Privacy policy
Last updated 14 July 2026
Lowkey exists to keep things private, so this policy aims to be short and literal. It covers the Lowkey desktop app and this website.
What we collect
- Account data. Your email address, a password (stored only as a hash by our authentication provider), and any profile details you choose to add in settings, such as a display name.
- Sign-in records. Our authentication provider keeps standard records of sign-ins (timestamps, IP address) to keep accounts secure.
What we deliberately don’t collect
- Your browsing history, open tabs, or the contents of pages you visit.
- Keystrokes, screenshots, or recordings of any kind.
- Analytics or behavioral tracking inside the app.
Browsing in Lowkey happens entirely on your device. The sites you visit see your traffic the same way they would from any browser; we are not in that path.
Where data lives
Account data is stored with Supabase, our authentication provider. Your session token is stored encrypted on your own machine. This website does not set marketing or analytics cookies.
Sharing
We don’t sell or share your data with anyone, except the service providers named above, or if the law compels us.
Changes
If this policy changes in a way that matters, we’ll note it here with a new date above.