Updated: 7 May 2026 · Controller: Kokal Operations Ltd, UK · ICO registered
Summary: No passwords are collected. All generation is client-side using
crypto.getRandomValues(). Personal data is only collected if you contact us.1. Data Controller
Iron Vault Keys is operated by Kokal Operations Ltd, registered in England and Wales. Privacy enquiries: [email protected]
2. What We Collect
What we do NOT collect
- Generated passwords โ all generation uses
crypto.getRandomValues()client-side. No password is sent to any server. - Keystroke data, clipboard contents, or typed input of any kind.
Collected automatically
GitHub Pages logs standard HTTP data: IP address, browser type, pages visited, timestamps. Not used to identify individuals. Retained 30 days.
Voluntarily provided
- Contact form: name, email, message
- Cookie preference stored as
ivk-ckin browser localStorage โ never transmitted to any server
3. Lawful Basis (UK GDPR)
| Purpose | Data | Basis | Retention |
|---|---|---|---|
| Responding to enquiries | Name, email, message | Legitimate interests | 12 months |
| Site security | IP, server logs | Legitimate interests | 30 days |
| Analytics | Anonymised usage | Consent | 26 months |
4. Cookies
Consent preference stored as ivk-ck in localStorage only โ never transmitted. See Cookie Policy.
5. Third Parties
- Google Fonts โ fonts loaded from Google CDN. Google may log font requests.
- GitHub Pages โ hosting provider. Processes connection metadata.
- Affiliate partners โ clicking affiliate links may trigger partner tracking. See Affiliate Disclosure.
6. Your Rights (UK GDPR)
Access, rectify, erase, restrict, object, or port your data. Submit to [email protected]. We respond within 30 days.
7. Complaints
UK Information Commissioner's Office: ico.org.uk ยท 0303 123 1113