Get in touch with the Bruiser CyberSec team. Responses typically within 48 hours.
Welcome! Here's how to get started with SPCTR:
1. Add Your First Password (30 seconds)
- Click Passwords in the left sidebar
- Click + Add Entry
- Fill in: Site (e.g., "GitHub"), Username, Password
- Click Gen next to password to auto-generate a strong one
- Click Save — your password is now encrypted with AES-256-GCM
2. Add Your First 2FA Code (1 minute)
- Click 2FA in the left sidebar
- Click + Add Account
- Option A: Click Scan QR and point camera at the QR code
- Option B: Paste the secret key shown by the website
- Click Save — you'll see a 6-digit code that refreshes every 30 seconds
3. Link 2FA to Your Password (15 seconds)
- Go back to Passwords
- Click Edit on your GitHub entry
- In the 2FA dropdown, select your GitHub 2FA code
- Click Save — now your password entry shows the live 2FA code inline
4. Create an Email Mask (30 seconds)
- Click Email Masks in the left sidebar
- Click + Create Mask
- Choose a prefix (e.g., "github-signup")
- Click Create — you get
[email protected] - Use this instead of your real email when signing up for services
5. Import Your Existing Passwords (2 minutes)
- Export from your current password manager (Chrome, 1Password, Bitwarden, etc.)
- In SPCTR Passwords, click Import
- Select your file — SPCTR auto-detects the format
- Click Import — all entries are imported and encrypted
- If you also import 2FA codes, SPCTR automatically links them to matching passwords
SPCTR is a privacy-first cybersecurity suite by Bruiser CyberSec. It combines five tools — all sharing one core principle: your data never leaves your device without your explicit action.
- Password Generator — CSPRNG-powered with entropy scoring
- TOTP Authenticator — RFC 6238 two-factor authentication with QR scanning
- Email Masks — Alias forwarding at @spctr.pm to protect your real email
- Passwords — AES-256-GCM encrypted credential storage, zero-knowledge
- Breach Check — k-anonymity password checks and HIBP email lookups
A free account is required to use SPCTR. Sign up takes under 30 seconds with just your email — no password needed, magic link only. Once signed in, your data is encrypted and tied to your account.
Available tiers:
- Free account — Create an account with email and password, or use a Magic Link. Enables encrypted server-side backup of your vault (we store only the AES-256-GCM ciphertext — never plaintext). Includes: 10 vault entries, 5 TOTP accounts, 1 email mask, unlimited breach checks.
- Plus ($3.99/mo) — Unlimited vault entries, unlimited TOTP, 25 email masks, App Lock, cross-device sync.
- Pro ($8.99/mo) — Everything in Plus, unlimited email masks, custom mask domain.
The login screen appears when entering the tool suite. The index page and all marketing pages are always accessible without any account.
SPCTR works on any modern browser supporting the Web Crypto API: Chrome 90+, Edge 90+, Brave, Firefox 90+, Safari 15+ (iOS and macOS), Samsung Internet 14+.
No — in a normal browser session. SPCTR stores your vault as an AES-256-GCM encrypted blob in IndexedDB, which persists across tab closes and browser restarts. There are two cases where data does not persist:
- Private / Incognito mode — all browsers wipe IndexedDB, localStorage, and the service worker cache when the private session ends. This is by browser design and cannot be worked around in code. If you use SPCTR in private mode, unlock your vault and tap Sync from Cloud (Plus/Pro) to pull your entries each session. Free accounts should export their vault regularly and import when needed.
- Clear All Site Data — if you manually clear all site data for spctr.bruisercybersec.com in browser settings, the local IndexedDB is wiped. Your encrypted entries in the cloud (Plus/Pro) are unaffected and will re-populate on next unlock.
Clearing browser cache or cookies alone does not affect your vault — IndexedDB is separate from the cache and is not touched by cache-clearing operations.
Yes. SPCTR is designed for anyone. No data is collected about how you use it.
SPCTR is currently English-only. Multi-language support is planned for a future release.
Yes. SPCTR uses crypto.getRandomValues() — a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG). Every character is selected with no bias. No password is ever sent to a server; generation is 100% local.
Entropy (in bits) measures how many possible passwords your settings could produce. Each extra bit doubles the search space.
