Last updated: March 11, 2026
SUMA Shield is built on a zero-knowledge architecture. We cannot see, access, or read your stored credentials. Ever.
SUMA Shield does not store your passwords, credentials, or sensitive data on our servers. All credential data is encrypted on your device before any synchronization occurs. Our servers only handle encrypted blobs that are meaningless without your personal encryption key.
Your data belongs to you. You can export, delete, or transfer your encrypted vault at any time. When you delete your account, all associated encrypted data is permanently removed from our systems within 30 days.
All credential data is encrypted using AES-256, the same encryption standard used by governments and financial institutions worldwide. Encryption and decryption happen exclusively on your device.
You control your encryption key. SUMA Shield uses a BYOK model where your master key is derived on-device and never transmitted to our servers. This means:
We collect minimal data necessary to operate the service:
We do not sell, trade, or share your personal information with third parties. We do not serve advertisements. We do not use your data for profiling.
During the beta testing period, additional diagnostic data may be collected to improve the app. This data is anonymized and does not include any credential information. Beta testers may opt out of diagnostic data collection in the app settings.
For questions about this privacy policy or your data: