Privacy Policy for DragPass

Last Updated: [Date, e.g., November 29, 2025]

PersonalConnect ("we," "our," or "us") operates the DragPass application and related services. We are committed to protecting your privacy and security.

Our philosophy is simple: You cannot lose what you do not have. We have designed DragPass using a Zero-Knowledge Architecture, meaning we do not—and technically cannot—access your passwords, private keys, or decrypted data.

This Privacy Policy explains how we handle your information.

1. Zero-Knowledge & No-Logs Policy

We operate under a strict No-Knowledge principle.

No Private Keys on Server: Your Private Keys are generated and stored exclusively within your device's secure environment (OS Native Helper). They never leave your device and are never transmitted to our servers.
No Decryption Capability: We do not have the technical ability to decrypt any data you store or process using DragPass.
Memory Protection: We utilize secure memory handling techniques (such as zeroize) to ensure that sensitive data is wiped from your device's memory immediately after use, preventing leaks even on the client side.

2. Information We Do Not Collect

To be clear, we DO NOT collect, store, or transmit the following information:

Your real name, address, or phone number.
Your email address (unless you voluntarily contact support).
Your Master Passwords or Data Encryption Keys (DEK).
The raw content of your saved passwords or secrets.

3. Technical Data We Process (Protocol Data)

To facilitate the secure synchronization and authentication protocol (as described in our architecture), our servers process minimal technical data. This data cannot be used to access your secrets.

Public Alias: An arbitrary identifier you create to register your device. This is not linked to your real identity.
Public Keys: We store the Public Key of your Helper application to perform cryptographic handshakes. The corresponding Private Key remains strictly on your device.
Encrypted Session Codes: Our server generates authentication session codes, but they are immediately encrypted using your Helper's Public Key. We store only the encrypted blob; we cannot read the session code itself after generation.