- Under 40 bits: Weak
- 40–60: Fair
- 60–80: Good
- 80–100: Strong
- 100+: Extreme
- Length: 8–64 characters
- Uppercase, lowercase, digits, symbols
- No ambiguous characters (I, l, 1, O, 0)
- No repeating characters
The last 7 generated passwords are kept in session memory only — never written to disk, never transmitted, cleared on tab close.
Yes. The Industry Passphrase Generator creates word-based passphrases using curated word banks for specific industries. Typically 60–80 bits of entropy with 4+ words.
- Configure options and click Generate
- Review entropy score — aim for Strong or Extreme
- Click Copy
- Paste where needed
- Save in the Vault
TOTP generates a 6-digit code that changes every 30 seconds. Even if someone steals your password, they cannot log in without the current TOTP code. SPCTR's implementation is fully RFC 6238 compliant and works with GitHub, Google, AWS, Stripe, Cloudflare, and thousands more.
Scan QR Code: Tap Scan QR Code → allow camera → point at QR. Camera turns off immediately after detection.
Enter Manually: Get the Base32 secret from the service (looks like JBSWY3DPEHPK3PXP) → tap Enter Manually → fill in name and secret → Add.
Intentional privacy feature. SPCTR never caches camera permission — you approve it per scan. The camera releases immediately after a QR code is detected, with no background access.
- Clock drift: Enable automatic time sync on your device
- Expired code: Wait for the countdown to reset, then use the fresh code
- Wrong account: Verify you're copying the right service's code
- Wrong secret: One wrong character in a manual entry produces invalid codes
Yes! SPCTR supports all major authenticator exports.
Supported: Proton Authenticator, Google Authenticator, Aegis, 2FAS, Bitwarden, Raivo, 1Password, and any app that exports otpauth:// URIs or JSON.
Formats: JSON exports, otpauth:// URIs, QR codes, and plain TXT files — SPCTR auto-detects the format.
Auto-linking: After importing 2FA codes, SPCTR automatically links them to matching vault entries by site name and username.
TXT format: One secret per line, or: issuer|label|secret
Always save each service's backup codes when setting up 2FA. With a Plus/Pro plan, your encrypted vault syncs so you can restore on a new device.
RFC 6238 with HMAC-SHA1 — the same as Google Authenticator and the majority of services. Computed via crypto.subtle entirely in your browser.
A mask is a disposable alias that forwards to your real inbox. You give the alias to websites — they never learn your real address. Disable any mask the moment a company starts spamming you.
Click + New Mask. Three styles: Cryptographic (random hex, most private), Word pair (two random words, easy to remember), Custom prefix (Pro only: you choose). All at @spctrmail.com.
- Disable: Bounces mail back to sender, re-enable anytime
- Block: Silently drops mail — sender gets no bounce signal
- Delete: Permanent, cannot be undone
Two-way replies are on the Pro roadmap. Masks are currently receive-only — you get all emails forwarded to your real inbox, but outbound replies show your real address. Use your email client's alias/from feature if your provider supports it.
- Free: 1 email mask (random address only)
- Plus ($3.99/mo): 10 email masks (random address only)
- Pro ($8.99/mo): Unlimited masks with custom prefix
@spctrmail.com is SPCTR's masking domain. Pro users can connect a custom domain via MX record (coming soon). SPCTR does not store email content — we process in transit and do not retain copies.
No. Zero-knowledge architecture: your master password is run through PBKDF2 (310,000 iterations, SHA-256) on your device, producing a master key that wraps a separate Data Encryption Key (DEK). The DEK is what encrypts your vault with AES-256-GCM. Only encrypted blobs ever leave your device — neither the master key nor the DEK ever does.
The DEK rotates automatically on a randomised schedule unique to your account (14–45 days), immediately when a breach is detected during a password or email check, or on demand from Settings. On rotation, all vault data is re-encrypted with a fresh key — your master password stays the same.
Your vault is stored as an AES-256-GCM encrypted blob in IndexedDB — the browser's persistent offline database. This is more durable than localStorage and survives cache-clearing operations:
- Normal browsing — vault persists indefinitely across tab closes and browser restarts. Clearing browser cache or cookies does not affect it.
- Private / Incognito mode — IndexedDB is wiped when the private window closes. This is a hard browser restriction. Plus and Pro accounts can re-pull from cloud sync on next unlock.
- Clear All Site Data — wipes IndexedDB. Cloud sync restores entries on next unlock (Plus/Pro).
