Fadelock — Password Generator & Vault
Effective Date: April 25, 2026 · Last Updated: April 25, 2026
By downloading, installing, or using the Fadelock application (the "App"), you agree to be bound by these Terms of Service (the "Terms"). If you do not agree, you must not use the App. We reserve the right to modify these Terms at any time. Material changes will be communicated through an in-app notification, and your continued use constitutes acceptance.
Fadelock is a zero-knowledge, local-first password generator and encrypted vault. The App provides password generation, AES-256-CBC encrypted credential storage, breach monitoring, family sharing, and security tools. All data is encrypted on your device with a key that only you possess. We have no ability to access, read, or recover your data.
| Feature | Availability |
|---|---|
| Password generation | All users (limits vary by tier) |
| Encrypted vault | Paid subscribers |
| Breach monitoring (HIBP k-anonymity) | All users |
| Cloud sync (encrypted ciphertext only) | Pro and Family subscribers |
| Family sharing (up to 5 members) | Family subscribers |
| Credential sharing (encrypted, 24-hour expiry) | Family subscribers |
| Password expiry reminders | All users |
| Dark web monitoring | All users |
| Security dashboard | All users |
| Encrypted audit log | All users |
Fadelock is a security tool. You are solely and entirely responsible for the security of your own data. We provide industry-standard encryption and security features, but we do not store, manage, or have access to your information.
Your encryption key is generated locally on your device and stored in the device's hardware-backed secure enclave (iOS Keychain or Android Keystore). We do not store, transmit, or possess any copy of your encryption key. If you lose access to your encryption key for any reason — including device reset, device loss, uninstalling the App, or hardware failure — your encrypted data is permanently and irreversibly unrecoverable. We cannot help you recover it. You are strongly advised to use the key backup feature in Settings to record your encryption key in a secure location outside the App.
The security of your vault is only as strong as the security of your device. You are responsible for keeping your device secure, including using a strong device passcode, keeping your operating system updated, and not jailbreaking or rooting your device. If your device is compromised, your data may be at risk regardless of the App's encryption.
The App uses biometric authentication (Face ID, Touch ID, or fingerprint) to protect access to the vault and sensitive operations. Biometric data is processed entirely by your device's operating system and never touches Fadelock. You are responsible for ensuring that only authorized biometric profiles are enrolled on your device.
If you export a vault backup, that file is your responsibility. Backup files are encrypted and integrity-verified with HMAC-SHA256, but if you store them in an insecure location, they may be at risk.
If you share credentials with family members, you do so at your own discretion and risk. Once a recipient saves a shared credential, it is under their control. We are not responsible for how shared credentials are subsequently handled.
Promotional codes are for personal use only, may be redeemed once, and cannot be exchanged for cash. Biometric authentication is required before redemption. We reserve the right to revoke codes obtained fraudulently.
| Plan | Monthly | Yearly | Key Limits |
|---|---|---|---|
| Free | $0 | $0 | 1 generation per 12 hours, max 10 chars, ads displayed |
| Pro | $0.99 | $9.99 | Unlimited generation, 15-char max, 20 vault credentials, cloud sync, no ads |
| Family | $1.49 | $14.99 | All Pro features + up to 5 members, 30 credentials per member, credential sharing |
| Remove Ads | $3.99 (one-time) | — | Permanently removes ads for free-tier users |
Subscriptions are billed through the Apple App Store or Google Play Store. By subscribing, you authorize recurring charges. Subscriptions renew automatically unless cancelled at least 24 hours before the renewal date.
You may cancel at any time through your device's store settings. You retain access to paid features until the end of the current billing period. Refunds are handled by Apple or Google per their respective policies. We do not process refunds directly.
We may change pricing with advance notice. Changes take effect at the start of the next billing period. You may cancel before the new price applies.
The Family plan holder manages the family group and is the billing account holder. Up to 5 members (including the holder) may join. Members are invited via encrypted deep links. The plan holder may remove members at any time; removed members lose paid features immediately.
Each family member maintains their own independent vault with their own encryption key. The plan holder cannot access, view, or manage other members' credentials. Each member is subject to the per-member storage limit (30 credentials).
You agree to use the App only for lawful purposes. You shall not: attempt to reverse-engineer, decompile, or derive the source code of the App (except as permitted by law); attempt to bypass or circumvent any security features or encryption; use automated tools to overload or disrupt the service; create multiple accounts to exploit free-tier limits or promotional codes; or distribute or sell promotional codes without authorization.
The App, including its design, code, and trademarks, is owned by Fadelock and protected by applicable intellectual property laws. Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, revocable license to use the App on your personal device for personal, non-commercial use. You retain ownership of all credential data you store in the App.
THE APP IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
We employ industry-standard encryption (AES-256-CBC), hardware-backed key storage, certificate pinning, and biometric authentication. However, no system is entirely immune to all threats. You use the App at your own risk and acknowledge that the security of your data ultimately depends on your own actions (see Section 3).
We do not guarantee the accuracy or completeness of breach monitoring data from third-party services. The absence of a breach alert does not guarantee your credentials have not been compromised.
TO THE MAXIMUM EXTENT PERMITTED BY LAW, FADELOCK SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING FROM YOUR USE OF THE APP.
| Scenario | Why We Are Not Liable |
|---|---|
| Lost encryption key | We never possess your key and cannot recover it |
| Data loss from device reset or uninstall | Data is stored locally; device management is your responsibility |
| Third-party data breaches | We do not control third-party services where you use stored passwords |
| Device compromise (jailbreak, malware) | Device security is your responsibility |
| Cloud sync interruptions | Network and server availability may vary |
| Shared credential misuse | You choose what to share and with whom |
Our total aggregate liability for all claims shall not exceed the amount you paid in subscription fees during the 12 months preceding the claim, or fifty dollars ($50), whichever is greater.
You agree to indemnify and hold harmless Fadelock and its officers, directors, employees, and agents from any claims, liabilities, damages, and expenses arising from: your use of the App, your violation of these Terms, your violation of any third-party rights, or your sharing of credentials with others.
You may stop using the App at any time. Uninstalling removes all local data. To request deletion of cloud-synced ciphertext, contact us at the address below.
We may suspend or terminate your access for violation of these Terms, fraudulent activity, or conduct harmful to other users. Upon termination, your license is immediately revoked. Sections 3, 8, 9, 10, and 12 survive termination.
These Terms are governed by the laws of the United States Virgin Islands. Before formal proceedings, you agree to attempt informal resolution for at least 30 days. Unresolved disputes shall be settled by binding arbitration under the American Arbitration Association rules, conducted in the U.S. Virgin Islands. You waive any right to participate in class action lawsuits or class-wide arbitration.
The App integrates third-party services subject to their own terms. We are not responsible for their practices.
| Service | Terms |
|---|---|
| Apple App Store | Apple Media Services Terms |
| Google Play Store | Google Play Terms |
| Twilio | Twilio Terms |
| Google AdMob | Google Ads Terms |
| Have I Been Pwned | HIBP API |
Entire Agreement. These Terms and our Privacy Policy constitute the entire agreement between you and Fadelock.
Severability. If any provision is found unenforceable, it shall be limited to the minimum extent necessary; remaining provisions remain in effect.
Waiver. Failure to enforce any provision does not constitute a waiver.
Assignment. You may not assign these Terms without our consent. We may assign without restriction.
Force Majeure. We are not liable for failures caused by circumstances beyond our reasonable control.
If you have questions about these Terms, please contact us at:
Email: fadelockapp@gmail.com
Website: fadelockapp.github.io/fadelock-legal