Privacy Policy

This Privacy Policy describes how Locke Identity Networks Inc. ("Locke," "we," "us," or "our") collects, uses, and shares your personal information when you visit or use https://lockeidentity.com, our mobile applications, browser extensions, and related services (collectively, the "Services").

Personal Information We Collect

Device Information

When you visit our Services, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies installed on your device. We refer to this automatically-collected information as "Device Information."

We collect Device Information using the following technologies:

• Cookies are data files placed on your device. We use cookies only to keep you logged in for a period of time after you close our Services. We do not track cookies from other sites or use cookies to serve advertisements.
• Log files track actions occurring on the Services, collecting data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
• Analytics tools such as Mixpanel and Google Analytics help us understand how you use the Services so we can improve them.

Usage Information

As you browse the Services, we collect anonymous information about how you use our service so we can improve it. This includes pages visited, features used, and general interaction patterns. We refer to this as "Usage Information."

Secured Information

When you register and use a Locke account, you provide us with sensitive information such as passwords, emails, and other credentials you choose to store. We refer to this as "Secured Information."

Important: All Secured Information is encrypted client-side before it ever reaches our servers. Your passwords and stored data are encrypted using your master password or Fuzzypass, which we never see or store. This is called "zero-knowledge" architecture—we cannot access your encrypted data even if we wanted to.

Payment Information

When you make a purchase through the Services, we collect your name, billing address, payment information, email address, and phone number ("Payment Information"). We use Stripe to process payments, and your payment details are handled directly by Stripe in accordance with their privacy policy.

When we talk about "Personal Information" in this Privacy Policy, we are referring to Device Information, Usage Information, Secured Information, and Payment Information.

How We Use Your Personal Information

• Device Information: We use this to screen for potential risk and fraud (particularly your IP address) and to improve our Services.
• Usage Information: We use this to improve and optimize our Services by understanding how users browse and interact with them.
• Secured Information: This is used solely to operate our password management service. Because this data is encrypted client-side, we cannot read it.
• Payment Information: We use this to fulfill orders, process payments, provide invoices, communicate with you about your account, and screen for potential fraud.

We also use IP2Location LITE database for IP geolocation.

Sharing Your Personal Information

We do not sell your Personal Information. We share your Personal Information only in the following circumstances:

• With service providers who help us operate our Services (such as Stripe for payments, and analytics providers)
• To comply with applicable laws and regulations
• To respond to a subpoena, search warrant, or other lawful request for information we receive
• To protect our rights, privacy, safety, or property

Data Retention

We retain your Personal Information for as long as your account is active or as needed to provide you Services. When you delete your account, we will delete or anonymize your Personal Information within 30 days, except where we are required to retain it for legal, regulatory, or security purposes.

Your encrypted Secured Information is deleted when you delete your account. Because we cannot decrypt this data, deletion is permanent and irreversible.

Data Security

We implement industry-standard security measures to protect your Personal Information, including:

• End-to-end encryption using post-quantum cryptographic algorithms (X25519Kyber768)
• Zero-knowledge architecture—we never see your unencrypted passwords
• Secure data transmission over HTTPS
• Regular security audits and monitoring

Your Rights

For All Users

You have the right to:

• Access the Personal Information we hold about you
• Correct inaccurate Personal Information
• Request deletion of your Personal Information
• Export your data in a portable format

For European Users (GDPR)

If you are a resident of the European Economic Area, you have additional rights under the General Data Protection Regulation, including the right to data portability, the right to restrict processing, and the right to object to processing. To exercise these rights, please contact us.

For California Residents (CCPA)

If you are a California resident, you have the right to know what Personal Information we collect, the right to request deletion, and the right to opt-out of the sale of your Personal Information. We do not sell your Personal Information.

Do Not Track

Due to our already stringent data storage and sharing policies, we do not alter our Services' data collection practices when we see a Do Not Track signal from your browser.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your Personal Information in accordance with this Privacy Policy.

Minors

Those under the age of 13 may not use the Services without the consent or authorization of their parent, guardian, or legal custodian.

Data Breach Notification

In the event of a data breach that affects your Personal Information, we will notify you and any applicable regulatory bodies as required by law, typically within 72 hours of becoming aware of the breach.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

For questions about this Privacy Policy, to exercise your rights, or to make a complaint, please contact us:

• Email: connor@lockeidentity.com
• Mail: Locke Identity Networks Inc., 260 E Main St Suite 6894, Rochester, NY 14604