You can export your vault at any time using the Export button in the vault toolbar — this downloads your vault as an encrypted JSON file you can keep as a local backup.
Key rotation means periodically replacing the key that encrypts your vault data with a fresh one. SPCTR uses a two-layer encryption model:
- Master key — derived from your password via PBKDF2. Never changes unless you change your password.
- Data Encryption Key (DEK) — a random AES-256 key that actually encrypts your vault, 2FA codes, and email masks. This is what rotates.
The DEK is stored wrapped (encrypted) by your master key. On unlock, your master key unwraps the DEK, and the DEK decrypts your data. When the DEK rotates, all your data is re-encrypted with a new random key and the old key is discarded. Your master password stays the same.
When does rotation happen?
- Automatically — on a randomised schedule unique to your account (14–45 days), checked every time you unlock
- On breach detection — immediately if a password or email you check is found in a known breach
- On demand — from Settings → Encryption Key Rotation (limited to once every 7 days)
This protects against long-term ciphertext analysis — if someone gets a snapshot of your encrypted data at two different times, the ciphertext looks completely different even if your passwords haven't changed.
Yes — SPCTR works in private/incognito mode, but vault data does not persist when the private window closes. This is a hard browser restriction that applies to all websites, not just SPCTR. All local storage (IndexedDB, localStorage, service worker cache) is wiped when a private session ends.
What this means in practice:
- Plus / Pro accounts — unlock your vault, then tap Sync from Cloud in the vault toolbar. Your encrypted entries are pulled from Supabase automatically. They'll be gone again when you close the window — tap Sync again next time, or switch to a normal browser session.
- Free accounts — entries cannot be recovered automatically in private mode. Export your vault regularly (Vault → Export) and import it at the start of each private session, or use a normal browser window for full persistence.
Clearing browser cache or cookies in a normal (non-private) session does not affect your vault. Only “Clear All Site Data” for this page would wipe it — and cloud sync restores it on next unlock for Plus/Pro.
After you set your master password, SPCTR displays it on screen one time with a warning to write it down or copy it before continuing. This is intentional — your master password is zero-knowledge, meaning it never leaves your device and is never stored anywhere. If you forget it, there is no recovery process and your vault data cannot be decrypted.
The warning screen gives you two options: copy the password to your clipboard, or click "Go back" to return to the password field with it pre-filled so you can copy or write it down. Once you click "I've saved it — continue", the password is cleared from the screen.
Click the Export button in the vault toolbar. This downloads your vault as an encrypted JSON file. The file is safe to copy anywhere — it is AES-256-GCM encrypted and unreadable without your master password.
To move your vault to another device, use Settings → Data & Export → Export Vault to download your data, then re-import on the new device via Settings → Data & Export.
Because SPCTR is zero-knowledge, we cannot reset it. Write your master password on paper and store it securely. Consider using a memorable passphrase rather than a random string.
Yes! SPCTR auto-detects formats from all major password managers.
Supported: 1Password, LastPass, Bitwarden, Dashlane, Chrome, Safari, Firefox, KeePass, Samsung Pass, Proton Pass, Apple Keychain, and more.
Formats: JSON, CSV, TXT, XML, ZIP — SPCTR handles different field names automatically (e.g., "title" vs "name" vs "site").
Auto-linking: If you import vault entries and 2FA codes separately, SPCTR automatically links them by matching site names and usernames.
2FA import: Supports Proton Authenticator, Google Authenticator, Authy, Microsoft Authenticator exports (otpauth:// URIs and JSON formats).
Privacy: All parsing is local — no files are uploaded to servers.
Six categories: Dev, Personal, Finance, Social, Work, Other. Favorites () appear at the top of your list regardless of category.
Yes — click the Gen button next to the password field when adding or editing an entry. Generates a 20-character CSPRNG password automatically.
- Free: 10 entries
- Plus: Unlimited
- Pro: Unlimited
App Lock PIN is a Plus/Pro feature. Once enabled in Settings, your PIN is the final barrier between your data and anyone with physical access to your unlocked device. A weak PIN significantly reduces the protection App Lock provides.
Use the SPCTR Password Generator to create a strong, random passphrase. A 16–24 character random string with mixed characters is far harder to guess or brute-force than a memorable PIN. SPCTR's generator uses crypto.getRandomValues() — cryptographically secure randomness, never a predictable algorithm.
