Legal

Privacy
Policy.

Last updated: May 9, 2026  ·  Effective for AstraVault v1.0 and above

1. Who We Are

AstraVault is a product of AstraSoft, registered in India. AstraSoft is responsible for processing your personal data in accordance with applicable privacy laws.

  • Data Controller: AstraSoft (AstraVault)
  • Grievance Officer: Compliance Lead
  • Email: info@astravault.co.in
  • Response SLA: 7 calendar days

2. Zero-Knowledge Architecture

AstraVault is a client-side-only application. AstraSoft has zero access to your unencrypted documents at any time. Every file is encrypted with AES-256-GCM on your device — inside the Android hardware security enclave — before any data leaves your phone. We cannot read your documents even if legally compelled, because we never possess the decryption keys.

This is not a policy promise. It is a technical guarantee: your encryption key is derived from your passphrase using PBKDF2-SHA512 (600,000 iterations) and bound to your Android Keystore hardware. AstraSoft's servers never receive it.

3. Data We Collect & Why

Data Purpose Where stored Status
Google Account email Sign-in identity, Drive access, account identification Firebase Firestore (your user profile) Required
Google Drive access Store your encrypted documents in your own Drive Your personal Google Drive (app-scoped) Required
Encrypted metadata Document name, category, upload date, OCR snippet (≤500 chars), masked entities SQLCipher DB on your device only Required
Subscription status Determine Free or Pro tier access Firebase Firestore (your profile) Required
Crash reports Identify and fix app crashes Firebase Crashlytics (Google) Opt-in
Anonymous usage analytics Understand how features are used to improve the app Firebase Analytics (Google) Opt-in
Document content (photos, PDFs) Never collected
Biometric data (fingerprint images) Never collected
Passphrase or encryption keys Never collected

Opt-in analytics and crash reporting are controlled via Settings → Consent Manager. Both default to OFF on first launch.

4. Authentication & Biometrics

AstraVault uses a two-factor authentication model combining a passphrase with device biometrics:

  • Vault passphrase is your cryptographic root. It is hashed locally and stored in Android's EncryptedSharedPreferences. It is never transmitted to AstraSoft. Losing your passphrase without a recovery phrase means permanent vault lockout — we cannot recover it for you.
  • Fingerprint unlock is handled entirely by the Android BiometricPrompt API. AstraVault does not access, process, or store any fingerprint templates or images. The biometric check happens inside the device's Trusted Execution Environment (TEE). AstraVault only receives a pass/fail result.
  • Face recognition is not used. AstraVault does not collect or process facial data of any kind.
  • Your Android Keystore key (AES-256-GCM) is generated inside the secure enclave and is cryptographically bound to your device. It cannot be exported or extracted.

5. Zero-Trace Protocol

Document content is treated as ephemeral in memory and is never written to disk in plaintext:

  • Document byte arrays are encrypted in RAM and immediately zeroed (ByteArray.fill(0)) after the encryption step completes.
  • No temporary plaintext files are written to internal storage, external storage, or any cache directory at any stage of capture, OCR processing, or sync.
  • The ZeroTrace Viewer decrypts documents to RAM only for the duration of viewing. No file is written to the filesystem. Memory is released when the viewer closes.
  • OCR text extraction runs entirely on-device using Google ML Kit's on-device models. No document images or text are sent to Google OCR servers.

6. Google Drive Storage

Encrypted document files (AES-256-GCM ciphertext) are stored in your personal Google Drive using the Drive API with app-specific scope (drive.file). AstraSoft's servers are not an intermediary — your device uploads directly to your Drive using your OAuth token. AstraSoft has no standing access to your Drive files.

Only the encrypted ciphertext is uploaded. The decryption key never leaves your device. If AstraSoft were ever to receive a request for your Drive files, we would be unable to decrypt them.

7. Sensitive ID Handling

When OCR detects a 12-digit national ID pattern, the first 8 digits are automatically replaced with asterisks before the text is stored anywhere — in the local SQLCipher database, in the OCR snippet, and in any search index. This masking is irreversible and happens automatically before any data is stored.

PAN card numbers are similarly masked. The original, unmasked number is never stored in plaintext by AstraVault — it exists only in the encrypted document file (your Drive) and briefly in camera RAM during capture before being zeroed.

