Privacy Policy

1. Introduction

Killswitch ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our zero-knowledge encrypted storage service.

By using Killswitch, you agree to the collection and use of information in accordance with this policy.

2. Encryption Architecture

This is a core privacy feature, but it means we cannot help you recover lost passwords or decrypt your files under any circumstances. For sharing and Deadman Switch features to work, we store encrypted access keys that enable us to provide access links to your designated recipients.

3. Information We Collect

3.1 Account Information

When you create an account, we collect:

• Email address - For account creation, login, and service communications
• Password hash - Securely hashed with bcrypt (we never store plain text passwords)
• Account creation date
• Subscription status - Free, beta, starter, pro, business, etc.

3.2 Encrypted File Metadata

We store encrypted metadata about your files:

• Encrypted filename - Encrypted at rest in our database
• Encrypted description - Encrypted at rest in our database
• File size - For storage quota tracking
• Upload timestamp
• MIME type - For preview functionality
• Storage path - Encrypted at rest in our database

Note: Filenames, descriptions, and storage paths are encrypted using AshCloak with a separate encryption key stored securely on our servers. This provides defense-in-depth but is separate from the zero-knowledge file encryption.

3.3 Usage Information

We automatically collect:

• Login attempts - For security monitoring and bot defense (via Paraxial)
• IP addresses - For rate limiting, abuse prevention, and security
• Browser type and version - For compatibility troubleshooting
• Session information - For maintaining your logged-in state
• Activity logs - Limited to account actions (login, file upload/download counts)

3.4 Payment Information

For paid subscriptions:

• Payment processor data - Handled by third-party payment processors (Stripe, etc.)
• Billing email - For receipts and billing notifications
• Subscription tier and status
• Transaction history - For billing records and tax compliance

We do NOT store credit card numbers or payment details on our servers. All payment processing is handled by PCI-compliant third-party processors.

3.5 Deadman Switch Information

When you create Deadman Switches:

• Beneficiary names and email addresses
• Check-in frequency and grace period settings
• Last check-in timestamp
• Switch status - Active, paused, triggered, expired

4. How We Use Your Information

We use collected information to:

• Provide the Service - Store encrypted files, manage account access, process Deadman Switches
• Security and fraud prevention - Monitor login attempts, detect abuse, block malicious IPs
• Service communications - Send check-in reminders, account notifications, service updates
• Billing and payments - Process subscriptions, send receipts, manage refunds
• Legal compliance - Comply with applicable laws and regulations
• Service improvement - Analyze usage patterns (aggregated, anonymized) to improve features
• Customer support - Respond to inquiries and troubleshoot issues

5. Information We DO NOT Collect

Due to our zero-knowledge architecture, we do NOT collect or have access to:

• Contents of your encrypted files
• Your encryption password or master key
• Unencrypted filenames or descriptions
• File contents for indexing or search (we cannot search inside encrypted files)

6. Third-Party Services

We use the following third-party services that may collect data:

6.1 Digital Ocean Spaces (File Storage)

• Stores encrypted file data
• Located in the United States (NYC3 region)
• Files are encrypted blobs (Digital Ocean cannot decrypt them)
• Privacy Policy: https://www.digitalocean.com/legal/privacy-policy

6.2 Paraxial (Security Monitoring)

• Monitors security events, login attempts, and threats
• Collects IP addresses for bot defense and rate limiting
• Privacy Policy: https://www.paraxial.io/privacy

6.3 Email Service Providers

• Sends account emails, check-in reminders, and notifications
• Processes email delivery and tracks delivery status
• May collect open rates and click rates for service emails

6.4 Payment Processors

• Handles subscription billing and payment processing
• Collects payment information directly (not shared with us)
• Subject to their own privacy policies and PCI-DSS compliance

7. Data Sharing and Disclosure

We do NOT sell your personal information to third parties.

We may share information only in these circumstances:

• Service providers - Third parties who help us operate the Service (hosting, email, payments)
• Your designated recipients - When you share files or configure Deadman Switches, you authorize us to provide access links to your designated recipients and beneficiaries
• Legal requirements - If required by law, court order, or government request (limited to account metadata; we cannot decrypt your files)
• Safety and security - To prevent fraud, abuse, or harm to users or the public
• Business transfers - In the event of a merger, acquisition, or sale of assets
• With your consent - When you explicitly authorize sharing

Important: We do not have access to your encryption password or master key. When you delegate authority to share files or send Deadman Switch notifications, we provide access links to your designated recipients using pre-stored encrypted access keys that you authorized.