Avoid:
- Short numeric PINs (4–6 digits) — easily brute-forced if someone has extended access to your device
- Passwords you use elsewhere — if that service is breached, your SPCTR data is exposed too
- Personally identifiable strings — birthdays, names, addresses are the first things an attacker tries
Because SPCTR cannot recover a forgotten PIN, you need a reliable offline backup. The right storage method depends on your threat model, but the core principle is: keep the backup somewhere physically secure and digitally isolated.
Recommended approaches:
- Print it on paper — write or print the PIN and store it in a locked drawer, safe, or secure physical location. Paper can't be remotely accessed, scraped by malware, or synced to a cloud service without your knowledge.
- Export as a PDF or image — save it as a PDF or photograph it. A file stored on an encrypted USB drive or offline device can't be reached by a remote attacker. PDFs and images are not indexed by search engines and aren't parsed for credentials by most password-scraping tools the way plain text files are.
- Encrypted USB drive — store the PIN in an encrypted container on a USB drive kept physically separate from your device.
What to avoid:
- Another app on the same device — if that device is compromised, the attacker has both the lock and the key
- Cloud notes or email drafts — these are indexed, searchable, and accessible from anywhere if your cloud account is breached
- Unencrypted plain text files — text files are trivially scanned by malware and credential harvesters
- Screenshots synced to a cloud photo service — iCloud, Google Photos, OneDrive all sync automatically and may scan content for accessibility or search features
SPCTR cannot recover your App Lock PIN. This is by design — if SPCTR could reset your PIN on request, that same mechanism could be exploited by an attacker to bypass your lock.
If you forget your PIN, you have two options:
- Use your backup — if you stored your PIN in a secure offline location when you set it up, retrieve it from there.
- Disable App Lock from the lock screen — go to Settings → Security → App Lock → Disable App Lock. This removes the PIN and disables the lock. You can then set a new PIN in Settings.
If your vault data was encrypted and you can't unlock it, the data is inaccessible until you enter the correct PIN. This is the correct security behaviour — but it underscores why a secure, recoverable offline backup of your PIN matters.
SPCTR uses k-anonymity via the HaveIBeenPwned Pwned Passwords API. Here is the exact process:
- Your password is hashed with SHA-1 entirely on your device using the Web Crypto API
- Only the first 5 characters of that hash are sent to
api.pwnedpasswords.com - HIBP returns roughly 500 hash suffixes that share that prefix
- Your browser checks the list locally — the full hash and plaintext password never leave your device
This means HIBP cannot determine which specific password you are checking. It is a cryptographic privacy guarantee, not just a policy promise.
The HIBP email lookup API requires a paid API key. If SPCTR bundled that key into the app, anyone could extract it from the source code — a fundamental security anti-pattern.
Instead, clicking Check email on HIBP opens haveibeenpwned.com/account/{email} directly in your browser. This means:
- SPCTR never transmits your email address anywhere
- You get the full, authoritative breach report directly from HIBP
- No middleman ever handles your email address
The Pwned Passwords API requires a secure HTTPS connection. Browsers block outbound fetch requests to external APIs from two contexts:
- file:// protocol — opening the HTML file directly from your filesystem
- Sandboxed iframes — some preview environments (like in-app browsers) restrict outbound requests
To use breach checking during local development, serve the files over a local server:
npx serve .
Once deployed to Netlify, Vercel, or any HTTPS host, breach checking works automatically with no configuration needed.
Password check: HIBP receives only a 5-character hex prefix of a SHA-1 hash. It cannot reverse this to discover your password. No other data is sent — no IP attribution, no account link, no timestamp stored by SPCTR.
Email check: HIBP receives nothing from SPCTR. You are redirected directly to their website in your own browser — SPCTR is entirely uninvolved in that request.
Your file is never uploaded. SPCTR uses the browser's FileReader API — all parsing happens in your browser's memory. Zero network traffic is generated. After importing, securely delete the export file from your downloads.
