Privacy Policy for PixPass Wallet
Last Updated: March 24, 2026
⚠️ CRITICAL NOTICE: This PixPass Wallet Demo operates on third-party infrastructure. While we implement security best practices, we make NO GUARANTEES regarding data security, server integrity, or protection against breaches. Use at your own risk.
1. Our Core Principle: Zero Persistence
PixPass Wallet is designed with a zero-persistence architecture. When you use our service:
- We do NOT store your passwords, secrets, credentials, or uploaded images on any server
- We do NOT log your IP address, email, name, or any personally identifiable information (PII)
- All processing occurs in-memory and is immediately purged after your operation completes
- The generated PNG file containing your encrypted data is downloaded directly to your device—nothing is retained server-side
2. Third-Party Infrastructure Disclosure
Infrastructure Reality: PixPass Wallet is hosted on third-party cloud infrastructure. This means:
- Server hardware, networking, and data centers are managed by external providers
- We have limited control over physical security, potential hardware failures, or infrastructure-level vulnerabilities
- Data transmitted to/from our service passes through third-party networks
- We cannot guarantee absolute protection against sophisticated attacks, zero-day exploits, or infrastructure compromises
3. Data Handling During Operations
When you submit data through PixPass Wallet:
- Temporary Processing: Your data exists only in server RAM during the encryption/embedding process (typically <2 seconds)
- Encryption Standard: We use AES-256-GCM encryption with your provided password as the key
- Immediate Deletion: After the PNG is generated and transmitted to your browser, all data is immediately purged from memory
- No Backups: We maintain no backups, logs, or archives of user-submitted data
4. Security Measures (Best Efforts Only)
We implement the following security practices, though we make no guarantees of their effectiveness:
- HTTPS/TLS: All communications are encrypted in transit using TLS 1.3
- AES-256-GCM: Industry-standard authenticated encryption for your data
- Steganography: Data is hidden within image pixels for additional obscurity
- No Persistent Storage: Zero database storage of user credentials or images
- Regular Audits: We attempt to review our code periodically, but cannot guarantee all vulnerabilities will be discovered
5. User Acknowledgments and Responsibilities
BY USING THIS SERVICE, YOU ACKNOWLEDGE AND AGREE:
- Password Responsibility: If you lose your password, your encrypted data is PERMANENTLY INACCESSIBLE. We have no recovery mechanism.
- Breach Risk: Despite our best efforts, data breaches, server compromises, or service interruptions may occur. We accept no liability for resulting damages.
- No Warranties: The service is provided "AS IS" without any warranties of security, availability, or fitness for purpose.
- Backup Duty: You are solely responsible for maintaining secure backups of your generated PixPass images and remembering your passwords.
- Illegal Use Prohibited: You agree not to use this service to conceal illegal, harmful, or prohibited data.
6. Third-Party Links and Services
Our service may integrate with or link to third-party services (e.g., external PixPass-enabled authentication systems). We have no control over these services and assume no responsibility for their security practices, privacy policies, or data handling.
7. Minors
PixPass Wallet is intended for users 18 years of age or older (or 13+ with parental consent where applicable). By using this service, you represent that you meet these age requirements.
8. International Data Transfer
Our third-party infrastructure may operate in multiple jurisdictions. By using this service, you consent to the transfer of your data (during processing only) across international boundaries.
9. Changes to This Policy
We reserve the right to modify this Privacy Policy at any time. Changes take effect immediately upon posting. We encourage you to review this policy periodically.
10. NO GUARANTEE OF SECURITY
FINAL DISCLAIMER: While we employ security best practices, WE GUARANTEE NOTHING. Sophisticated attackers, government surveillance, infrastructure failures, software bugs, or human error may compromise your data. PixPass Wallet is a convenience tool, not a security solution. For critical secrets, use dedicated offline solutions (e.g., hardware wallets, air-gapped systems, professional key management services).
11. Contact
For questions about this privacy policy, contact us through the application interface. We do not maintain a public email address to minimize attack surface.
← Back to PixPass Wallet