To use these add-ons, you'll need to download Firefox.

Log in
Add-on icon

Privacy policy for Defendia Extension

Defendia Extension by Defendia

0 Stars out of 5
5
0
4
0
3
0
2
0
1
0
Privacy policy for Defendia Extension

Last Revised: August 13, 2025

Your privacy is our priority. This Privacy Policy explains how Defendia collects, protects, and uses your information while ensuring your data remains secure under our strict zero-knowledge policy. Please review it to understand your privacy rights and our data handling practices.

  1. Introduction
    Defendia AB (“Defendia”, “we”, “us”, “our”), registered at Ramskogsvägen 229, 13668 Stockholm, Sweden, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use Defendia’s password management service, related applications, browser extensions, and websites (collectively, the “Services”). Defendia operates under a zero-knowledge policy. This means that we cannot access or view your master password, stored passwords, or any other data stored in your encrypted vault. This Privacy Policy is drafted in compliance with the General Data Protection Regulation (GDPR) and applicable Swedish data protection laws.
  2. Data We Collect
    We only collect the minimum personal data necessary to provide our Services:

2.1 Information You Provide
• Account information – email address, name (optional), and password (not the master password for your vault).
• Billing and payment details – only when you subscribe to a paid plan.
• Support communications – messages, emails, or recorded calls when you contact us.

2.2 Information We Automatically Collect
• Device and app data – operating system, app version, and device identifiers for troubleshooting.
• Service usage data – login timestamps, subscription activity, and error logs (excluding vault content).
• Website analytics – non-identifiable information like page views and referral sources, collected via privacy-friendly analytics tools.

2.3 Information We Never Collect
Your stored passwords, vault content, or master password – all vault data is encrypted on your device before being sent to our servers.
  1. How We Use Your Data
    We process your personal data for:

• Providing and maintaining the Services.
• Processing payments and subscriptions.
• Detecting, preventing, and resolving technical issues.
• Communicating important updates or support information.
• Meeting legal and regulatory obligations.
• We will never sell your personal data to third parties.
  1. Legal Basis for Processing
    Under GDPR, we process your personal data based on:

• Contract performance – to provide the Services you requested.
• Legal obligations – to comply with Swedish and EU laws.
• Legitimate interests – for fraud prevention, service improvement, and account security.
• Consent – for optional activities like marketing communications.
  1. Zero-Knowledge Encryption
    Defendia encrypts all vault data locally on your device using AES-256 encryption with Argon2id key derivation before transmission. We cannot decrypt your vault or recover your master password. If you lose your master password and have no recovery method, your vault data will be permanently inaccessible.
  2. Data Retention and Deletion
    We keep your personal data only as long as necessary to provide our services or comply with the law. Once there are no legitimate grounds for holding this information, we securely delete it.

• Billing and payment records – retained for 10 years in accordance with Swedish accounting laws.
• Marketing communications – we may use your email for marketing purposes for 1 year after your subscription ends, or until you opt out.
• Support call recordings – retained for up to 2 years, unless needed for legal compliance.
• Vault data – deleted immediately upon account deletion or termination.
• All other personal data – securely erased when no longer necessary.

We securely destroy data in accordance with Swedish law, ensuring it cannot be recovered.
  1. Sharing of Data
    We share your personal data only with:

• Payment processors – to handle subscription payments.
• Cloud hosting providers – to store encrypted vault data.
• Customer support platforms – for handling support requests.

All third-party providers are GDPR-compliant and process your data solely under our instructions.
  1. International Data Transfers
    If your data is transferred outside the European Economic Area (EEA), we ensure adequate protection via EU Standard Contractual Clauses or equivalent safeguards.
  2. Your Rights Under GDPR
    You have the right to:

• Access your personal data.
• Request correction of inaccurate data.
• Request deletion of your data (“right to be forgotten”).
• Restrict or object to processing.
• Request a copy of your data in a portable format.
• Withdraw consent for optional processing (e.g., marketing).

Requests can be made to [email protected].
  1. Security Measures
    We apply technical and organizational measures to protect your data, including:

• End-to-end encryption of vault data.
• Secure HTTPS connections.
• Multi-factor authentication for accounts.
• Regular security audits and penetration testing.
  1. Changes to This Policy
    We may update this Privacy Policy periodically. Material changes will be communicated to you via email or in-app notifications before taking effect.
  2. Contact Us
    If you have questions about this Privacy Policy or wish to exercise your rights, contact:

Defendia AB
Ramskogsvägen 229, 13668 Stockholm, Sweden
Email: [email protected]