Last updated: 4 June 2026
VPass is a personal credential and authenticator (TOTP) manager for Mac and iPhone. Your privacy is the whole point of the app, so the policy is short.
Nothing. VPass has no servers, no analytics, no tracking, no advertising, and no third-party SDKs. We never see your data.
The credentials, passwords, notes, and authenticator (TOTP) secrets you create are stored on your device in the Apple Keychain. If you enable iCloud Keychain, Apple syncs that data between your own Apple devices under your own Apple ID, end-to-end encrypted by Apple. This sync is between you and Apple’s iCloud Keychain service — it never passes through VPass or any server we control.
VPass uses the camera only to scan authenticator QR codes that you choose to add. Images are processed on-device and are never stored or transmitted.
Biometrics are used solely to unlock the app locally, via Apple’s LocalAuthentication framework. VPass never receives your biometric data.
We do not share, sell, or transmit your data to anyone. There is nothing to share — it stays on your devices and in your iCloud Keychain.
Deleting a credential in VPass removes it from your Keychain (and from iCloud Keychain on sync). Deleting the app and signing out of iCloud removes its data from your devices.
VPass is not directed at children and collects no personal information from anyone.
Questions about this policy: vsuryawanshi5@gmail.com.