Privacy Policy

Last Updated: July 21, 2025

At PasswordOcean, your privacy is our utmost priority. We are committed to transparency and ensuring you understand exactly how your data is handled (or, more accurately, how it is not handled) when you use our service.

---

1. What Information We DO NOT Collect or Store

• Your Master Passphrase: Your master passphrase is never transmitted to our servers, never stored in any database, and never leaves your browser. It is processed locally on your device to generate your unique passwords.
• Your Service Names: Similar to your master passphrase, the service names you enter are never transmitted to our servers or stored. They are used solely within your browser as a 'salt' for the deterministic password generation.
• Your Generated Passwords: The passwords generated by PasswordOcean are created entirely on your device and are never sent to our servers or stored by us. They exist only in your browser's memory for the duration of your session and vanish when you close the tab.
• Personal Identifiable Information (PII): We do not collect any personal identifiable information such as your name, email address, IP address, or any other data that could directly identify you.

2. What Information We DO Collect (Anonymous Usage Data)

To understand general usage patterns and ensure the service is functioning, we collect minimal, anonymized, and non-identifiable usage data:

• Click Events: When you successfully generate a password, an anonymous 'click event' is sent to our serverless analytics infrastructure. This event simply records that a password generation occurred.
• Non-Identifiable Metadata: This event may include non-identifiable technical metadata such as:
  • Timestamp of the event
  • A generalized geographic location (e.g., country or region, derived from IP but not stored as a specific IP)
  • Browser type and version
  • Operating system

  This data is used in aggregate to monitor service health, detect potential abuse (like bot activity), and understand overall adoption. It is never linked to any personal information, as we collect none.

3. How We Use the Collected Information

The anonymous usage data we collect is used exclusively for:

• Monitoring the health and performance of the PasswordOcean service.
• Detecting and mitigating bot or spam activity.
• Understanding general trends in service usage (e.g., number of generations per day).
• Improving the reliability and accessibility of the service.

4. Data Security

Given that we do not collect or store any sensitive personal data, the risk of a data breach involving your passwords or passphrases from our side is eliminated by design. The anonymous usage data is stored securely within AWS (Amazon Web Services), our cloud provider of choice, adhering to AWS's robust security standards.

5. Third-Party Services

PasswordOcean uses AWS for its serverless analytics backend. We ensure that any data processed by these services adheres to our strict privacy principles and is limited to non-identifiable usage statistics.

6. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us at: passocean.generator@gmail.com