Chamber v1.0 is here! 🎉 Discover a new way of privacy
About
Privacy Policy

Privacy Policy

Last updated: 2025-10-02

1. Introduction

This Privacy Policy explains how Chamber (“Software”) handles your (“User”) information. We respect your privacy and are committed to transparency. By using the Software, you acknowledge to have read, understood and agreed with the points laid here.

This Privacy Policy applies regardless of license type (personal or commercial).

2. Data We Do Not Collect

  • We do not collect or transmit your vault contents, file names, or any personal files stored on your computer.
  • All activity related to the file contents stored in any vault created by the user are stored only locally on the computer and is not transmitted to any other computer
  • Vault settings (including vault IDs) are stored inside your vault, not on our servers.

3. Data We Collect

  • Telemetry: Basic usage statistics is sent periodically. It may also include resource consumption metrics, and error reports. The pieces of data that we collect are limited to metadata about the program and the Vault Public ID (described below). Metadata includes the operating system and the CPU architecture type of the machine on which the Software is running, the version and edition of the Software. The IP address from which the telemetry data is sent is detected, recorded and stored on the server automatically.
  • Vault Identifier(s): Every Chamberfile (the Vault) recieves a unique identifier (the Vault ID) which is mixed with the password supplied by the user to generate the encryption key which is then used to encrypt the data contained in the vault (this is done to avoid the shared key reuse scenario). Since the Vault ID is part of the security mechanism, we cannot transfer it over to server. For this purpose, we pass the Vault ID through a one-way hashing function (SHA256 as of this writing) to derive another unique ID which we called the Vault Public ID. It is practically impossible to derive the Vault ID from its Public ID. We use this Vault Public ID to uniquely identify the vault for telemetry purposes without sending over anything related to the vault.

4. How We Use Data

  • To monitor and improve performance and reliability.
  • To monitor usage and distribution and patterns of usage to understand required focus areas.
  • To display ads or informational content.

5. Data storage and security

Chamber creates the vault locally on the user’s computer. The file data that is uploaded into the Chamberfile is encrypted before storing them on disk. Some pieces of data such as the password hint, the file names, the Vault ID and some settings are not in the encrypted format. This is done to provide the services offered by the Software. Work is underway to minimise the number and type of data that are stored in their plaintext format.

The encryption algorithm used to encrypt (or decrypt) the data is AES-256. The key is derived using both the user-supplied password as well as the Vault ID (described above). The algorithm to derive the encryption key from the user-supplied password and the Vault ID is Argon2id.

The Software does not try to upload, duplicate or transmit in any form any of the file data, its names, hashes or any other metadata to any other person or computer by any means without explicit user permission or request. However it is still possible for the user to backup the Chamberfile to another computer of his choice (including but not limited to any online backup solutions, network attached storage devices, external storage devices) by any means the user desires. The Authors disclaim the responsibility of any consequences arising from such a transfer to another computer. Furthermore, the Authors or Chamber may not be held responsible for any data theft arising due to a cybersecurity attack on the machine where the Software runs, or the Vault file is stored.

6. Data Sharing and Disclaimer

We do not sell or share your personal data with third parties. Ads and content delivery are not based on vault contents. Furthermore, the telemetry data is never voluntarily shared with anyone for any purposes whatsoever.

In any circumstances the user, and user alone is responsible for the legality of usage of the Software in accordance with all applicable laws for the use-case. The author disclaims all liability towards any kind of illegal activity.

Last updated on
ContactTerms of Use