Last updated: 11 March 2026
BlindKeep does not track you. No analytics, no cookies, no fingerprinting, no advertising, no data sales. Your encrypted data is stored in the EU and we cannot read it.
BlindKeep does not set any cookies. Authentication state is held in session storage, which is cleared when you close the tab. No persistent identifiers survive across sessions.
None. All resources — JavaScript, CSS, fonts, icons, and WASM — are served from our own domain. No CDNs, no third-party scripts, no external requests.
Because BlindKeep is zero-knowledge, we store only encrypted data and the minimum metadata required to operate the service:
| Data | Purpose | Can we read it? |
|---|---|---|
| Email address | Account identity, recovery, will notifications | Yes |
| Encrypted blobs (S3) | Your vault items, files, drops | No |
| Wrapped keys | Key management | No |
| File size (bytes) | Billing and metering | Yes (padded to size buckets) |
| Timestamps | Record ordering, expiry logic | Yes |
| IP addresses | Rate limiting, audit log | Yes |
| Item/grant/drop counts | Database row counts | Yes |
We cannot decrypt your files, notes, passwords, or any vault content. See the cryptographic architecture for the full technical proof.
All data is stored and processed in European data centres (Scaleway, France). The server runs in the EU. Your data does not leave Europe.
We do not sell, rent, or share your data with any third party. We do not have advertisers, data brokers, or analytics partners. Payment processing (Stripe) receives only the minimum billing data required to process a transaction — never your vault content.
If compelled by valid legal process, we can only provide what we have: encrypted blobs, email addresses, timestamps, and IP addresses. We cannot provide decryption keys or plaintext data because we do not have them. This is a property of the architecture, not a policy choice.
Questions about privacy? Email privacy@blindkeep.com