1. Introduction
OneCritto is a fully offline desktop application designed to store sensitive data locally on your device. The Software does not use cloud services, does not require online accounts, and does not transmit vault contents to external servers.
2. Local data only
All information you store inside your encrypted vault remains on storage that you control. OneCritto does not collect, process, transfer, analyze or store personal data on external systems.
The developer does not have access to the vault, its encryption keys, or its contents.
3. Master password and encryption
Access to your vault requires a master password that only you know. The master password is never transmitted, shared, or stored in plaintext. The developer cannot recover it or decrypt your data.
4. Software telemetry and website services
The desktop Software does not collect telemetry, usage statistics or crash reports. It does not log vault activity or send your master password, vault contents, files or notes to remote servers.
The website may use limited third-party services such as Google reCAPTCHA for abuse prevention and PayPal for payment processing. These website services are separate from the encrypted vault inside the desktop app.
5. Responsibility for backups and devices
You remain solely responsible for:
- maintaining secure backups of your vault
- protecting your device from loss, theft or malware
- choosing a strong master password and keeping it safe
If your device is lost or your vault becomes corrupted, the developer cannot assist in recovery.
6. Licensing and activation
Licenses or activation files may be tied to a hardware profile. This information is used solely to verify the legitimacy of the installation and generate a device-bound license.
During purchase, OneCritto may process your HWID and the payer email returned by PayPal in order to deliver the purchased license file. This does not include your master password or vault data.
7. Summary of what is and is not processed
| Data | Where it is processed | Purpose | Shared with |
|---|---|---|---|
| Master password | Only on your device | Unlock and encrypt your vault | No one |
| Vault contents, files and notes | Only on your device | Use of the Software | No one |
| HWID | Licensing server | Generate and validate a device-bound license | Not sold or disclosed to unrelated third parties |
| Payer email returned by PayPal | Licensing server | Deliver the purchased license | PayPal during payment flow |
| reCAPTCHA token | Website / Google reCAPTCHA | Prevent automated abuse | Google reCAPTCHA |
8. Data sharing
No information stored in your encrypted vault is shared with third parties. Website and payment-related data may be processed only by the service providers needed to operate the site, prevent abuse, and complete payments. OneCritto does not sell, rent or trade personal data.
9. Changes to this policy
This Privacy Policy may be updated to reflect improvements in the Software or changes in applicable laws. The latest version will always be published on the official website.
10. Contact
For any questions regarding this Privacy Policy, please contact: [email protected]
Your vault remains under your control on your device. The website and licensing flow process only the limited data necessary for downloads, anti-abuse protections, payments and license delivery.