8. Your Privacy Rights

AstraVault is built with privacy as a core principle. You have the following rights regarding your personal data:

  • Right of Access — Request a summary of all personal data we hold about you. Go to Settings → My Data Rights → Access my data, or email us.
  • Right to Correction — Request correction of inaccurate data. You can update document metadata directly in the app, or contact us for profile data.
  • Right to Erasure — Delete your account from Settings → Delete My Account. A 30-day cooling period applies; you may cancel during this window. After 30 days: local SQLCipher DB is wiped, Drive sync is revoked, and your profile is deleted. Encrypted Drive files remain in your Google Drive (under your control) until you delete them.
  • Right to Withdraw Consent — Change your analytics and crash reporting consent at any time via Settings → Consent Manager. Withdrawal takes effect immediately.
  • Right to Nominate — You may nominate a trusted person to exercise these rights on your behalf in the event of death or incapacity. Contact us to register a nomination.
  • Grievance Redressal — File a grievance at info@astravault.co.in. We respond within 7 calendar days. If your grievance remains unresolved, you may seek further redressal through appropriate legal channels.

9. Third-Party Services

AstraVault integrates the following third-party services. Their respective privacy policies govern their own data handling:

Service Purpose Data shared
Google Firebase Auth User sign-in (Google account) Google account email, UID
Google Firestore User profile, subscription, consent records Email, tier, consent flags
Firebase Crashlytics Crash reporting (opt-in only) Stack traces, device model, OS version — no document data
Firebase Analytics Anonymous feature usage (opt-in only) Event names, session duration — no personal identifiers, no document content
Firebase Cloud Messaging Push notifications (security alerts, sync status) FCM device token
Google Play Integrity (App Check) Verifies app authenticity before Firestore requests Device attestation token (no personal data)
Google Drive API Encrypted document storage in your personal Drive Encrypted ciphertext only — AstraSoft cannot decrypt
Google ML Kit (on-device) OCR text recognition (English + Hindi) Runs entirely on-device — no data sent to Google
Google Play Billing Pro upgrade purchase Handled by Google Play — AstraSoft receives purchase confirmation only
Google AdMob Optional rewarded ads (Ad Boost feature) Ad identifiers per Google's privacy policy — watching ads is always optional

Google Privacy Policy  ·  Firebase Privacy

10. Data Retention

DataRetention period
Encrypted Drive filesUntil you delete them (you control your Drive)
Local SQLCipher metadataUntil you delete your account or perform a vault reset
Firebase user profile (email, tier)Deleted within 30 days of account deletion request
Consent records5 years (regulatory compliance requirement)
Firebase Crashlytics data90 days (Google's Crashlytics policy)
Firebase Analytics data14 months (Google's Analytics default)

11. Security Measures

  • AES-256-GCM encryption — all document content encrypted before upload
  • PBKDF2-SHA512 key derivation — 600,000 iterations for passphrase hardening
  • Android Keystore — hardware-backed cryptographic key storage
  • SQLCipher — all local metadata encrypted at rest with a derived key
  • TLS 1.3 — all network communication encrypted in transit
  • Firebase App Check (Play Integrity) — verifies request origin before any Firestore write
  • Device integrity checks — root, emulator, debugger, and APK tamper detection at launch
  • FLAG_SECURE — prevents screenshots of vault contents in the app switcher

12. Children's Privacy

AstraVault is not directed at children under 18. We do not knowingly collect personal data from minors. Users under 18 must have verifiable parental consent before use. If you believe a minor has created an account without parental consent, contact us at info@astravault.co.in for immediate account deletion.

13. Changes to This Policy

We will notify you of material changes to this policy via push notification and an in-app banner at least 7 days before the change takes effect. For non-material changes (contact information updates, clarifications), we will update the "Last updated" date and notify you at next launch. Your continued use of AstraVault after the effective date constitutes acceptance of the revised policy.

14. Contact & Grievance

To exercise your data rights, request deletion, file a grievance, or ask any privacy question:

  • Email: info@astravault.co.in
  • Response time: 7 calendar days
  • Data deletion form: data-deletion.html
  • Further escalation: If your grievance remains unresolved after 30 days, you may seek redressal through appropriate legal channels under applicable law.