so you can verify the claims instead of trusting them.
9. Changes
We may update this policy. For material changes we will notify you by email or in the dashboard.