Privacy Policy for TotLaUnLoc

At TotLaUnLoc, your privacy is our utmost priority. This Privacy Policy outlines how we handle your information when you use our desktop application.

1. Data Collection and Storage

TotLaUnLoc operates on a "local-first" principle. This means that all your sensitive data, including Time-based One-Time Passwords (TOTP) and credential metadata, is stored and encrypted exclusively on your local device. We do not collect, store, or transmit any of your personal data, passwords, or account information to our servers or any third-party services.

2. Browser Password Access

It is crucial to understand that TotLaUnLoc does not access, decrypt, or extract passwords stored by your web browsers. Our application interacts with browser profiles to manage saved accounts (e.g., for deletion purposes) but never accesses the actual password data.

3. Data Breach Verification

Our data breach verification feature is designed with your privacy in mind. This functionality is performed entirely locally on your device. We compare the website name and account/username (email) from your saved accounts against a local database of known data breaches. No passwords or sensitive account details are ever sent to external servers during this process, ensuring the confidentiality of your information.

4. Data Minimization and Security

TotLaUnLoc adheres strictly to the principle of data minimization. We only process the information necessary to provide our services, and all sensitive data is encrypted locally on your device. Our application is built with robust security measures, including input validation, data sanitization, and isolation through the Tauri framework, to limit the attack surface and centralize privileged calls in the backend.

5. Logging

Errors are captured and presented to the user without disclosing sensitive information. Logs, with configurable levels, are generated locally on your device for debugging and performance monitoring. These logs do not contain personal or sensitive account information.

6. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us through the support channels provided within the application or on our official website.