8. Data Security

We implement industry-standard security measures:

• Encryption in transit - HTTPS/TLS for all connections
• Encryption at rest - Files encrypted with AES-256-GCM, metadata encrypted with AshCloak
• Secure password hashing - bcrypt with appropriate work factors
• IP blocking and rate limiting - Via Paraxial bot defense
• Security scanning - Automated scanning with Sobelow and Paraxial
• Content Security Policy - Nonce-based CSP to prevent XSS attacks
• CSRF protection - On all state-changing operations

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. Data Retention

We retain your information as follows:

• Account data - Retained while your account is active
• Encrypted files - Retained until you delete them or your account is closed
• Deleted files - Permanently deleted within 30 days (including from backups within 90 days)
• Activity logs - Retained for 90 days for security purposes
• Billing records - Retained for 7 years for tax and legal compliance

10. Your Privacy Rights

10.1 General Rights

You have the right to:

• Access - Request a copy of your personal data
• Correction - Update incorrect or incomplete data
• Deletion - Request deletion of your account and data
• Export - Download your encrypted files at any time
• Opt-out - Unsubscribe from marketing emails (service emails still required)

10.2 GDPR Rights (EU Residents)

If you are located in the European Union, you have additional rights:

• Data portability - Receive your data in a machine-readable format
• Restriction of processing - Limit how we use your data
• Object to processing - Object to certain data uses
• Withdraw consent - Revoke consent for data processing
• Lodge a complaint - File a complaint with your data protection authority

10.3 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and share
• Request deletion of your personal information
• Opt-out of the sale of personal information (we do not sell data)
• Non-discrimination for exercising your rights

To exercise any of these rights, contact us at hello@killswitch.app.

11. International Data Transfers

Killswitch is based in the United States. If you access the Service from outside the United States, your information will be transferred to, stored, and processed in the United States.

By using the Service, you consent to the transfer of your information to the United States and processing in accordance with this Privacy Policy.

12. Children's Privacy (COPPA)

Killswitch is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

If we become aware that we have collected personal information from a child under 13, we will delete that information immediately. If you believe we have collected information from a child under 13, contact us at hello@killswitch.app.

13. Cookies and Tracking

We use minimal cookies and tracking:

• Session cookies - Essential for login and maintaining your session (required)
• CSRF tokens - Security tokens to prevent cross-site request forgery (required)
• Flash messages - Temporary messages for user feedback (required)

We do NOT use third-party advertising cookies or analytics cookies. We do NOT track you across other websites.

14. SMS Text Messaging

14.1 SMS Alert Program

Killswitch offers optional SMS text message alerts to notify you of time-critical events related to your deadman switches. This service is entirely optional and requires your explicit opt-in consent.

14.2 Types of SMS Messages

If you opt-in, you may receive SMS alerts for:

• Check-in reminders - Notifications when your deadman switch check-in is due or overdue
• Grace period warnings - Urgent alerts when your deadman switch has entered the grace period before triggering
• Trigger notifications - Critical alerts when your deadman switch has been triggered
• Security alerts - Optional notifications when your shared files are accessed (if enabled)

14.3 Message Frequency

Message frequency varies based on your deadman switch configuration and activity. Most users receive 1-5 messages per month. Messages are only sent when action is required (missed check-ins, grace periods, triggers).

14.4 Opt-In and Consent

You can opt-in to SMS alerts through:

• Your account Settings > Notifications page
• During deadman switch creation by providing a phone number and checking the SMS alerts checkbox
• Texting START, SUBSCRIBE, or ALERTS to our SMS number

By opting in, you provide express written consent to receive automated SMS alerts from Killswitch at the mobile number you provide. You confirm that you are the subscriber or customary user of the mobile number provided.

14.5 Opt-Out and Cancellation

You can opt-out of SMS alerts at any time by:

• Replying STOP to any SMS alert
• Disabling SMS notifications in your account Settings > Notifications

Your opt-out request will be processed within 24 hours (typically immediately). After opting out, you will no longer receive SMS alerts, but you will continue to receive email notifications.

14.6 Message and Data Rates

Message and data rates may apply based on your mobile carrier's plan. Killswitch does not charge for SMS alerts, but your mobile carrier may charge standard messaging rates. Check with your carrier for details.

14.7 SMS Help

For help with SMS alerts, text HELP to our SMS number or contact us at hello@killswitch.app.

14.8 Phone Number Privacy

Your mobile phone number:

• Is stored securely in our encrypted database
• Is used ONLY to send SMS alerts related to your deadman switches
• Is NEVER sold, rented, or shared with third parties for marketing
• May be shared with our SMS service provider (Twilio) solely for message delivery
• Can be removed from your account at any time in Settings

14.9 Beneficiary Notifications

When your deadman switch triggers, beneficiaries you designated may receive a one-time SMS notification with access instructions, even if they have not opted in to receive SMS from Killswitch. This is a single transactional message sent on your behalf to deliver critical information. Beneficiaries will not receive ongoing SMS messages from Killswitch.

14.10 Carrier Liability

Killswitch and mobile carriers are not liable for delayed or undelivered messages. SMS delivery depends on your carrier's network and may be affected by network outages, service interruptions, or device issues.

14.11 Supported Carriers

SMS alerts are available for all major U.S. carriers (AT&T, T-Mobile, Verizon, Sprint, etc.) and most regional carriers. International SMS support varies by country.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date.

For material changes that reduce your rights, we will notify you by email or prominent notice on the Service at least 30 days before the changes take effect.

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

16. Contact Us

For questions about this Privacy Policy or to exercise your privacy rights, contact us at:

Email: hello@killswitch.app