Chrome/Edge/Brave: Settings → Autofill → Password Manager → ⋮ → Export passwords
Safari macOS: File → Export → Passwords → Authenticate → Save CSV
Safari iOS: Settings → Passwords → ⋮ → Export Passwords
Firefox: Menu → Passwords → ⋮ → Export Logins
Use the Generic CSV format in SPCTR — the column mapper handles each browser's naming differences.
iPhone/iPad (iOS 17+): Settings → Passwords → ⋮ → Export Passwords → save CSV → import into SPCTR as Generic CSV
Mac (Ventura+): System Settings → Passwords → ⋯ → Export All Passwords
- vault.bitwarden.com → Tools → Export Vault → JSON (not encrypted)
- In SPCTR Vault: Import → Bitwarden JSON
- In SPCTR TOTP: Import → Bitwarden JSON (TOTP entries extracted separately)
- 1Password desktop → File → Export → All Items → CSV format
- SPCTR: Import → 1Password CSV
- KeePass → File → Export → KeePass XML 2.x
- SPCTR: ⬆ Import → KeePass XML
- Google Authenticator → ⋮ → Export accounts → authenticate → select accounts
- SPCTR TOTP: ⬆ Import → Google Authenticator → scan the export QR
Duplicates are automatically detected and skipped. After import, SPCTR shows a summary: "Imported 12 entries · 3 duplicates skipped".
SPCTR's servers have no ability to read your data — even under legal compulsion or a breach. Your encryption key is derived from your master password on your device and never transmitted. Only encrypted output is ever sent to servers.
Free tier: nothing. No analytics, crash reporting, IP logging, or fingerprinting. With an account: email address, encrypted vault blobs (unreadable by us), subscription status, mask configs (not content).
Minimal permissions required. Camera is the only optional permission, used exclusively for QR scanning. Requested per-scan, released immediately, never background.
The vault is encrypted with AES-256-GCM and stored in your browser's IndexedDB — not localStorage. Plus and Pro accounts also sync an encrypted copy to Supabase:
- IndexedDB (all tiers) — AES-256-GCM encrypted blob in your browser's offline database, protected by a rotating Data Encryption Key (DEK). Survives tab closes, browser restarts, and cache-clearing.
- Cloud Sync (Plus/Pro) — the same encrypted blob pushed to Supabase. The server sees only ciphertext, never the DEK or master key.
- Key Rotation — the DEK rotates on a random 14–45 day schedule, immediately on breach detection, or on demand from Settings. Your master password never changes.
Your master password never leaves your device. The encrypted blob is useless without it. Clearing Cloudflare's CDN cache only affects static app files (HTML/JS) — vault data in your browser and Supabase is never touched.
Open DevTools → Network tab while using SPCTR — you'll see zero requests during local operations. Core crypto primitives are implemented in standard Web Cryptography API calls, visible in the page source. A third-party privacy audit is scheduled before public launch.
An attacker who steals the database sees only encrypted ciphertext — useless without your key. They also see account email addresses and subscription status. They do not see your passwords, TOTP secrets, or any vault content.
If legally compelled, we could only provide encrypted ciphertext we cannot decrypt, plus account metadata. We cannot provide vault contents because we do not have the decryption key. Mathematical guarantee, not just policy.
| Feature | SPCTR | Bitwarden | 1Password | LastPass |
|---|---|---|---|---|
| Password vault | ✓ | ✓ | ✓ | ✓ |
| TOTP authenticator built-in | ✓ | ~ | ~ | ✗ |
| Email masking built-in | ✓ | ✗ | ✗ | ✗ |
| Breach checking built-in | ✓ | ✗ | ~ | ~ |
| Zero-knowledge encryption | ✓ | ✓ | ✓ | ✗ |
| Free tier (multi-device) | ✓ | ✓ | ✗ | ✗ |
| Free tier price | Free | Free | — | Free* |
| Paid tier price | $3.99/mo | $10/yr | $3/mo | $3/mo |
| Open source | ~ | ✓ | ✗ | ✗ |
| Browser autofill extension | ✓ | ✓ | ✓ | ✓ |
| QR code TOTP scanning | ✓ | ✓ | ✓ | ✗ |
| Cross-device sync | ✓ Plus+ | ✓ | ✓ | ✓* |
| Export your data | ✓ | ✓ | ✓ | ~ |
| Server breach history | ✓ | ✓ | ✓ | ✗ |
| Custom email domain | ~ Soon | ✗ | ✗ | ✗ |
✓ included ~ partial/paid only ✗ not available
Fixed. Vault data is encrypted with AES-256-GCM and persisted in IndexedDB — your browser's offline database, which is more durable than localStorage and is not cleared by normal cache-clearing operations. Your data survives tab closes and browser restarts. Exception: private/incognito sessions always wipe local storage on close — see the Private Browsing FAQ above. Export your data at any time via the Export button in the vault toolbar.
