Privacy Policy

Last updated: February 2026

1. Information We Collect

Continuum collects the minimum information necessary to provide our secure digital vault service. This includes your name, email address, and encrypted vault data. We use zero-knowledge end-to-end encryption, meaning we cannot access your vault contents.

2. How We Use Your Information

  • Account authentication and session management
  • Sending service-critical emails (password resets, emergency alerts, check-in reminders)
  • Processing payments through Stripe (we never store card details)
  • Improving service reliability through anonymized error monitoring

3. Zero-Knowledge Encryption

Your vault data is encrypted client-side using AES-256-GCM with keys derived from your master password via PBKDF2 (600,000 iterations). Your encryption keys never leave your device in plaintext. Continuum staff cannot decrypt or access your stored information.

4. Data Sharing

We do not sell, trade, or rent your personal information. Data is shared only with:

  • Stripe — Payment processing
  • Your designated emergency contacts — Only when triggered by your configured rules
  • Law enforcement — Only when legally compelled, and we can only provide encrypted data

5. Your Rights (GDPR / CCPA)

You have the right to:

  • Access — Export all your data from Settings
  • Rectification — Update your personal information at any time
  • Erasure — Delete your account and all associated data
  • Portability — Download your vault in encrypted format
  • Opt-out — Manage notification preferences; we do not sell personal data

6. Data Retention

Account data is retained while your account is active. Upon deletion, personal data is purged within 30 days. Audit logs required for security are retained for up to 7 years. Encrypted vault data is permanently deleted upon account deletion.

7. Cookies

We use essential cookies only: authentication tokens (httpOnly, secure) and CSRF protection tokens. We do not use tracking cookies, analytics cookies, or third-party advertising cookies.

8. Security Measures

We employ industry-standard security practices including end-to-end encryption, bcrypt password hashing, TOTP multi-factor authentication, tamper-evident audit logs, rate limiting, and regular security assessments.

9. Contact

For privacy-related inquiries, contact us at privacy@continuum.app

Continuum — Your Life, Secured