TL;DR: We do our best to respect your privacy!

Website Privacy Policy

This website, "" and any subdomains such as "" (collectively referred to as the "Site") is owned and operated by Passbolt SARL ("we", "us" or "Passbolt"). By using and accessing our Site, you ("you", "user" or, "end user") agree to the terms of our Privacy Policy (collectively, the "privacy policy").

This Privacy Policy is effective with respect to any data that we’ve collected, or collect, about and/or from you on the Website, according to our Website Terms of Service.


We define ‘Personal Information’ (which refers with no exception to, “your information”) in the following manner:

Any information that you provide to us about yourself while using the service that could help someone else identify you as an individual entity. This may include information such as your name, phone number, location, IP address, system locale and preferences, picture, public key information, etc.

We define the following subdomain of the Website "" as “Demo Site”. We defined the the following subdomain as "Forum" or "Community Forum".

We define as "Products" Passbolt downloadable Software products, such as Passbolt web extension or API server.

Do you have a question about this privacy policy? Get in touch!

contact us

Cookies and Tracking


A cookie is information stored on your computer by a website you visit. This Site use cookies for two purposes:

  • Sessions, e.g. to provide you with the functionality that keeps you logged in or to make sure your preferences are carried forward.
  • For analytics (see next section). We do not use cookies to track you on third party sites.


We use Piwik to collect information about your usage of the Site, such as which page you visited, how long you stayed on the Site, etc. It is possible for you to opt-out of this analytics tracking by enabling your browser's " Do Not Track" preference.

Demo Site application logs

The Demo Site itself collect information about your usage, such as when you created or edited a password, when you posted a comment, when you triggered a system error, etc. This is needed to provide functionalities such as access and control logs within the application. You should setup your own test environment if you are not comfortable with this.

Forum application logs

The Community Forum may use cookies to personalize or enhance your user experience and does collect information about your usage, such as your Internet protocol address, the kind of browser or computer you use, number of links you click within the site, state or country from which you accessed the site, the date and time of your visit, the name of your Internet service provider, the web page you linked to our site from, pages you viewed on the forum. See discourse privacy policy for more information

Cookie and Tracking (Summary)

Respect "Do Not Track"

No tracking on 3rd party sites

We keep usage logs on demo site

Community forum usage logs

Social buttons

To protect you from third party tracking, we do not include any third party javascript application such as “facebook like” or “google +1” buttons on this Site.

Cookie and Tracking (Summary)

No 'social button' tracking

Our use of your personal information

We may use your personal information only for one or more of the following purposes:

To give you access to the Products or Service. For example, if you register to the demo section of the Site we may send you a link by email to activate your account. For example if you subscribe to Passbolt Pro Edition we will send you an email with instructions on how to get started.

To notify you about any activity within the Service. For example if you are using the demo section of the Site and if another user shares a password with you, we may send you an email notification.

To provide you with support. For example, if you leave your personal information by email or the Forum, we may contact you back to help you solve your issues or answer your questions.

To promote our services. For example, if we think you might benefit from using another Products or Service we offer, or if we think an information about a change in the current Service is relevant for you, we may contact you to tell you about it.

To bill and collect money owed to us. This includes communications with regards to invoices, receipts, payment statuses and processing issues.

Disclosure of personal information

We may disclose your Personal Information for one or more of the following purposes:

To provide you with the Service. For example, if you register on the Demo Site other people will be able to see the email address and name you used to register and will be able to share information with you.

To meet legal requirements. In the event we are to comply with court orders and valid subpoenas or to defend a court, arbitration, or similar proceeding.

To provide information to representatives and advisors. These include engineers, attorneys and accountants, who help us comply with legal, accounting, or security requirements.

To transfer your information in the case of a sale, merger, consolidation, or acquisition, any acquirer will be subject to our obligations under this privacy policy, including your rights to edit and delete your personal data. We will notify you of the change either by sending you an email or posting a notice on our Web site, so that you can opt-out if you wish to do so.

Cookie and Tracking (Summary)

Limited use of personal data

Personal data visible on demo site

3rd Party Access

We will not give, sell, rent or loan any personal information to any third party. The following third parties may have access to your personal data under certain conditions.


Our organization is registered in Luxembourg. We are therefore subject to luxembourgish and european legislative texts on data protection and privacy.

Our organization relies on services (such as hosting, help desk and newsletters) provided by companies registered in the USA. They are obliged to provide access to notices pursuant to judicial, regulatory or other governmental orders or requests valid in USA.

Hosting provider

We primarily use Google Cloud Platform to host our websites.
See GCP terms and conditions.

Newsletter provider

We use Mailchimp to send newsletters.
See Mailchimp legal framework.

Help desk provider

We use GrooveHQ to provide support by email or on social networks.
See GrooveHQ privacy policy.

Analytics provider

We use Piwik Cloud Pro for analytics.
See the privacy section in the Piwik terms of services.

Surveys provider

We use typeform for some of our surveys.
See the privacy section in the Typeform terms of services.

Forum provider

We use discourse to run the community forum.
See Discourse privacy policy.

Payment provider

We use Stripe to process payments.
See Stripe privacy policy.

Invoices and billing history provider

We use Zoho Books to provide you with invoices, receipts and billing history.
See Zoho privacy policy.

3rd party access (Summary)

European laws apply

Digital Millennium act apply

Transparency of 3rd party services

Deleting, editing and accessing your personal information

You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.

You can stop receiving Demo notification emails by deleting your account in the demo section of our Site. To delete your account send us an email at: (in the future we will allow you to delete your account from your profile page).

We can also give you access to any personal information that we hold within 60 days of any request you make by contacting us:

Information security

We work hard to prevent unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:

  • We aim to encrypt all of our services using SSL.
  • We regularly review our information collection, storage and processing practices, to guard against unauthorized access to systems.
  • We restrict access to personal information to employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations.

Date of Last Update

This privacy policy was last updated on 06th of April 2017.

Last changes summary: added information about payment and invoicing services.

Deleting data (Summary)

You can request access to your data

You can delete your data