Privacy Policy – iKeePass App
Applicable to: iKeePass for iOS, iPadOS and macOS
Developer: Karsten Fusenig
Last updated: February 23, 2026
1. Overview
iKeePass is a password manager that uses the KeePass database format (KDBX). The app was developed with the principle of “Privacy by Design”. We do not collect, store or transmit any personal data to us or third parties.
2. Data Collection and Usage
2.1 Data NOT Collected
iKeePass does not collect any of the following data:
| Data Category | Collected? |
|---|---|
| Contact Information (Name, Email, Phone) | No |
| Health and Fitness Data | No |
| Financial Information | No |
| Location Data | No |
| Sensitive Information | No |
| Contacts | No |
| Usage Data | No |
| Diagnostics and Crash Data | Yes, optional (see Section 6) |
| Browsing History | No |
| Search History | No |
| Identifiers (Device ID, Advertising ID) | No |
| Purchases | No |
| Audio, Photo or Video Data | No |
2.2 Data Stored Locally on Device
The following data is processed exclusively on your device and never leaves it:
- Master Password: Only held in memory and never stored or transmitted.
- KeePass Database File (.kdbx): Stored locally or via a cloud service configured by you. The file is encrypted with AES-256 or ChaCha20.
- Entries (Passwords, Usernames, URLs, Notes): Contained exclusively within the encrypted KDBX file.
- App Settings: Stored locally in app preferences (e.g., last opened database, display settings).
3. Cloud Services (Optional)
iKeePass offers the ability to load KDBX files from cloud storage services. The use of these services is entirely optional and configured by the user.
| Cloud Service | Connection Type | Data Transfer |
|---|---|---|
| Nextcloud | WebDAV (HTTPS) | Only the KDBX file (encrypted) |
| Dropbox | Dropbox API (OAuth 2.0) | Only the KDBX file (encrypted) |
| OneDrive | Microsoft Graph API (OAuth 2.0) | Only the KDBX file (encrypted) |
| Google Drive | Google Drive API (OAuth 2.0) | Only the KDBX file (encrypted) |
Important:
- iKeePass only transfers the encrypted KDBX file.
- Decryption occurs exclusively on the device.
- Cloud service credentials are securely stored in the iOS/macOS Keychain.
- The privacy policies of the respective cloud providers apply additionally.
4. Biometric Authentication
iKeePass supports Face ID and Touch ID to unlock the database.
- Biometric data is processed exclusively by the operating system (iOS/macOS).
- iKeePass only receives a yes/no confirmation from the system.
- We have no access to biometric data.
- Biometric authentication is optional and can be disabled by the user.
5. Encryption and Security
| Component | Technology |
|---|---|
| Database Encryption | AES-256-CBC / ChaCha20 |
| Key Derivation | AES-KDF / Argon2d / Argon2id |
| Integrity Verification | HMAC-SHA-256 (KDBX 4.x) |
| Inner Encryption | Salsa20 / ChaCha20 (password protection in RAM) |
| Keychain Storage | iOS/macOS Keychain (hardware-secured) |
| Transport Encryption | TLS 1.2+ (for cloud connections) |
6. Crash Reporting (Sentry)
iKeePass uses Sentry for error monitoring and crash reporting. This service is optional and can be disabled at any time in the settings.
Self-Hosted Server
The Sentry server is self-hosted by the iKeePass developer. Data is not sent to sentry.io or any other third-party provider.
| Property | Details |
|---|---|
| Server | sentry.fusenigk.de |
| Operator | Karsten Fusenig (Self-Hosted) |
| Location | Germany |
| Can be disabled | Yes, in Settings under “Debug” |
What Data Is Collected?
When Sentry is enabled, only technical information is collected:
| Data | Description |
|---|---|
| App Crashes | Stack traces, error cause |
| App Version | Version and build number |
| Device Information | Device type, iOS/macOS version |
| Memory Usage | RAM usage at the time of the error |
Not collected: Passwords, usernames, database contents, URLs, personal data.
Use of Crash Logs
The collected crash logs are used exclusively internally to improve app quality and fix bugs. The data is not shared with, sold to, or used by any third parties. Only the developer (Karsten Fusenig) has access to the crash logs.
Disabling Sentry
Sentry can be disabled at any time under Settings → Debug → “Sentry enabled”. When disabled, no data is sent to the Sentry server.
For more information about Sentry, see our FAQ.
7. Other Third-Party Services
iKeePass does not use any of the following additional third-party services:
- No analytics or tracking tools (no Google Analytics, no Firebase, etc.)
- No advertising networks
- No social media SDKs
- No A/B testing frameworks
8. Children’s Data
iKeePass does not knowingly collect personal data from children under 13 years of age. Since the app does not collect any data, age differentiation is not necessary.
9. Data Retention and Deletion
Since iKeePass does not collect or store user data, there is no server-side data that needs to be deleted. All data resides exclusively on the user’s device and can be completely removed by deleting the app or the KDBX file.
10. Changes to This Privacy Policy
We reserve the right to update this privacy policy at any time. Changes will be published on this page. In case of significant changes, we will update the date of last modification.
11. Contact
For questions about this privacy policy:
Karsten Fusenig
Zur Marktflagge 37
10247 Berlin
Website: https://ikeepass.app
This privacy policy applies to the iKeePass app, available on the Apple App Store and Mac App Store.