If you choose to contact us using the Passify or web site contact page, any information you provide will be used to facilitate communication with you regarding your request and will not be used outside our organization. In the case of bug reports or crashes, Passify may optionally allow you to chose whether or not to include debugging data, which you can review before sending.
Passify optionally offers the ability to automatically download icons for the Password Generators that you create. When you enable this feature, Passify attempts to download and cache the publicly available "favicon" directly from the domain that you provide in the Password Generator's name.
These requests may generate data on the 3rd-party website. See that party's Privacy Policy for more information.
For convenience, Passify can automatically provide a button to navigate quickly to the password change page of a web site if the domain name (e.g. example.com) is included in the Password Generator's name. The use of this functionality is optional. When this button is tapped, Passify will first confirm before attempting to visit the page.
If confirmed by you, Passify first performs a web request to determine if a "well-known password change URL" exists for the domain. If this succeeds, it will open that page in the user's preferred web browser.
If the "well-known password change URL" test fails, Passify will then attempt to find the password change URL in it's own internal database.
If both tests fail, Passify will instead open the main domain in the user's preferred web browser.
These requests may generate data on the 3rd-party website. See that party's Privacy Policy for more information.
If you enable the HaveIBeenPwned Password Checking feature, Passify will anonymously and securely send a request to HaveIBeenPwned.com when a password is generated. These requests are made securely and anonymously and your password is NOT transmitted or revealed in any way.
The response to this request will help Passify to determine whether the generated password has been compromised as the result of a data breach unrelated to Passify, and allow the application to alert you.
Functionality to support synchronization with Dropbox, Google Drive, or Microsoft OneDrive requires Passify to securely store special keys that were assigned by those 3rd parties to Passify. Without these keys, Passify would be unable to use these 3rd party services for sync functionality.
As placing those keys directly into Passify would be a security risk, Passify uses Amazon Web Services to manage these keys. If you choose to use a 3rd party sync provider that requires an assigned key, Passify will first periodically contact Amazon's Secret Manager to retrieve/refresh our key in order to connect to the 3rd party. These requests are anonymous.
We do not log, track or store any information related to these requests. Please refer to the Privacy Policies of Amazon Web Services and any 3rd party providers you use for more information.
Use of Dropbox, Google Drive, or Microsoft OneDrive with Passify involves visiting our authentication server as part of the authentication (OAuth) flow provided by these services. These 3rd-party services provide us with our own API key to use their services and this communication with our authentication server is necessary in order to provide that key and initiate the OAuth flow. The authentication process is only performed when the sync provider is initially configured or changed. No data from your app is transmitted to our servers.
When the authentication procedure is initiated by you:
No other data is sent or implicitly gathered by any of our servers in the process of using Dropbox, Google Drive, or Microsoft OneDrive and Passify never has the ability to know your credentials for these services. Additionally, Passify only has access to its own folder on the service and cannot access any of your other files outside that folder. Please refer to the 3rd-party's privacy policy for additional information as the use of these services may have other privacy implications.
With AmazonS3, FTPS, iCloud, Mega, or SSH, Passify communicates directly to the provider. No data is sent or implicitly gathered by any of our servers in the process. Please refer to the 3rd-party's privacy policy for additional information as the use of these services may have other privacy implications.
Any changes to this privacy policy in future will be notified of on this page. Last change: January 1, 2023.