DELG PassLog in

Privacy Policy

DELGPass Privacy Policy

Effective date: May 25, 2026

Overview

DELGPass is a zero-knowledge password manager. Vault encryption and decryption happen on your device. DELGPass does not receive your master password, decrypted vault contents, raw vault encryption key, or master-derived encryption key.

Information We Process

DELGPass processes account and session information such as your email address, plan information, device type, device name, access tokens, refresh/session records, timestamps, and settings needed to operate the service.

DELGPass stores encrypted vault records, encrypted folders, wrapped vault keys, nonces, authentication tags, and related encrypted sync metadata. Depending on what you save, encrypted vault records may represent logins, URLs, notes, TOTP secrets, or payment-card fields. These records are encrypted before they are sent to the server.

Information We Do Not Receive

  • Your master password
  • Your decrypted vault items, notes, passwords, card details, or TOTP secrets
  • Your raw vault encryption key
  • Your master-derived encryption key
  • Decrypted autofill data from browser pages

Browser Extension

The DELGPass browser extension uses host permissions to detect login forms, suggest matching vault items, and fill credentials when requested. Matching and autofill are handled locally by the extension. The extension does not send page contents or browsing history to DELGPass for tracking or advertising.

The extension may store settings, the last account email, encrypted vault blobs, and short-lived session state in browser extension storage. Vault keys are kept in memory or browser session storage according to the extension lock settings and are cleared when you lock or log out.

How We Use Information

We use information to authenticate sessions, sync encrypted vault data, enforce account limits, provide extension and web app features, prevent abuse, and maintain service security. We do not sell vault data, browsing activity, or account information.

Sharing

DELGPass does not share decrypted vault contents because DELGPass does not have access to them. We may use infrastructure providers to host the API, database, and static application files. Those providers process only the encrypted and operational data needed to run the service.

Security

DELGPass uses client-side cryptography for vault protection. Authentication verifiers, wrapped vault keys, encrypted vault records, and session records are handled by the backend. You are responsible for choosing and protecting a strong master password.

Data Retention And Deletion

Encrypted vault records and account metadata are retained while your account is active. Session records may expire or be revoked. To request account deletion or privacy assistance, contact DELG Software using the support channel listed on the DELGPass website or add-on listing.

Changes

We may update this policy as DELGPass changes. Material updates will be reflected by changing the effective date and publishing the updated policy.

Contact

For privacy or security questions, contact DELG Software through the official DELGPass support or developer contact listed with the web app or browser extension.