A Manifest V3 (Chrome/Edge/Brave) and MV2 (Firefox) browser extension is available. It provides vault access and TOTP codes without opening the full web app. Download it from the Downloads page. Full autofill support is still in development.
A native desktop app (Windows, macOS, Linux) built on Electron is available from the Downloads page. Native iOS and Android mobile apps are planned for a future release. In the meantime, the web app works on all mobile browsers and can be added to your home screen as a PWA.
HMAC-SHA1 covers the vast majority of services. SHA-256/SHA-512 TOTP support is on the roadmap. SPCTR will warn if a non-SHA1 algorithm is detected in a QR code.
Both apps deliberately lock TOTP secrets with no export. The only path is to visit each service's 2FA settings, disable existing 2FA, and re-scan the new QR code into SPCTR.
Yes. App Lock is a Plus and Pro feature. Free accounts can use all tools without a PIN — the protection model for free users is based on the initial account login encryption (your master password protects your vault at rest). App Lock adds an additional session-level PIN layer on top of that, which is available on paid plans.
To enable App Lock, upgrade to Plus or Pro and then toggle it on in Settings.
- Password Generator — unlimited use, 7-password session history
- TOTP Authenticator — up to 5 accounts
- Email Masks — 1 mask at @spctrmail.com (random address only)
- Password Vault — up to 10 entries, AES-256-GCM encrypted
- Breach Check — unlimited password and email checks
- Email support
- Help & Documentation — full in-app help section
- Unlimited vault entries
- Unlimited TOTP accounts
- 10 email masks (random address only)
- Email support
- Cross-device encrypted sync
- Unlimited email masks with custom prefix (Plus includes 10 random-only)
- Custom email mask domain (coming soon)
- Priority email support
- Everything else in Plus including cross-device sync
Yes. Monthly, no contract. Cancel from account settings anytime. Retain access until end of billing period, then revert to free limits. Vault data retained for 90 days after downgrade.
- Web: Credit/debit card (via Stripe)
- Native app billing (Apple Pay, Google Pay) will be available when iOS and Android apps launch
SPCTR does not store payment information — all billing is handled by Stripe.
SPCTR is a zero-knowledge application. Security does not rely on trusting the server — it relies on cryptographic guarantees enforced on your device:
- AES-256-GCM encryption — all vault, TOTP, and mask data is encrypted before it leaves your browser. A fresh random 96-bit IV is generated per write.
- PBKDF2-SHA256 key derivation — 310,000 iterations on web and extension. Your master password is never transmitted or stored anywhere.
- Non-exportable CryptoKey — the vault key is held in memory only and marked non-exportable. It cannot be extracted by scripts or extensions.
- Row-Level Security (RLS) — every Supabase table enforces per-user access. No user can read another user's data, even with a valid session token.
- Service key server-side only — the Supabase service key (admin privileges) never appears in client code. It lives in Netlify environment variables only.
- No plaintext fallback — if the vault key is missing, write operations are blocked entirely. Data is never written unencrypted.
Yes — the JavaScript is readable in page source. SPCTR's security model does not rely on hiding the code. Reading the source reveals the encryption algorithm and key derivation logic, but gives an attacker nothing exploitable. The encryption key is derived from your master password on your device and never transmitted — so knowing the algorithm does not help decrypt your data.
No. The anon key is designed to be public — it is Supabase's documented architecture. It only grants the permissions that Row-Level Security policies allow, which means: no access to any data without a valid authenticated session. An attacker with the anon key cannot read any user data.
In a full database breach, an attacker would obtain:
- Account email addresses — visible in the profiles table
- Subscription tier — free, plus, or pro
- Encrypted blobs — AES-256-GCM ciphertext, useless without the master password
They would not obtain passwords, TOTP secrets, vault entries, or any readable content. The master password is never stored anywhere on SPCTR's infrastructure.
Account deletion is permanent and satisfies GDPR Article 17 (Right to Erasure). When you delete your account from Settings, all data is removed in order: trusted devices, login events, encrypted sync blobs, email masks, profile record, and finally the auth account itself. You are required to type DELETE to confirm — this cannot be undone.
When creating an account, you must read and acknowledge the Terms of Service, Privacy Policy, and Acceptable Use Policy, and confirm you are 13 or older. The timestamp of your agreement is recorded in the database alongside your account. This satisfies GDPR consent requirements and our own Terms of Service.